61ea9296bf
add custom table file
2021-11-29 15:16:28 +02:00
1b568b7601
add ciscoduo content
2021-11-22 18:15:23 +02:00
bc3533111a
Merge pull request #3387 from elforb/v-eliforbes/defenderIotDataUpdate
...
Defender IOT Updates
2021-11-15 00:54:20 -08:00
b74d78b74f
Merge pull request #3390 from Azure/RetireCMMC&ZeroTrust_LegacyWorkbooks
...
Retiring CMMC & Zero Trust (TIC3.0) Workbooks
2021-11-15 00:53:31 -08:00
5956c3f87c
Update README.md
...
fixing typo in line 135 (missing a in validation)
2021-11-12 12:47:46 -08:00
e81071164a
Update README.md
...
Adding in step identifying requirement to include Proposed Changes details in PR.
2021-11-12 12:29:56 -08:00
d98bb00872
Update README.md
...
Adding in note about merge master back into your branch before push
2021-11-12 12:19:38 -08:00
070508d286
Correcting and refining the text ( #3418 )
...
* Correcting and refining the text
No changes to the policies themselves.
2021-11-11 14:08:01 +02:00
94bae4d3ca
Merge pull request #3423 from aviyerMSFT/users/aviyer/change_to_msft_sentinel
...
Updated Azure Sentinel to Microsoft Sentinel in TI Workbook
2021-11-11 09:45:16 +08:00
fa78dfc74e
Updated TI workbook metadata version
2021-11-10 15:45:33 -08:00
3fb1e785ef
Updated Azure Sentinel to Microsoft Sentinel
2021-11-10 15:43:48 -08:00
dcf8c72009
Merge pull request #3405 from elforb/v-eliforbes/extraAnalyticFieldAutomation
...
Solution Automation - Add Extra Analytic Fields
2021-11-10 14:42:25 -08:00
6022b924c2
Update README.md
2021-11-10 14:22:06 -08:00
7dc77a63cb
Merge pull request #3363 from Azure/pebryan/2021112_ADOUpdate
...
Update ADORetentionReducedto0:
2021-11-10 13:58:42 -08:00
545c6cd47d
Merge pull request #3417 from ep3p/patch-9
...
Change the string "IPList" by dynamic named IPList in WSLMalwareCorrelation.yaml
2021-11-10 13:55:36 -08:00
61ae76ae3c
Merge pull request #3419 from ep3p/patch-11
...
Update Azure IP Ranges and Service Tags – Public Cloud Link
2021-11-10 13:52:26 -08:00
393c6621c0
updating ARM per #3421
2021-11-10 21:53:48 +02:00
a03234cb0d
Corrects parameter misspelling in ASIM parsers
2021-11-10 21:41:08 +02:00
f531ecf573
Merge pull request #3420 from Azure/tamirkopitz-CODEOWNERS-SAP
...
Update CODEOWNERS
2021-11-10 17:14:21 +02:00
55fd4f6d6c
Update CODEOWNERS
2021-11-10 16:11:49 +02:00
3a9c995056
Update version number
2021-11-10 14:56:54 +01:00
56a4aa6135
Update Azure IP Ranges and Service Tags – Public Cloud Link
2021-11-10 14:52:27 +01:00
5b924d7c37
Merge pull request #3410 from Azure/kopitz/sap_authorizations_role
...
Update SAP sample authorization role
2021-11-10 15:13:26 +02:00
ecaafb7ee5
Update CODEOWNERS
2021-11-10 15:09:53 +02:00
64e0e0758c
Update CODEOWNERS
2021-11-10 15:08:12 +02:00
5c05410617
Change Template Version to 1.0.1
2021-11-10 13:41:24 +01:00
23994fab87
Change the string "IPList" by dynamic named IPList in WSLMalwareCorrelation.yaml
...
The query of "AzureFirewallApplicationRule" did not check the IP address properly.
It was comparing the IP address string against the literal string "IPList".
