..
AnalyticsRulesAdministrativeOperations.yaml
fixed AnalyticsRulesAdministrativeOperations
2021-05-12 12:33:59 +03:00
Anomalous_Listing_Of_Storage_Keys.yaml
updating logic to new fieldOperationNameValue
2021-09-17 13:01:10 -07:00
Azure-CloudShell-Usage.yaml
Hunting query timeframe updates
2021-04-12 14:15:43 -07:00
AzureAdministrationFromVPS.yaml
changed field to new-OperationNameValue
2021-09-17 13:27:20 -07:00
AzureNSG_AdministrativeOperations.yaml
Hunting query timeframe updates
2021-04-12 14:15:43 -07:00
AzureRunCommandFromAzureIP.yaml
Added queries and detections for cross tenant activity:
2021-10-24 23:24:41 -07:00
AzureSentinelConnectors_AdministrativeOperations.yaml
Merge branch 'master' into shaharBranch2
2021-05-13 11:10:21 +03:00
AzureSentinelWorkbooks_AdministrativeOperation.yaml
Hunting query timeframe updates
2021-04-12 14:15:43 -07:00
AzureVirtualNetworkSubnets_AdministrativeOperationset.yaml
ASimProcess to LAQUeryLogs
2021-07-30 16:06:59 -07:00
Common_Deployed_Resources.yaml
Updating queries with common timestamp param to support future features.
2021-09-10 10:10:13 -07:00
Creating_Anomalous_Number_Of_Resources.yaml
Update Creating_Anomalous_Number_Of_Resources.yaml
2021-09-29 10:47:13 -07:00
Granting_Permissions_to_Account.yaml
Update Granting_Permissions_to_Account.yaml
2021-08-30 08:32:58 -07:00
PortOpenedForAzureResource.yaml
updating logic to new field OperationNameValue
2021-09-17 17:56:44 -07:00
Rare_Custom_Script_Extension.yaml
Removed the deprecated MITRE techniques from hunting and detection queries and updating them with the latest ones that seem most appropriate.
2021-08-12 10:58:18 -07:00
0bbc82f5d3