0277f7811b
updating whitespaces
2023-02-28 19:31:27 +05:30
99a4f75d27
update RiskyCommandB64EncodedInUrl.yaml
2023-02-28 17:59:55 +05:30
724e15e086
Updating quotes
2023-02-28 17:59:19 +05:30
03b2157173
File path update hunting queries
2023-02-23 14:55:16 +05:30
212077d151
Adding Skip Validations
2022-11-24 15:55:56 +05:30
9082a14173
Package creation for Network Threat Protection Essentials
2022-11-16 18:19:50 +05:30
478dab91bf
Solution migration changes for Apache Log4j Vulnerability Detection ( #5994 )
...
* Solution Migration Changes for Log4j
Solution Migration Changes for Log4j
* update text for playbooks
* Removed the preview tag and fix for breaking URL
Removed the preview tag and fix for breaking URL
* Deleted Log4jImpactAssessment
* Moved Log4j Impact Assessment file
* Renamed file by removing space from name
* Remvoed Microsoft Sentinel from name
Remvoed Microsoft Sentinel from name
* added skip validation
* fixed formatting
* Update SkipStrcutreValidationsTemplates.json
* removed skip validation for duplicate ids
* updated skip validation
* added back change
* removed duplicate skip validation
* removed duplicate UserAgentSearch_log4j skip validation
* removed duplicate files from skip validation
Co-authored-by: v-amolpatil <v-amolpatil@microsoft.com>
2022-09-05 15:18:08 +05:30
74b6be7949
Template spec solution package update for palo alto network ( #6031 )
...
* moving files
* update package
* update for postDeployment steps
2022-08-30 19:16:28 +05:30
320d36631a
Fixed indent issues
2022-07-27 05:31:20 -07:00
77031004e0
Added queries related to KNOTWEED activity
2022-07-26 16:18:19 -07:00
7ff901179b
Adding outputs
2022-06-02 15:40:00 +01:00
369e23bf0b
Fixing indentation error
2022-06-02 15:14:44 +01:00
5dc8a6741c
New Queries
...
Comitting new queries to branch
2022-05-31 15:31:27 +01:00
2229646bff
Adding additional entity outputs as needed by other tooling and to support future automap of entities similar to Detections
2022-05-20 15:23:48 -07:00
d08bb314dc
Update PaloAlto-HighRiskPorts.yaml
...
removed the regex and filtering using "ipv4_is_private" operator
2022-01-19 12:09:40 +05:30
e46afa1db9
Update PaloAlto-HighRiskPorts.yaml
...
Reduce noise through drop Private IP commination
2022-01-13 17:17:09 +05:30
ee97399b42
Revert "Revert "Merge branch 'master' of https://github.com/Azure/Azure-Sentinel ""
...
This reverts commit ff69f85224
2022-01-03 16:21:46 +02:00
ff69f85224
Revert "Merge branch 'master' of https://github.com/Azure/Azure-Sentinel "
...
This reverts commit c929df845a53e6c92e3e
2022-01-03 16:04:13 +02:00
f8bc53dd9e
Added missing KQL statement
2021-12-17 09:46:36 -08:00
cb43266943
Fixed template issue
2021-12-17 09:01:14 -08:00
291b05ae79
New hunting query looking for external LDAP connections
2021-12-17 08:50:33 -08:00
54b4792b1c
Updating queries with common timestamp param to support future features.
2021-09-10 10:10:13 -07:00
a6ac7c65a6
Swap join legs to improve perf
2021-05-06 10:46:33 -07:00
6476e8dff4
Add Palo Alto High Risk Port hunting query
2021-04-21 08:46:16 -07:00
DixitVedanshi
v-vdixit
v-sabiraj
Meena Kumari Chatla
Manoj
Pete Bryan
Thomas McElroy
Shain
Arjun Trivedi
Ofer Shezaf
Pete Bryan
Shain Wray (MSTIC)
Matthieu Maitre