search

panther-labs / panther-analysis

Built-in Panther detection rules and policies
https://panther.com/
Apache License 2.0
339 stars 173 forks source link

THREAT-387 Sublime Security Rules #1356

Closed akozlovets098 closed 1 month ago

akozlovets098 commented 2 months ago

Changes

Added Sublime Security Rules for such logs

github-actions[bot] commented 2 months ago

:scream: looks like some things could be wrong with the packs

[INFO][root]: ignoring file dependabot.yml
nhakmiller commented 1 month ago

I updated this to use the new log schema format for these rules.

nhakmiller commented 1 month ago

Also added a passthrough detection for the flagged message events.