2021-11-10 13:30:38 +01:00
3175593ac2
Merge pull request #3415 from Korving-F/master
...
Adds missing comma in ProcessEventEmpty Parser
2021-11-10 13:42:18 +02:00
820b0332b6
[DataConnectors] Add AWS required policies to AWS-S3 ( #3414 )
2021-11-10 13:09:46 +02:00
459551f788
Adds missing comma in ProcessEventEmpty Parser
2021-11-10 12:56:07 +02:00
935a3d6cb7
Updating column_ifexists in the query ( #3409 )
...
* Updating column_ifexists in the query
* Update StartStopHealthService.yaml
Updating the version of the query.
* Update StartStopHealthService.yaml
Updating column_ifexists and projecting a few additional fields.
2021-11-10 08:03:30 +02:00
c146e35873
Merge pull request #3201 from swiftsolves-msft/nateswift-parsercassandradb
...
CassandraAuditLog Function Parser
2021-11-09 21:13:32 -08:00
bd43ce3e2f
Alert Rule Version Update
2021-11-09 10:52:12 -08:00
98fb950607
ApiVersion Update
2021-11-09 10:46:12 -08:00
7dfe3cc1c7
Adding single schema deploy buttons ( #3411 )
...
Co-authored-by: Yaron <49263271+YaronFruchtmann@users.noreply.github.com>
2021-11-09 19:33:50 +02:00
7ea472b68d
Fixing typo call parameters
2021-11-09 15:48:14 +02:00
6e47d7cd07
Update SAP sample authorization role
2021-11-09 15:00:05 +02:00
3d96352773
Merge pull request #3407 from Azure/v-rucdu/ProofpointPODICMFIxes
...
Fix for ProofpointPOD ICM
2021-11-08 23:07:10 -08:00
ad952495ec
updated zip package
2021-11-09 12:13:29 +05:30
a5174b4983
Fix for ProofpointPOD ICM
2021-11-09 12:05:48 +05:30
ac94a89c29
Merge pull request #3324 from SecureHats/master
...
updated text module 2
2021-11-08 20:44:23 -08:00
5986bd85f0
Merge pull request #2697 from Flared/jct/FlareSystems-improve-Solution-wizard
...
FlareSystemsFirework: update to 1.0.1 solution
2021-11-08 20:43:34 -08:00
4d256a7306
Merge pull request #3406 from Azure/Dev-0322BLOG_Queries
...
Updating the query
2021-11-08 16:19:48 -08:00
93e5695871
Updating the query
2021-11-08 15:56:58 -08:00
10bf2327fa
Solution Automation - Add Extra Analytic Fields
2021-11-08 15:39:45 -08:00
c5dbae756c
Merge pull request #3404 from Azure/pebryan/2021118_BlogSupport
...
Added new hunting queries for MSTIC blog support.
2021-11-08 14:33:34 -08:00
bff25588f8
Additional YAML fixes
2021-11-08 14:28:49 -08:00
e1ab0812f9
Updated yaml to fix error
2021-11-08 14:25:11 -08:00
dd04dc88fb
Added new hunting queries:
...
Looking for Command Line Activity Associated with Dev-0322
Looking for file creation events associated with Dev-0322
Including queries for both MDE events and MSIM model.
2021-11-08 14:19:50 -08:00
e5641bdd07
Merge pull request #3351 from Azure/ashwin/aadsecops
...
AADSecops Detection and hunting Queries
2021-11-08 13:40:09 -08:00
sp
v-jayakal
Shain
Yechiel Levin
Sharon Ko
Avinash Iyer
Preeti Krishna
aprakash13
Yaron
Frank Korving
liatlishams
tamirkopitz
Jose Sebastián Canós
Ofer Shezaf
sagamzu
Your Name
Eli Forbes
yaronMSFT
v-rucdu
Ashwin Patil
Ajeet Prakash (MSTIC)
Pete Bryan