valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-06 09:25:17 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update aws_suspicious_saml_activity.yml

Browse Source
This commit is contained in:
Austin Songer 2021-09-22 20:16:50 -05:00 committed by GitHub
parent d1337bbfbf
commit 6942b9c5e8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rules/cloud/aws_suspicious_saml_activity.yml
View File

@ -1,5 +1,5 @@
title: AWS Suspicious SAML Activity
id: f43f5d2f-3f2a-4cc8-b1af-81fde7dbaf0e
id: f43f5d2f-3f2a-4cc8-b1af-81fde7dbaf0e
description: Identifies when suspicious SAML activity has occurred in AWS. An adversary could gain backdoor access via SAML.
author: Austin Songer
status: experimental