valitydev/atomic-threat-coverage
14
0
Fork 0
mirror of https://github.com/valitydev/atomic-threat-coverage.git synced 2024-11-06 09:35:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
649 Commits 5 Branches 0 Tags 26 MiB
6fdfa69789
Commit Graph

36 Commits

Author SHA1 Message Date
sn0w0tter
fbcac39414 URL to subtechniques fixed 2020-10-07 00:26:25 +02:00
sn0w0tter
0f871c7d72 rules with subtechniques 2020-09-23 00:53:06 +02:00
sn0w0tter
82846bdf0d #192 for markdown, added powershell to default targets 2020-05-15 03:15:48 +02:00
Yugoslavskiy Daniil
4d79a25830 fix #173 2020-04-05 08:17:52 +02:00
Yugoslavskiy Daniil
f101bb07fd update confluence and md kb 2020-03-23 04:13:43 +01:00
yugoslavskiy
6aab9a3e07 fix #159 2020-02-17 00:22:47 +03:00
Yugoslavskiy Daniil
3dae842b40 update DN md template, fix #153 2020-01-14 10:12:24 +03:00
Wydra Mateusz
872d9f44c3 shootgin the foot for confluence, analytics regenerated 2019-09-13 11:35:20 +02:00
yugoslavskiy
9994762d2a all analytics have been rebuilt 2019-08-11 16:39:37 +03:00
yugoslavskiy
f278b6e4a0 - updated sysmon eid 1, 7, 17 and 18 (new fields) 
- updated dn calculation to take enrichments to account
- updated dr class and template for both md and confluence to print enrichments (finally sigma has a rule with a link to our enrichment, I've submitted PR it a month ago)
- updated dr temlates for both md and confluence to be more verbose — if there is no info, we put some info messsage, not just empty field
 2019-07-09 10:11:01 +03:00
yugoslavskiy
b15925d3a0 sysmon event id 22 (dns queries) added 2019-06-24 04:37:21 +02:00
Wydra Mateusz
d99f01b773 get rid of dot workaround for markdown, missing analitics added 2019-05-01 23:43:17 +02:00
Wydra Mateusz
80e29c836b refresh of analytics 2019-04-29 23:10:03 +02:00
Wydra Mateusz
86f88f6bb9 decrease verbosity 2019-04-01 21:15:31 +02:00
Wydra Mateusz
f4006e03bc Makefile updated, yamls2csv changed to work with customer entities, md files and analytics regenerated 2019-03-27 02:22:01 +01:00
Wydra Mateusz
fd90abb3ca cleanup 2019-03-25 22:59:09 +01:00
Yugoslavskiy Daniil
15cd52a53d issue #101 fixed 2019-02-21 00:26:09 +01:00
yugoslavskiy
023b158665 1st alpha release 2019-02-13 22:14:52 +01:00
yugoslavskiy
2ace74ddd7 rebuided md db with ned DN 2019-02-13 20:27:19 +01:00
Wydra Mateusz
712f70546f name of technique presented in trigger name for confluence, templates updates, makefile fixes 2019-02-13 18:28:15 +01:00
Wydra Mateusz
21e41e45a5 fixes for triggers, techniques url for markdown fixed 2019-02-13 01:04:13 +01:00
Wydra Mateusz
dfe08e01a3 technique name added to techniques in detection rules, attack_mapping.py used to store mappings to attack 2019-02-13 00:27:50 +01:00
yugoslavskiy
f79f50bec3 changed directories names 2019-02-12 04:55:11 +01:00
yugoslavskiy
884ae1abaa regenerated md kb 2019-02-12 04:12:30 +01:00
yugoslavskiy
3e23d02b1c Makefile: fixed typoes; added pivoting.csv; RP_2 excluded from rendering; 2019-02-12 01:32:37 +01:00
Wydra Mateusz
1e806591f0 code de-hardcoding, powershell events groundwork 2019-02-11 23:28:16 +01:00
mrblacyk
9eb3595723 Last markdown fixes 2019-02-10 00:21:22 +01:00
mrblacyk
b36ab8a526 Strip of dataneeded description 2019-02-10 00:09:04 +01:00
mrblacyk
c8fccc136d Fixes and markdown ATC repo demo 2019-02-10 00:02:45 +01:00
Wydra Mateusz
131e86b7d9 new naming scheme for DNs, some sysmon events + LPs for them 2019-02-01 14:34:48 +01:00
yugoslavskiy
1b99489051 md kb rebuilded with new template 2018-12-21 22:18:55 +01:00
yugoslavskiy
ed4bb4e9fc kb rebuilded with new templates 2018-12-21 21:15:34 +01:00
Wydra Mateusz
360744a70e References in detection rules rendered as list 2018-12-14 18:10:16 +01:00
Wydra Mateusz
bb49626101 Markdown template adds relative links to other pages 2018-12-14 18:01:31 +01:00
Wydra Mateusz
4782303d8f markdown template rendering fixed 2018-12-12 06:45:49 +01:00
Wydra Mateusz
970a7e6593 initial commit 2018-12-12 06:19:57 +01:00