Skip to content

Tags: othmane399/detection-rules

Tags

ML-Beaconing-20211216-1

Toggle ML-Beaconing-20211216-1's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode 
[Github Workflows] Only generate navigator files on push to main (ela…

…stic#1814)

* [Github Workflows] Only generate navigator files on push to main

* fix workflow logic syntax

ML-HostRiskScore-20220228-5

Toggle ML-HostRiskScore-20220228-5's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode 
Refresh ATT&CK to v10.1 (elastic#1791)

v8.1.0

Toggle v8.1.0's commit message 
Lock versions for releases: 7.13,7.14,7.15,7.16,8.0,8.1 (elastic#1781)

* Locked versions for releases: 7.13,7.14,7.15,7.16,8.0,8.1

(cherry picked from commit 5e073af)

integration-v1.0.2

Toggle integration-v1.0.2's commit message 
Lock versions for releases: 7.13,7.14,7.15,7.16,8.0,8.1 (elastic#1781)

* Locked versions for releases: 7.13,7.14,7.15,7.16,8.0,8.1

(cherry picked from commit 5e073af)

integration-v0.16.1

Toggle integration-v0.16.1's commit message 
Lock versions for releases: 7.13,7.14,7.15,7.16,8.0,8.1 (elastic#1781)

* Locked versions for releases: 7.13,7.14,7.15,7.16,8.0,8.1

(cherry picked from commit 5e073af)

ML-HostRiskScore-20220215-4

Toggle ML-HostRiskScore-20220215-4's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode 
[Rule Tuning] Sysmon Registry-based Rules Review & Fixes (elastic#1775)

* Initial Review of Sysmon Registry Rules

* Update defense_evasion_sip_provider_mod.toml

v8.0.1

Toggle v8.0.1's commit message 
Lock versions for releases: 7.13,7.14,7.15,7.16,8.0,8.1 (elastic#1768)

* Locked versions for releases: 7.13,7.14,7.15,7.16,8.0,8.1

* Trigger Build

* Remove change to trigger build

Co-authored-by: DefSecSentinel <DefSecSentinel@users.noreply.github.com>
Co-authored-by: Colson Wilhoit <48036388+DefSecSentinel@users.noreply.github.com>

(cherry picked from commit 8f36346)

v8.0.0

Toggle v8.0.0's commit message

Verified

This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode 
Revert "[Rule Tuning] Interactive Terminal Spawned via Python - Pytho…

…n3 and bypasses fix (elastic#1649)" (elastic#1731)

This reverts commit 625d1df.

integration-v1.0.1

Toggle integration-v1.0.1's commit message 
Add pyproject.toml and setup.cfg (elastic#1672)

* add pyproject.toml
* add setup.cfg

(cherry picked from commit 179ebb5)

integration-v0.14.3

Toggle integration-v0.14.3's commit message 
Lock versions for releases: 7.13,7.14,7.15,7.16 (elastic#1659)

* Locked versions for releases: 7.13,7.14,7.15,7.16

(cherry picked from commit a33de6b)