issues
search
elastic
/
detection-rules
https://www.elastic.co/guide/en/security/current/detection-engine-overview.html
Other
1.92k
stars
492
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Refresh ECS, Beats manifest and schemas
#3993
shashank-elastic
closed
1 month ago
6
[New Rule] AWS Signin Single Factor Console Login via Federated Session
#3992
terrancedejesus
closed
1 month ago
1
[New Rule] First Occurrence AWS STS Temporary Credential Request by User
#3991
terrancedejesus
closed
1 month ago
2
[FR] Add Better Error Handling for CUSTOM_RULES_DIR
#3990
eric-forte-elastic
closed
1 month ago
1
[FR] Add Cleaner Error Handling for Improper CUSTOM_RULES_DIR Directories
#3989
eric-forte-elastic
closed
1 month ago
0
[New Hunt] Add AWS Hunting Queries to Shared Hunting Library
#3988
terrancedejesus
closed
1 month ago
1
[FR] Fail Earlier on min_compat validation
#3987
Mikaayenson
closed
1 month ago
5
[FR] Add Alert Suppression for Addtional Rule Types
#3986
Mikaayenson
closed
1 month ago
2
[FR] [DAC] Add Support for Known Types to Auto-generated Schemas
#3985
eric-forte-elastic
closed
1 month ago
3
[Bug] [DAC] Fix Kibana action connector export to export details with action connectors
#3984
eric-forte-elastic
closed
1 month ago
1
Fix Attribute Issue in RTA common.py
#3983
shashank-elastic
closed
1 month ago
1
react_sync_rta_updates_3830
#3982
protectionsmachine
closed
1 month ago
3
Fix Windows File Path for RTA schtask_escalation
#3981
shashank-elastic
closed
1 month ago
1
[FR] [DAC] Auto Gen Schema Create Nested Directories
#3980
eric-forte-elastic
closed
1 month ago
1
Test addition of Platform for MITRE Data
#3979
shashank-elastic
closed
1 month ago
2
[Rule Tuning] Remote Execution via File Shares
#3978
janniten
closed
3 weeks ago
0
Configure Renovate
#3977
elastic-renovate-prod[bot]
opened
2 months ago
0
[Rule Tuning] Fix missing Winlogbeat index
#3976
w0rk3r
closed
2 months ago
1
[Rule Tuning] LSASS Process Access via Windows API
#3975
w0rk3r
closed
1 month ago
1
[Rule Tuning] Removing Minimum Stack Compatibility
#3974
terrancedejesus
closed
2 months ago
1
[FR] Add additional platforms for MITRE Attack Navigator Filter
#3973
shashank-elastic
closed
1 month ago
3
[Rule Tuning] Attempt to Disable IPTables or Firewall
#3972
Aegrah
closed
1 month ago
1
[Rule Tuning] Potential Disabling of AppArmor
#3971
Aegrah
closed
1 month ago
1
[Rule Tuning] System Log File Deletion
#3970
Aegrah
closed
1 month ago
1
[New Rule] Dynamic Linker Creation or Modification
#3969
Aegrah
closed
1 month ago
1
[Rule Tuning] Add System tag to DRs
#3968
w0rk3r
closed
2 months ago
1
Add Unit Test test_index_or_data_view_id_present
#3967
shashank-elastic
closed
1 month ago
1
[Rule Tuning] Include winlogbeat index in sysmon-related rules
#3966
w0rk3r
closed
2 months ago
1
[FR] Check for missing index field.
#3965
shashank-elastic
closed
1 month ago
0
[Rule Tuning] Suspicious PrintSpooler Service Executable File Creation
#3964
w0rk3r
closed
2 months ago
1
[Rule Tuning] Windows File-based Rules Tuning
#3963
w0rk3r
closed
2 months ago
1
[FR][DAC] Consideration: Support Bulk Actions
#3962
Mikaayenson
opened
2 months ago
0
Lock versions for releases: 8.10,8.11,8.12,8.13,8.14,8.15
#3961
github-actions[bot]
closed
2 months ago
1
Fix Version Bump for Related Integrations
#3960
shashank-elastic
closed
2 months ago
1
Lock versions for releases: 8.10,8.11,8.12,8.13,8.14,8.15
#3959
github-actions[bot]
closed
2 months ago
1
[Rule Tuning] Windows Registry Rules Tuning - 2
#3958
w0rk3r
closed
2 months ago
1
[Rule Tuning] Windows Registry Rules Tuning - 1
#3957
w0rk3r
closed
2 months ago
1
[Rule Tuning] Hosts File Modified
#3956
tehbooom
closed
2 months ago
1
[DaC] [FR] Ndjson support for action connectors
#3955
eric-forte-elastic
closed
2 months ago
3
[Rule Tuning] Accepted Default Telnet Port Connection
#3954
w0rk3r
closed
2 months ago
1
[Rule Tuning] AWS S3 Object Versioning Suspended
#3953
w0rk3r
closed
2 months ago
1
react_sync_rta_updates_3808
#3952
protectionsmachine
closed
2 months ago
1
react_sync_rta_updates_3804
#3951
protectionsmachine
closed
2 months ago
1
[Rule Tuning] AWS S3 Object Versioning Suspended
#3950
tttttx2
closed
2 months ago
1
[DaC] [FR] End to end testing and feedback improvements
#3949
eric-forte-elastic
closed
2 months ago
1
[Rule Tuning] Simple KQL to EQL Conversion
#3948
w0rk3r
closed
2 months ago
1
[Rule Tuning] Sensitive Registry Hive Access via RegBack
#3947
w0rk3r
closed
2 months ago
1
[New Rule] Outlook Home Page Registry Modification
#3946
w0rk3r
closed
2 months ago
1
react_sync_rta_updates_3797
#3945
protectionsmachine
closed
2 months ago
1
react_sync_rta_updates_3795
#3944
protectionsmachine
closed
2 months ago
1
Previous
Next