issues
search
panther-labs
/
panther-analysis
Built-in Panther detection rules and policies
https://panther.com/
Apache License 2.0
339
stars
173
forks
source link
issues
Newest
Newest
Most commented
Recently updated
Oldest
Least commented
Least recently updated
build(deps): bump docker/setup-buildx-action from 3.3.0 to 3.4.0
#1282
dependabot[bot]
closed
4 months ago
1
build(deps): bump docker/setup-qemu-action from 3.0.0 to 3.1.0
#1281
dependabot[bot]
closed
4 months ago
1
Push Security correlation rules
#1280
arielkr256
closed
4 months ago
2
correlation rules from AWS re:inforce
#1279
arielkr256
closed
4 months ago
1
Remove explorer/powershell relationship
#1278
geoffg-sentry
closed
4 months ago
1
Prepare for `3.56.0` release
#1277
le4ker
closed
4 months ago
1
Test open PR
#1276
le4ker
closed
4 months ago
0
Panos/update readme
#1275
le4ker
closed
4 months ago
0
Update .gitignore
#1274
le4ker
closed
4 months ago
0
latest traildiscover updates
#1273
arielkr256
closed
4 months ago
1
Update PAT to 0.51.0
#1272
egibs
closed
4 months ago
1
Prepare for `v3.55.0`
#1271
ben-githubs
closed
4 months ago
1
Remove unnecessary pipenv step
#1270
egibs
closed
4 months ago
1
Prepare for `v3.55.0`
#1269
egibs
closed
4 months ago
1
Edit: Downgrade Okta.Anonymizing.VPN.Login to INFO severity if Apple Relay used
#1268
ben-githubs
closed
4 months ago
1
remove greynoise luts
#1267
arielkr256
closed
5 months ago
1
Remove .husky directory
#1266
le4ker
closed
5 months ago
1
update snowflake queries with p_occurs_since
#1265
arielkr256
closed
5 months ago
1
update vscode schema to honor correlation rules
#1264
nskobov
closed
5 months ago
1
build(deps): bump actions/checkout from 4.1.6 to 4.1.7
#1263
dependabot[bot]
closed
5 months ago
1
improve error handling for dynamic functions
#1262
arielkr256
closed
5 months ago
1
Update PAT to 0.50.1
#1261
egibs
closed
5 months ago
1
Add initial Correlation Rules
#1260
egibs
closed
4 months ago
1
Update PAT to 0.50.0
#1259
egibs
closed
5 months ago
1
Push Security schema rename
#1258
arielkr256
closed
5 months ago
1
Snowflake Data Exfiltration CR
#1257
arielkr256
closed
4 months ago
3
Standard user creation fixes
#1256
JPhenglavong
closed
5 months ago
1
Using GITHUB_OUTPUT env var instead of old ::set-output shorthand
#1255
c0nfleis
closed
5 months ago
1
build(deps): bump step-security/harden-runner from 2.8.0 to 2.8.1
#1254
dependabot[bot]
closed
5 months ago
1
Fixed typo in README.md
#1253
JPhenglavong
closed
5 months ago
1
AWS Honeypot Detections threat-306
#1252
JPhenglavong
closed
5 months ago
1
Threat-315 Wiz Alert Passthrough
#1251
akozlovets098
closed
4 months ago
1
Tweak Snowflake queries
#1250
egibs
closed
5 months ago
2
Update panther-core to 0.10.1 via PAT
#1249
egibs
closed
5 months ago
0
Add saved queries for ongoing Snowflake threats
#1248
egibs
closed
5 months ago
0
Add saved queries for ongoing Snowflake threats
#1247
egibs
closed
5 months ago
0
THREAT-321 Auth0 CIC Credential Stuffing
#1246
arielkr256
closed
5 months ago
0
Use full Action SHAs rather than versioned releases
#1245
egibs
closed
5 months ago
0
Use harden-runner Action for all Workflows
#1244
egibs
closed
5 months ago
0
Small Workflow tweaks
#1243
egibs
closed
5 months ago
0
Threat 319 Replace geoinfo_from_ip with new version
#1242
akozlovets098
closed
5 months ago
0
Remove Node/NPM/Prettier
#1241
egibs
closed
5 months ago
0
Push logtype update
#1240
arielkr256
closed
5 months ago
0
Push Security pack
#1239
arielkr256
closed
6 months ago
0
Threat-274 OCSF data model, CloudTrail
#1238
akozlovets098
opened
6 months ago
0
Update aws_console_login_without_mfa.py
#1237
JPhenglavong
closed
5 months ago
2
fix: consider deny rules for ssh network acl policy
#1236
skeggse
closed
5 months ago
0
consistency nit fixes
#1235
kjihso
closed
6 months ago
0
move scheduled rules to the queries directory
#1234
arielkr256
closed
6 months ago
0
migrates the gcp_storage_hmac_keys_create rule to
#1233
arielkr256
closed
6 months ago
0
Previous
Next