github-actions[bot]
commented
3 months ago :scream: looks like some things could be wrong with the packs
[INFO][root]: ignoring file dependabot.ymlClosed arielkr256 closed 2 months ago
github-actions[bot]
commented
3 months ago :scream: looks like some things could be wrong with the packs
[INFO][root]: ignoring file dependabot.yml
ben-githubs
commented
3 months ago Found a set of other mappings that don't match this pattern. Do we need to update these too?
queries/aws_queries/aws_potentially_compromised_service_role.yml
T1528
correlation_rules/okta_login_without_push.yml
T1212
T1539
correlation_rules/aws_privilege_escalation_via_user_compromise.yml
T1098.001
correlation_rules/aws_potentially_compromised_service_role_cr.yml
T1528
correlation_rules/aws_user_takeover_via_password_reset.yml
T1098.001
correlation_rules/secret_exposed_and_not_quarantined.yml
T1552.001
correlation_rules/potential_compromised_okta_credentials.yml
T1212
T1539
rules/crowdstrike_rules/event_stream_rules/crowdstrike_api_key_created.yml
T1098.001
rules/crowdstrike_rules/event_stream_rules/crowdstrike_api_key_deleted.yml
T1531
T1070
rules/gcp_k8s_rules/gcp_k8s_pod_create_or_modify_host_path_vol_mount.yml
TA0001
TA0002
arielkr256
commented
3 months ago Good catch! Updated.
Background
When MITRE ATT&CK techniques are added in
T####format instead ofTA####:T####it breaks the UI. See this PR for more detailsChanges
Testing