valitydev/atomic-threat-coverage
14
0
Fork 0
mirror of https://github.com/valitydev/atomic-threat-coverage.git synced 2024-11-06 01:25:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity
151d351e76
atomic-threat-coverage/data_needed
History
yugoslavskiy 180aad7297
Merge pull request #178 from atc-project/develop 
update atc-react module
2020-04-16 23:58:09 +02:00
..
dataneeded.yml.template changed directories names 2019-02-12 04:55:11 +01:00
DN_0001_4688_windows_process_creation.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0002_4688_windows_process_creation_with_commandline.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0003_1_windows_sysmon_process_creation.yml - updated sysmon eid 1, 7, 17 and 18 (new fields) 2019-07-09 10:11:01 +03:00
DN_0004_4624_windows_account_logon.yml fix wrong link 2019-11-03 23:41:51 +03:00
DN_0005_7045_windows_service_insatalled.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0006_2_windows_sysmon_process_changed_a_file_creation_time.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0007_3_windows_sysmon_network_connection.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0008_4_windows_sysmon_sysmon_service_state_changed.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0009_5_windows_sysmon_process_terminated.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0010_6_windows_sysmon_driver_loaded.yml - updated sysmon eid 1, 7, 17 and 18 (new fields) 2019-07-09 10:11:01 +03:00
DN_0011_7_windows_sysmon_image_loaded.yml - updated sysmon eid 1, 7, 17 and 18 (new fields) 2019-07-09 10:11:01 +03:00
DN_0012_8_windows_sysmon_CreateRemoteThread.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0013_9_windows_sysmon_RawAccessRead.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0014_10_windows_sysmon_ProcessAccess.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0015_11_windows_sysmon_FileCreate.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0016_12_windows_sysmon_RegistryEvent.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0017_13_windows_sysmon_RegistryEvent.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0018_14_windows_sysmon_RegistryEvent.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0019_15_windows_sysmon_FileCreateStreamHash.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0020_17_windows_sysmon_PipeEvent.yml - updated sysmon eid 1, 7, 17 and 18 (new fields) 2019-07-09 10:11:01 +03:00
DN_0021_18_windows_sysmon_PipeEvent.yml - updated sysmon eid 1, 7, 17 and 18 (new fields) 2019-07-09 10:11:01 +03:00
DN_0022_19_windows_sysmon_WmiEvent.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0023_20_windows_sysmon_WmiEvent.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0024_21_windows_sysmon_WmiEvent.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0026_5136_windows_directory_service_object_was_modified.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0027_4738_user_account_was_changed.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0028_4794_directory_services_restore_mode_admin_password_set.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0029_4661_handle_to_an_object_was_requested.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0030_4662_operation_was_performed_on_an_object.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0031_7036_service_started_stopped.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0032_5145_network_share_object_was_accessed_detailed.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0033_5140_network_share_object_was_accessed.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0034_104_log_file_was_cleared.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0035_106_task_scheduler_task_registered.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0036_4104_windows_powershell_script_block.yml Powershell logging policies 2020-04-14 23:18:34 +02:00
DN_0037_4103_windows_powershell_executing_pipeline.yml Powershell logging policies 2020-04-14 23:18:34 +02:00
DN_0038_400_engine_state_is_changed_from_none_to_available.yml fix #54, #60 2019-07-16 17:03:32 +03:00
DN_0039_524_system_catalog_has_been_deleted.yml fix #56 #57 #58 #59 #91 #92 2019-07-17 07:16:45 +03:00
DN_0040_528_user_successfully_logged_on_to_a_computer.yml fix #56 #57 #58 #59 #91 #92 2019-07-17 07:16:45 +03:00
DN_0041_529_logon_failure.yml fix #56 #57 #58 #59 #91 #92 2019-07-17 07:16:45 +03:00
DN_0042_675_kerberos_preauthentication_failed.yml fix #56 #57 #58 #59 #91 #92 2019-07-17 07:16:45 +03:00
DN_0043_770_dns_server_plugin_dll_has_been_loaded.yml fix #54, #60 2019-07-16 17:03:32 +03:00
DN_0044_1000_application_crashed.yaml Update DN_0044_1000_application_crashed.yaml 2019-03-06 11:34:05 +01:00
DN_0045_1001_windows_error_reporting.yaml Add Data Needed DN_0045_1001_windows_error_reporting 2019-03-06 20:04:02 +01:00
DN_0046_1031_dhcp_service_callout_dll_file_has_caused_an_exception.yml general update: 2019-07-12 06:38:49 +03:00
DN_0047_1032_dhcp_service_callout_dll_file_has_caused_an_exception.yml general update: 2019-07-12 06:38:49 +03:00
DN_0048_1033_dhcp_service_successfully_loaded_callout_dlls.yml fix #56 #57 #58 #59 #91 #92 2019-07-17 07:16:45 +03:00
DN_0049_1034_dhcp_service_failed_to_load_callout_dlls.yml general update: 2019-07-12 06:38:49 +03:00
