IOCs added for ACSC2020-008 security advisory

elastic / examples

Home for Elasticsearch examples available to everyone. It's a great way to get started.

Apache License 2.0

2.64k stars 1.24k forks source link

Closed asjadathick closed 4 years ago

asjadathick commented 4 years ago

This PR adds SIEM rules with IOCs from the aforementioned advisory. The rules are referenced in a blog post (https://github.com/elastic/blog/issues/1212)

nich07as commented 4 years ago

@asjadathick - left some comments for you in your blogpost; let me know if you think we need to add some lines to the detections. Otherwise, 👍

asjadathick commented 4 years ago

@nich07as I just added a paragraph on the volume of actions. Let me know what you think

nich07as commented 4 years ago

Reviewed the blogpost entry and edited the verbiage. Looks good! Merging.