issues
search
panther-labs
/
panther-analysis
Built-in Panther detection rules and policies
https://panther.com/
Apache License 2.0
339
stars
173
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
Release 3.68.0
#1432
le4ker
closed
2 days ago
0
Fix Standard.SignInFromRogueState for Unenriched Events
#1431
ben-githubs
closed
3 days ago
1
Merge main into develop
#1430
le4ker
closed
3 days ago
1
Revert "EKS Anonymous API Access Detection Rule (#1405)"
#1429
le4ker
closed
3 days ago
1
Okta AD/LDAP Delegated Authentication - Username Above 52 Characters Security Advisory
#1428
arielkr256
closed
3 days ago
1
Make check-packs action work
#1427
ben-githubs
closed
3 days ago
1
THREAT-318: Standard.SignInFromRogueState
#1426
ben-githubs
closed
3 days ago
1
THREAT-411 ZIA AdminAuditRules - Password, Log, Backup
#1425
akozlovets098
closed
2 days ago
0
Update TrailDiscover data
#1424
akozlovets098
closed
4 days ago
0
THREAT-408 `Notion.Many.Pages.Deleted` -> Scheduled Rule
#1423
ben-githubs
closed
2 days ago
0
Refactor `panther_azuresignin_helpers.actor_user` to use imported `deep_get`
#1422
ben-githubs
closed
4 days ago
1
ASK-928 tuning Zendesk.UserRoleChanged
#1421
akozlovets098
closed
4 days ago
0
Update CONTRIBUTING.md
#1420
le4ker
closed
1 week ago
0
build(deps): bump thollander/actions-comment-pull-request from 3.0.0 to 3.0.1
#1419
dependabot[bot]
closed
1 week ago
0
fixing ruleID typo on gcp_k8s_pod_create_or_modify_host_path_vol_mount.yml
#1418
jzandona
closed
4 days ago
1
Adjust CR Schedules and Lookbacks
#1417
ben-githubs
closed
1 week ago
0
s3 bucket confused deputy attack
#1416
bcpenta
closed
4 days ago
1
THREAT-403 Create rules for User, Administrator, and Role Management based on test cases
#1415
akozlovets098
closed
1 week ago
1
Fix Wiz Audit Log Titles for Service Account Actors
#1414
jpts
closed
1 week ago
0
Fix event dict typing
#1413
arielkr256
closed
1 week ago
0
Prep for v3.68
#1412
arielkr256
closed
2 weeks ago
0
fix typo in Makefile
#1411
glenn-sq
closed
2 weeks ago
3
build(deps): bump actions/setup-python from 5.2.0 to 5.3.0
#1410
dependabot[bot]
closed
2 weeks ago
0
build(deps): bump actions/checkout from 4.2.1 to 4.2.2
#1409
dependabot[bot]
closed
2 weeks ago
0
Adding Some Snowflake Behavioral/Anomaly Scheduled Queries
#1408
ben-githubs
closed
4 days ago
2
Gha improvements
#1407
arielkr256
closed
2 weeks ago
1
Update gsuite_workspace_calendar_external_sharing.py
#1406
dvaliotis
closed
3 weeks ago
0
EKS Anonymous API Access Detection Rule
#1405
bcpenta
closed
1 week ago
1
feat: include accountId in aws_guardduty_context
#1404
pbnj-dragon
closed
2 weeks ago
0
`aws_guardduty_context` helper function does not include `accountId` in the alert context
#1403
pbnj-dragon
closed
2 weeks ago
0
feat: add requestParameters
#1402
pbnj-dragon
opened
3 weeks ago
2
Consider adding `requestParameters` to `aws_rule_context()` helper
#1401
pbnj-dragon
opened
3 weeks ago
0
Update style guide reference
#1400
emmanuel-ferdman
closed
2 weeks ago
0
Add AWS WAF WebACL Has Associated Resources policy
#1399
bcpenta
closed
2 weeks ago
0
Release v3.67
#1398
le4ker
closed
3 weeks ago
0
Update PAT to `0.54.0`, and minor change to test action
#1397
ben-githubs
closed
3 weeks ago
0
Update Internal Automations
#1396
ben-githubs
closed
3 weeks ago
4
Allow 'applicationName=login` for `GSuite.ExternalMailForwarding`
#1395
ben-githubs
closed
3 weeks ago
2
ASK-833 `GSuite.Drive.ExternalFileShare` sender-receiver pairs in EXCEPTION_PATTERN
#1394
akozlovets098
closed
3 weeks ago
3
Add AWS WAF Logging Configured Policy
#1393
bcpenta
closed
3 weeks ago
0
Migrate `AthenaQuery` and `SnowflakeQuery` to just `Query`
#1392
ben-githubs
closed
1 month ago
3
ThinkstCanary Rules
#1391
arielkr256
closed
1 month ago
3
Prepare for 3.66.0 (#1389)
#1390
akozlovets098
closed
1 month ago
2
Merge `main` changes to `develop` to prepare for 3.66.0
#1389
akozlovets098
closed
1 month ago
2
Prepare for 3.66.0
#1388
akozlovets098
closed
1 month ago
1
Convert Snowflake Scheduled Rules into Streaming Rules
#1387
ben-githubs
closed
1 week ago
3
Delete 'Snowflake.PublicRoleGrant' & query
#1386
ben-githubs
closed
1 month ago
1
build(deps): bump thollander/actions-comment-pull-request from 2.5.0 to 3.0.0
#1385
dependabot[bot]
closed
1 month ago
1
Add AlertTitle to rule_jsonschema.json
#1384
geoffg-sentry
closed
1 month ago
0
Fix linter error in gsuite_workspace_calendar_external_sharing.py
#1383
le4ker
closed
1 month ago
0
Next