-
Notifications
You must be signed in to change notification settings - Fork 487
Issues: elastic/detection-rules
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Author
Label
Projects
Milestones
Assignee
Sort
Issues list
[FR] [DAC] Add exceptions list and action connector text to import-rules logging messages
detections-as-code
enhancement
New feature or request
Team: TRADE
#4092
opened Sep 19, 2024 by
eric-forte-elastic
[Bug] Dependency using a deprecated and removed module (Something isn't working
Team: TRADE
pkg_resources
)
bug
#4083
opened Sep 17, 2024 by
brokensound77
Browser Extension Install - filters on wrong field
community
Rule: Tuning
tweaking or tuning an existing rule
Team: TRADE
#4059
opened Sep 6, 2024 by
willemri
[New Rule] Google Sheets C2 Detection Review (Voldemort)
Domain: Endpoint
Domain: SaaS
Integration: Endpoint
Elastic Endpoint Security
OS: Windows
windows related rules
Rule: New
Proposal for new rule
Team: TRADE
#4051
opened Sep 3, 2024 by
terrancedejesus
[FR] Unit test to check for related_integrations based on index
backlog
enhancement
New feature or request
Team: TRADE
#4046
opened Aug 29, 2024 by
shashank-elastic
[FR] Deprecate Experimental ML Logic
backlog
enhancement
New feature or request
Team: TRADE
#4023
opened Aug 27, 2024 by
Mikaayenson
[FR] Redesign Filed Mapping Check for Integration Packages
backlog
enhancement
New feature or request
Team: TRADE
#4006
opened Aug 22, 2024 by
shashank-elastic
[Rule Tuning] Interactive Exec Command Launched Against A Running Container
community
Rule: Tuning
tweaking or tuning an existing rule
Team: TRADE
#3999
opened Aug 21, 2024 by
damianfedeczko
[FR][DAC] Consideration: Support Bulk Actions
backlog
detections-as-code
enhancement
New feature or request
#3962
opened Aug 6, 2024 by
Mikaayenson
[Rule Tuning] Potential Password Spraying of Microsoft 365 User Accounts
backlog
community
Rule: Tuning
tweaking or tuning an existing rule
Team: TRADE
#3934
opened Jul 31, 2024 by
janniten
[Rule Tuning] Agent Spoofing - Multiple Hosts Using Same Agent
backlog
community
Rule: Tuning
tweaking or tuning an existing rule
Team: TRADE
#3932
opened Jul 30, 2024 by
tehbooom
[Deprecation] AWS EC2 Snapshot Activity
backlog
Domain: Cloud
Integration: AWS
AWS related rules
Rule: Deprecation
removal of a rule
Team: TRADE
#3906
opened Jul 18, 2024 by
imays11
[Meta] Active Directory Certificate Services (AD CS) - Part 1
backlog
Domain: Endpoint
Meta
OS: Windows
windows related rules
Team: TRADE
#3865
opened Jul 3, 2024 by
w0rk3r
[Meta] EvilNoVNC Threat Detection Coverage Assessment
backlog
Domain: Cloud
Domain: SaaS
Meta
Team: TRADE
#3787
opened Jun 13, 2024 by
terrancedejesus
[FR][DAC] Consideration: Add CLI commands for deprecate / disable rules
backlog
detections-as-code
enhancement
New feature or request
Team: TRADE
#3786
opened Jun 12, 2024 by
eric-forte-elastic
[FR][DAC] Consideration: Add support for exceptions APIs in Kibana module
backlog
detections-as-code
enhancement
New feature or request
kibana-module
related to the kibana module
#3785
opened Jun 12, 2024 by
brokensound77
[Meta] Add Auth0 Prebuilt Threat Detection Ruleset
backlog
Meta
Team: TRADE
#3780
opened Jun 11, 2024 by
terrancedejesus
[Rule Tuning] O365 Exchange Suspicious Mailbox Right Delegation
backlog
community
Rule: Tuning
tweaking or tuning an existing rule
#3775
opened Jun 11, 2024 by
willemri
[FR] Revisit Filter Schema for Removal or Extension
backlog
enhancement
New feature or request
python
Internal python for the repository
schema
#3773
opened Jun 10, 2024 by
Mikaayenson
[New Rule] Suspicious Okta Cross-Origin Authentication
backlog
Domain: Cloud
Domain: SaaS
Integration: Okta
okta related rules
Rule: New
Proposal for new rule
#3769
opened Jun 10, 2024 by
terrancedejesus
[Meta] Okta Detection Coverage for Cross-Origin Authentication Credential Stuffing
backlog
Integration: Okta
okta related rules
Meta
Team: TRADE
#3723
opened May 30, 2024 by
terrancedejesus
[New Rule] Elastic Agent status not validated
backlog
Domain: Endpoint
esql
ES|QL
OS: Linux
OS: macOS
OS: Windows
windows related rules
Rule: New
Proposal for new rule
#3719
opened May 29, 2024 by
peasead
[New Rule] Process Backgrounded by Unusual Parent
backlog
OS: Linux
Rule: New
Proposal for new rule
Team: TRADE
#3713
opened May 27, 2024 by
Aegrah
[Bug] O365 Exchange Suspicious Mailbox Right Delegation - False Positives for "NT AUTHORITY\SYSTEM (Microsoft.Exchange.ServiceHost)"
backlog
bug
Something isn't working
community
#3702
opened May 22, 2024 by
willem-dhaese
[FR][DAC] Consideration: Explore packaging when bypassing the version lock
backlog
detections-as-code
enhancement
New feature or request
#3696
opened May 20, 2024 by
Mikaayenson
Previous Next
ProTip!
What’s not been updated in a month: updated:<2024-08-23.