DN_0050_1102_audit_log_was_cleared.yml fix #156 2020-04-07 05:10:56 +02:00
DN_0051_1121_attack_surface_reduction_blocking_mode_event.yml fix #68 2019-08-11 16:32:02 +03:00
DN_0052_2003_query_to_load_usb_drivers.yml added DN: #88 DN_0071_4737_security_enabled_global_group_was_changed 2019-04-23 04:41:39 +02:00
DN_0053_2100_pnp_or_power_operation_for_usb_device.yml added DN: #88 DN_0071_4737_security_enabled_global_group_was_changed 2019-04-23 04:41:39 +02:00
DN_0054_2102_pnp_or_power_operation_for_usb_device.yml added DN: #88 DN_0071_4737_security_enabled_global_group_was_changed 2019-04-23 04:41:39 +02:00
DN_0054_linux_auditd_execve.yml add auditd DNs and LPs 2019-08-22 02:11:09 +03:00
DN_0055_linux_auditd_read_access_to_file.yml add auditd DNs and LPs 2019-08-22 02:11:09 +03:00
DN_0056_linux_auditd_syscall.yml add auditd DNs and LPs 2019-08-22 02:11:09 +03:00
DN_0057_4625_account_failed_to_logon.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0058_4656_handle_to_an_object_was_requested.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0059_4657_registry_value_was_modified.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0060_4658_handle_to_an_object_was_closed.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0061_4660_object_was_deleted.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0062_4663_attempt_was_made_to_access_an_object.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0063_4697_service_was_installed_in_the_system.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0064_4698_scheduled_task_was_created.yml added DN_0064 2019-04-22 21:59:10 +02:00
DN_0065_4701_scheduled_task_was_disabled.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0066_4704_user_right_was_assigned.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0067_4719_system_audit_policy_was_changed.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0068_4728_member_was_added_to_security_enabled_global_group.yml added DN: #88 DN_0071_4737_security_enabled_global_group_was_changed 2019-04-23 04:41:39 +02:00
DN_0069_4732_member_was_added_to_security_enabled_local_group.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0070_4735_security_enabled_local_group_was_changed.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0071_4737_security_enabled_global_group_was_changed.yml added DN: #88 DN_0071_4737_security_enabled_global_group_was_changed 2019-04-23 04:41:39 +02:00
DN_0072_4755_security_enabled_universal_group_was_changed.yml added DN: #88 DN_0071_4737_security_enabled_global_group_was_changed 2019-04-23 04:41:39 +02:00
DN_0073_4756_member_was_added_to_a_security_enabled_universal_group.yml added DN: #88 DN_0071_4737_security_enabled_global_group_was_changed 2019-04-23 04:41:39 +02:00
DN_0074_4765_sid_history_was_added_to_an_account.yml fix #56 #57 #58 #59 #91 #92 2019-07-17 07:16:45 +03:00
DN_0075_4766_attempt_to_add_sid_history_to_an_account_failed.yml fix #56 #57 #58 #59 #91 #92 2019-07-17 07:16:45 +03:00
DN_0076_4768_kerberos_authentication_ticket_was_requested.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0077_4769_kerberos_service_ticket_was_requested.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0078_4771_kerberos_pre_authentication_failed.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0079_4776_computer_attempted_to_validate_the_credentials_for_an_account.yml new dn and lp 2019-04-22 05:18:31 +02:00
DN_0080_5859_wmi_activity.yml changed LP 2019-02-13 21:20:06 +01:00
DN_0081_5861_wmi_activity.yml changed LP 2019-02-13 21:20:06 +01:00
DN_0082_8002_ntlm_server_blocked_audit.yml fixed issue #99 2019-03-03 01:40:08 +01:00
DN_0083_16_access_history_in_hive_was_cleared.yml changed directories names 2019-02-12 04:55:11 +01:00
DN_0084_av_alert.yml add DN_0093_linux_clamav.yml 2019-08-27 04:18:59 +03:00
DN_0085_22_windows_sysmon_DnsQuery.yml sysmon event id 22 (dns queries) added 2019-06-24 04:37:21 +02:00
DN_0086_4720_user_account_was_created.yml general update: 2019-07-12 06:38:49 +03:00
DN_0087_5156_windows_filtering_platform_has_permitted_connection.yml general update: 2019-07-12 06:38:49 +03:00
DN_0088_4616_system_time_was_changed.yml general update: 2019-07-12 06:38:49 +03:00
DN_0089_56_terminal_server_security_layer_detected_an_error.yml general update: 2019-07-12 06:38:49 +03:00
DN_0090_50_terminal_server_security_layer_detected_an_error.yml general update: 2019-07-12 06:38:49 +03:00
DN_0091_linux_modsecurity_log.yml add DN_0096, DN_0097 and LP_0034 2019-08-29 02:49:55 +03:00
DN_0092_unix_generic_syslog.yml add DN_0092_unix_generic_syslog 2019-08-23 04:23:21 +03:00
DN_0093_linux_clamav_log.yml add DN_0096, DN_0097 and LP_0034 2019-08-29 02:49:55 +03:00
DN_0094_linux_sshd_log.yml add DN_0096, DN_0097 and LP_0034 2019-08-29 02:49:55 +03:00
DN_0095_linux_auth_pam_log.yml add DN_0096, DN_0097 and LP_0034 2019-08-29 02:49:55 +03:00
DN_0096_linux_named_client_security_log.yml add DN_0096, DN_0097 and LP_0034 2019-08-29 02:49:55 +03:00
DN_0097_linux_daemon_log.yml add DN_0096, DN_0097 and LP_0034 2019-08-29 02:49:55 +03:00
DN_0098_linux_vsftpd_log.yml add DN_0098 2019-08-30 01:35:52 +03:00
DN_0099_Bind_DNS_query.yml fix mp 2019-10-25 09:05:55 +02:00
DN_0100_Passive_DNS_log.yml fix mp 2019-10-25 09:05:55 +02:00
DN_0108_150_dns_server_could_not_load_dll.yml fixind issue #53 2019-03-02 20:34:07 +01:00