valitydev/SigmaHQ
14
0
Fork 0
mirror of https://github.com/valitydev/SigmaHQ.git synced 2024-11-07 09:48:58 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
7,548 Commits 20 Branches 25 Tags 21 MiB
ef6e0c5a4c
Commit Graph

9 Commits

Author SHA1 Message Date
Yugoslavskiy Daniil
5026438524 fix modified field 2020-08-25 01:29:57 +02:00
Yugoslavskiy Daniil
42c4079ed8 att&ck tags review: windows/builtin, windows/driver_load, windows/file_event, windows/image_load, windows/other 2020-08-25 01:09:17 +02:00
Florian Roth
d42e87edd7 fix: fixed casing and long rule titles 2020-01-30 17:26:09 +01:00
Florian Roth
e79e99c4aa fix: fixed missing date fields in remaining files 2020-01-30 16:07:37 +01:00
Thomas Patzke
0592cbb67a Added UUIDs to rules 2019-11-12 23:12:27 +01:00
yugoslavskiy
bb1c040b1b rules/windows/builtin/win_rdp_potential_cve-2019-0708.yml improved 2019-07-17 06:19:18 +03:00
Michael Wade
f70549ec54 First Pass 2019-06-13 23:15:38 -05:00
Florian Roth
323a7313fd
FP adjustments 
We have checked the False Positive rate in different environments and noticed these event IDs in cases in which systems had bad network connections / we accessed via VPN. Therefore we reduced the level to "high" and added that note to the "False Positives" list.
 2019-05-27 08:54:18 +02:00
Lionel PRAT
f65f693a88 Add rule for CVE-2019-0708 2019-05-24 10:01:19 +02:00