Closed shashank-elastic closed 3 weeks ago
The following rules are in development mode that need removal from security docs
We also a PR to correct the source population that needs testing - https://github.com/elastic/detection-rules/pull/4073, but the above docs PR can move independently of these.
Describe the Bug
User Report in Community Channel
Does anyone know if there is a delay between Elastic announcing a rule and its release? For instance, this rule: https://www.elastic.co/guide/en/security/8.14/microsoft-365-mass-download-by-a-single-user.html suggests that it is part of 8.14, but our 8.14.3 cluster does not have it as an available rule to install. I also checked the elastic rule repo: https://github.com/elastic/detection-rules/tree/main/detection_rules and it doesn't appear in there either.
To Reproduce
Expected Behavior
The Fix can happen in 2 parts
Screenshots
No response
Desktop - OS
None
Desktop - Version
No response
Additional Context
No response