Closed asjadathick closed 4 years ago
@asjadathick - left some comments for you in your blogpost; let me know if you think we need to add some lines to the detections. Otherwise, 👍
@nich07as I just added a paragraph on the volume of actions. Let me know what you think
Reviewed the blogpost entry and edited the verbiage. Looks good! Merging.
This PR adds SIEM rules with IOCs from the aforementioned advisory. The rules are referenced in a blog post (https://github.com/elastic/blog/issues/1212)