issues
search
chronicle
/
detection-rules
Collection of YARA-L 2.0 sample rules for the Chronicle Detection API
https://chronicle.security
Apache License 2.0
275
stars
66
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Adding a rule to detect network connections to Tor Exit Nodes.
#19
copybara-service[bot]
closed
1 year ago
0
Addition of Google Workspace rule
#18
R1shal1n
closed
2 years ago
0
Google Workspace, adding a detection rule for non-native domain user added.
#17
copybara-service[bot]
closed
2 years ago
0
Update workspace_user_granted_admin_privilege.yaral
#16
wfu-linuxadmin
opened
2 years ago
1
Internal change
#15
copybara-service[bot]
opened
2 years ago
0
Added suspicious_rtlo_executable_file
#14
ag-michael
closed
2 years ago
0
update gcp_gcs_public_accessible
#13
fflurcodes
opened
2 years ago
0
Sliver Rules
#12
gssincla-g
closed
2 years ago
0
Addition of Sliver YARA rules.
#11
gssincla-g
closed
2 years ago
0
Sliver Rules
#10
gssincla-g
closed
2 years ago
0
fix: Add missing quotation mark to gcp_firewall_rule_changes.yaral
#9
jacks-reid
closed
2 years ago
0
Additional GCP and Workspace detection rules.
#8
goog-cmmartin
closed
2 years ago
1
initial set of gcp rules
#7
rixgh
closed
2 years ago
0
Fix bug #5 - update doc'n and samples links
#6
daabr
closed
2 years ago
0
Detailed instructions URLs are no longer valid
#5
dev-tty
closed
2 years ago
2
Minor fixes in README files
#4
daabr
closed
3 years ago
0
Adding SOC Prime Rules to the repository and updating README file.
#3
rtwhite-chronicle
closed
3 years ago
0
New manual test + unit test + CI config
#2
daabr
closed
3 years ago
0
Fix UDM field
#1
daabr
closed
3 years ago
0
Previous