valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 17:58:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
3,958 Commits 20 Branches 25 Tags 21 MiB
8d7152d489
Commit Graph

28 Commits

Author SHA1 Message Date
Mike Wade
57cae0ded1 Fixed reference typo 2020-09-13 22:07:43 -06:00
Mike Wade
52ab677798 Fixed my git issue 2020-09-13 22:03:04 -06:00
aw350m3
198e42d724 deleted extra spaces 2020-09-03 14:22:31 +00:00
aw350m3
b00047a4e8 att&ck tags review: application, apt, cloud, generic, proxy 2020-09-03 14:16:54 +00:00
Aidan Bracher
b61527d0b2 Added ATT&CK tactic 2020-07-18 02:42:10 +01:00
Aidan Bracher
161829a4c0 Added ATT&CK tactic 2020-07-18 02:41:48 +01:00
Aidan Bracher
147fd46157 Added ATT&CK tactic 2020-07-18 02:41:10 +01:00
Ivan Kirillov
0fbfcc6ba9 Initial round of subtechnique updates 2020-06-16 14:46:08 -06:00
pdr9rc
31ad81874f capitalized titles 
corrected capitalization of titles and removed literals from config
 2020-05-05 11:32:18 +01:00
Tiago Faria
dd85467a27
Update aws_ec2_vm_export_failure.yml 2020-05-02 00:13:55 +01:00
pdr9rc
9ce84a38e5 overrides section support + one example rule + cloudtrail config 
ditto
 2020-04-29 20:36:45 +01:00
faloker
6d9c8e44d7
Update rules titles 2020-02-12 23:09:16 +02:00
faloker
1b15dba712
Correct the indentation 2020-02-12 22:48:46 +02:00
faloker
f387cf0c37
Add the rule to detect changes to startup scripts 2020-02-12 22:23:18 +02:00
faloker
01d2f9f99d
Add the rule to detect backdooring of users keys 2020-02-12 22:22:38 +02:00
faloker
b26c5d8c51
Add rules to detect AWS RDS exfiltration 2020-02-12 22:21:52 +02:00
faloker
ddf5f8ec23
Update conditions 2020-02-12 22:20:15 +02:00
faloker
aacab37f84
Add a rule for guardduty trusted IPs manipulation 2020-02-11 23:28:23 +02:00
faloker
b6c834195e
Add a rule for ec2 userdata exfil 2020-02-11 23:25:54 +02:00
Florian Roth
05d7448a9a
Minor Changes 2020-01-29 20:25:46 +01:00
Florian Roth
d1357ddc50
Minor changes 2020-01-29 20:25:14 +01:00
Florian Roth
8a4f9ad7f8
Minor changes 2020-01-29 20:24:31 +01:00
Florian Roth
a6d7af270d
Added date 2020-01-29 20:23:40 +01:00
Florian Roth
56e1e6b13d
Lower case service name 2020-01-29 20:23:12 +01:00
Florian Roth
f1ce6ba6ad
Lowering level 
Lowering level to medium for events that can have a legitimate cause
 2020-01-29 20:22:34 +01:00
vitaliy0x1
5aa75a90fd added aws_root_account_usage.yml 2020-01-21 15:07:32 +02:00
vitaliy0x1
0d6642abd6 added aws_config_disable_recording.yml 2020-01-21 15:07:10 +02:00
vitaliy0x1
17c00d8a11 added aws_cloudtrail_disable_logging.yml 2020-01-21 15:06:44 +02:00