Skip to content

Issues: elastic/detection-rules

Beta
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
147 Open 1,469 Closed
147 Open 1,469 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

[CLI] Add better support for nested structures backlog bug Something isn't working cli command line tooling enhancement New feature or request
#64 opened Jul 16, 2020 by brokensound77
1
[Bug] KQL does not properly escape leading forward slash backlog bug Something isn't working kql related to the kql module python Internal python for the repository
#441 opened Oct 30, 2020 by brokensound77
1
[New Rule] Azure Modify Trusted Domains backlog Domain: Cloud Integration: Azure azure related rules Rule: New Proposal for new rule v7.14.0 7.14 rules release package
#888 opened Jan 20, 2021 by bm11100
@bm11100
2
[New Rule] Potential AWS Credential Exposure backlog Integration: AWS AWS related rules Rule: New Proposal for new rule v7.14.0 7.14 rules release package
#955 opened Feb 22, 2021 by bm11100
@bm11100
1
[New Rule] AWS EC2 New SSH Key added to EC2 Instance backlog Domain: Cloud Integration: AWS AWS related rules ML machine learning related rule Rule: New Proposal for new rule
#966 opened Mar 1, 2021 by aarju
@randomuserid
3
[New Rules] AWS EC2 AMI Attribute Modification backlog Integration: AWS AWS related rules Rule: New Proposal for new rule v7.14.0 7.14 rules release package
#968 opened Mar 2, 2021 by bm11100
@bm11100
1
[New Rule] AWS Elastic Container Registry Policy Modification backlog Integration: AWS AWS related rules Rule: New Proposal for new rule v7.14.0 7.14 rules release package
#969 opened Mar 2, 2021 by bm11100
@bm11100
1
[New Rule] TLS Traffic Intercept on MacOS backlog Rule: New Proposal for new rule
#1177 opened May 6, 2021 by aarju
@DefSecSentinel
1
[New Rule] Kubernetes Secrets Enumeration backlog Rule: New Proposal for new rule v8.3.0 Rules for 8.3.0
#1188 opened May 10, 2021 by christophercutajar
2
@imays11
10
[New Rule] Kubernetes ServiceAccount Creation backlog Rule: New Proposal for new rule v8.3.0 Rules for 8.3.0
#1189 opened May 10, 2021 by christophercutajar
@imays11
3
[New Rule] Kubernetes Activity by system:anonymous backlog Rule: New Proposal for new rule v8.3.0 Rules for 8.3.0
#1190 opened May 10, 2021 by christophercutajar
@imays11
6
[New Rule] Pre-OS Boot: Bootkit backlog community Rule: New Proposal for new rule
#1210 opened May 17, 2021 by gils3nan
1
[New Rule] Azure Kubernetes Role or ClusterRole Modified or Deleted backlog community Domain: Cloud Integration: Azure azure related rules Rule: New Proposal for new rule
#1278 opened Jun 8, 2021 by austinsonger
1
@imays11 @terrancedejesus
1
[New Rule] Microsoft 365 - Sharing Policy Change backlog community Domain: SaaS Integration: Microsoft 365 Rule: New Proposal for new rule
#1350 opened Jul 18, 2021 by austinsonger
1
@terrancedejesus
6
[New Rule] Microsoft 365 - Site Collection Admin Added backlog community Domain: Cloud Domain: SaaS Integration: Microsoft 365 Rule: New Proposal for new rule
#1351 opened Jul 18, 2021 by austinsonger
1
@terrancedejesus
6
[New Rule] Azure Kubernetes Secret or Config Object Access backlog community Domain: Cloud Integration: Azure azure related rules Rule: New Proposal for new rule v8.3.0 Rules for 8.3.0
#1412 opened Aug 7, 2021 by austinsonger
1
@imays11 @terrancedejesus
4
[New Rule] Azure Subscription Permission Elevation backlog Domain: Cloud Integration: Azure azure related rules Rule: New Proposal for new rule
#1630 opened Nov 26, 2021 by austinsonger
2
@imays11 @terrancedejesus
3
Review use of non-ecs-schema backlog schema v8.2.0 v8.7.0
#1776 opened Feb 16, 2022 by brokensound77
3 tasks
6
[Bug] EQL maxspan test doesn't account for from-to backlog bug Something isn't working python Internal python for the repository v8.2.0 v8.3.0 Rules for 8.3.0 v8.4.0
#1796 opened Feb 26, 2022 by SHolzhauer
1
@Mikaayenson
3
[New Rule] AWS - possible compromised access keys [ML] backlog community Domain: Cloud Integration: AWS AWS related rules ML machine learning related rule Rule: New Proposal for new rule
#1919 opened Apr 12, 2022 by guyrdahan
@terrancedejesus
3
[FR] Add details and export options for dev package-stats command backlog enhancement New feature or request python Internal python for the repository
#2020 opened Jun 7, 2022 by terrancedejesus
1
@terrancedejesus @eric-forte-elastic
4
[FR] Add sub-technique data to the summary-xlsx backlog bug Something isn't working enhancement New feature or request python Internal python for the repository
#2078 opened Jul 7, 2022 by Mikaayenson
[New Rules] Cisco ASA backlog Rule: New Proposal for new rule
#2176 opened Jul 26, 2022 by leweafan
2
[Rule Tuning] Attempts to Brute Force a Microsoft 365 User Account backlog community Domain: SaaS Integration: Microsoft 365 Rule: Tuning tweaking or tuning an existing rule
#2278 opened Aug 29, 2022 by baserock
@terrancedejesus
7
[New Rule] Multiple Okta MFA push requests were denied backlog Rule: New Proposal for new rule
#2304 opened Sep 19, 2022 by aarju
5
ProTip! Type g i on any issue or pull request to go back to the issue listing page.