Elastic Detection Rule Contribution

elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
15. AWS RDS Security Group Creation
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
14. AWS RDS Security Group Deletion
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
13. Attempts to Brute Force a Microsoft 365 User Account
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
12. AWS Route 53 Domain Transferred to Another Account
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
11. AWS Route 53 Domain Transfer Lock Disabled
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
10. AWS EC2 Full Network Packet Capture Detected
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
9. Azure Service Principal Credentials Added
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
8. Attempts to Brute Force an Okta User Account
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
7. AWS EC2 VM Export Failure
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
6. High Number of Okta User Password Reset or Unlock Attempts
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
5. Microsoft Exchange Server UM Writing Suspicious Files
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
4. AWS Config Service Tampering
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
3. Microsoft 365 New Inbox Rule Created
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
2. AWS IAM Deactivation of MFA Device
elastic/detection-rules
Rules for Elastic Security’s detection engine. Contribute to elastic/detection-rules development by creating an account on GitHub.
1. Microsoft Exchange Server UM Spawning Suspicious Processes