Skip to content

Actions: elastic/detection-rules

Actions

Community

Actions

Loading...
Loading

Show workflow options

Create status badge

Loading
community.yml
1,063 workflow runs
1,063 workflow runs

Filter by Event

Filter by Status

Filter by Branch

Filter by Actor

[FR] Add Support for Python 3.13 Community #2972: Issue #4534 opened by eric-forte-elastic
March 13, 2025 00:59 8s
March 13, 2025 00:59 8s
[Tuning] Potential DLL Side-Loading via Trusted Microsoft Programs Community #2971: Pull request #4533 opened by Samirbous
March 12, 2025 14:28 13s
March 12, 2025 14:28 13s
[D4C Conversion] Converting Compatible D4C Rules to DR Community #2970: Pull request #4532 opened by Aegrah
March 12, 2025 10:27 11s
March 12, 2025 10:27 11s
[FN Tuning] Shared Object Created or Changed by Previously Unknown Pr… Community #2969: Pull request #4529 opened by Aegrah
March 11, 2025 12:52 13s
March 11, 2025 12:52 13s
[New Rule] File Creation in /var/log via Suspicious Process Community #2968: Pull request #4528 opened by Aegrah
March 11, 2025 12:25 11s
March 11, 2025 12:25 11s
[New Hunt] Adding Hunting Queries for Azure Entra Sign-In Anomalies Community #2967: Pull request #4527 opened by terrancedejesus
March 11, 2025 01:51 13s
March 11, 2025 01:51 13s
[FR] [DaC] Update Readme with DaC Support References Community #2966: Pull request #4526 opened by eric-forte-elastic
March 10, 2025 19:38 13s
March 10, 2025 19:38 13s
[New Rule] Adding Coverage for Azure Entra Rare Instance of Single-Factor Authentication for User Community #2965: Pull request #4525 opened by terrancedejesus
March 10, 2025 18:14 10s
March 10, 2025 18:14 10s
[New Rule] Adding Coverage for Azure Entra Rare App ID for Principal Authentication Community #2964: Pull request #4524 opened by terrancedejesus
March 10, 2025 17:28 11s
March 10, 2025 17:28 11s
[New Rule] Adding Coverage for Azure Entra Password Spraying (Non-Interactive SFA) Community #2963: Pull request #4523 opened by terrancedejesus
March 7, 2025 19:59 9s
March 7, 2025 19:59 9s
chore: use docs-dev instead of docs dir for docs Community #2962: Pull request #4522 opened by traut
March 6, 2025 10:26 13s
March 6, 2025 10:26 13s
fix(ci): use negative patterns in paths instead of paths-ignore Community #2961: Pull request #4521 opened by traut
March 6, 2025 10:02 13s
March 6, 2025 10:02 13s
Deprecation Notice to Cloud Defend Rules Community #2960: Pull request #4520 opened by shashank-elastic
March 6, 2025 08:44 13s
March 6, 2025 08:44 13s
Added ML detection-rules for new Security Host package Community #2959: Pull request #4519 opened by sodhikirti07
March 4, 2025 18:57 12s
March 4, 2025 18:57 12s
[FR] Add Env Var DR_CLI_MAX_WIDTH and DaC Docs Updates Community #2958: Pull request #4518 opened by eric-forte-elastic
March 4, 2025 17:05 20s
March 4, 2025 17:05 20s
[Bug] DaC detection_rules help texts are cut off Community #2957: Issue #4517 opened by 111andre111
March 4, 2025 16:34 10s
March 4, 2025 16:34 10s
Add new ML detection rules for Privileged Access Detection Community #2956: Pull request #4516 opened by sodhikirti07
March 4, 2025 15:49 12s
March 4, 2025 15:49 12s
[New Rule] Uncommon Destination Port Connection by Web Server Community #2955: Pull request #4515 opened by Aegrah
March 4, 2025 13:01 15s
March 4, 2025 13:01 15s
[New Rule] Unusual File Creation from Web Server Parent Community #2954: Pull request #4514 opened by Aegrah
March 4, 2025 12:45 13s
March 4, 2025 12:45 13s
[New Rule] Unusual Process Spawned from Web Server Parent Community #2953: Pull request #4513 opened by Aegrah
March 4, 2025 12:35 9s
March 4, 2025 12:35 9s
[New Rule] Unusual Command Execution from Web Server Parent Community #2952: Pull request #4512 opened by Aegrah
March 4, 2025 12:22 10s
March 4, 2025 12:22 10s
Deprecate an APM BBR rule Community #2951: Pull request #4511 opened by shashank-elastic
March 4, 2025 12:00 12s
March 4, 2025 12:00 12s
[New/Tuning] Docker Socket Enumeration Community #2950: Pull request #4510 opened by Aegrah
March 4, 2025 10:06 12s
March 4, 2025 10:06 12s
[New Rules] Potential Port/Subnet Scanning Activity from Compromised Host Community #2949: Pull request #4509 opened by Aegrah
March 4, 2025 09:53 9s
March 4, 2025 09:53 9s
Create new detection rule set documentation to be included in the new docs. Community #2948: Pull request #4508 opened by Mpdreamz
March 4, 2025 09:48 11s
March 4, 2025 09:48 11s