Skip to content

Pull requests: elastic/detection-rules

New pull request New
15 Open 2,675 Closed
15 Open 2,675 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Reviews
Filter by reviews
No reviews Review required Approved review Changes requested
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Pull requests list

Protections for AWS Bedrock backport: auto Integration: AWS-Bedrock Rule: New Proposal for new rule
#4270 opened Nov 20, 2024 by shashank-elastic Loading…
1 of 5 tasks
@shashank-elastic
1
[Rule Tuning] Kernel Module Removal backport: auto Domain: Endpoint OS: Linux Rule: Tuning tweaking or tuning an existing rule Team: TRADE
#4269 opened Nov 15, 2024 by Aegrah Loading…
@Aegrah
1
Revert "[Bug] Handle formatting empty list" backport: auto python Internal python for the repository stale 60 days of inactivity
#4087 opened Sep 17, 2024 by brokensound77 Loading…
4
[New Rule] Potential Forced Authentication - SMB Named Pipes backport: auto Domain: Endpoint OS: Windows windows related rules Rule: New Proposal for new rule
#3916 opened Jul 24, 2024 by w0rk3r Draft
@w0rk3r
9
[New Rule] Active Directory Forced Authentication from Linux Host backport: auto Domain: Endpoint OS: Windows windows related rules Rule: New Proposal for new rule
#3912 opened Jul 22, 2024 by w0rk3r Draft
@w0rk3r
12
[New Rule] [BBR] Active Directory Object Modification by SYSTEM backlog backport: auto bbr Building Block Rules Domain: Endpoint OS: Windows windows related rules Rule: New Proposal for new rule
#3835 opened Jun 26, 2024 by w0rk3r Draft
@w0rk3r
1
[FR] Add white space checking for KQL parse backlog
#3789 opened Jun 14, 2024 by eric-forte-elastic Draft
1
@eric-forte-elastic
2
[New Rules] Azure OpenAI backlog backport: auto esql ES|QL Integration: Azure Openai Rule: New Proposal for new rule
#3701 opened May 22, 2024 by Mikaayenson Draft
@Mikaayenson
19
[FR] Updates to KQL Lib Parsing bug Something isn't working kql related to the kql module
#3605 opened Apr 18, 2024 by eric-forte-elastic Draft
1
[New Rule] Endpoint Security Promotion Rules for Specific Events backlog backport: auto Integration: Endpoint Elastic Endpoint Security Rule: New Proposal for new rule
#3533 opened Mar 24, 2024 by terrancedejesus Draft
@terrancedejesus
22
[FR] Add source_updated_at to Rule Schema as a Build Time Field backlog backport: auto enhancement New feature or request fleet-release Issue tracking rule updates released to (OOB) Fleet integration package python Internal python for the repository schema Supportability Regarding rule maintenance and support for specific stack versions v8.15.0
#3427 opened Feb 5, 2024 by terrancedejesus Loading…
1
@terrancedejesus
11
WIP: [POC] Refactor: port unittest to pytest backlog backport: auto bug Something isn't working detections-as-code enhancement New feature or request python Internal python for the repository test-suite unit and other testing components
#3361 opened Jan 3, 2024 by Mikaayenson Draft
@Mikaayenson
11
[Rule Tuning] Update rules using NPC integration and non-ECS fields backlog backport: auto blocked Domain: Network Rule: Tuning tweaking or tuning an existing rule
#3194 opened Oct 16, 2023 by brokensound77 Loading…
@brokensound77
11
[FR] Add investigation guide checks backlog backport: auto ci/cd cli command line tooling Domain: Cloud Domain: Endpoint enhancement New feature or request Integration: Google Workspace ML machine learning related rule OS: Linux OS: Windows windows related rules python Internal python for the repository
#2994 opened Aug 2, 2023 by Mikaayenson Draft
@Mikaayenson
3
[FR] Add CLI Command for Prebuilt Rules Release Package Update Details backlog backport: auto enhancement New feature or request python Internal python for the repository
#2807 opened May 19, 2023 by terrancedejesus Draft
@terrancedejesus
7
ProTip! Mix and match filters to narrow down what you’re looking for.