From 0df22c52b3749eb9379a5e49fbfb6e9ba2c91dcf Mon Sep 17 00:00:00 2001 From: akozlovets098 Date: Tue, 12 Dec 2023 15:41:53 +0200 Subject: [PATCH] Add references to rules (onelogin_rules) --- rules/onelogin_rules/onelogin_admin_role_assigned.yml | 1 + rules/onelogin_rules/onelogin_unusual_login.yml | 1 + 2 files changed, 2 insertions(+) diff --git a/rules/onelogin_rules/onelogin_admin_role_assigned.yml b/rules/onelogin_rules/onelogin_admin_role_assigned.yml index cac026bee..d8bcaef05 100644 --- a/rules/onelogin_rules/onelogin_admin_role_assigned.yml +++ b/rules/onelogin_rules/onelogin_admin_role_assigned.yml @@ -7,6 +7,7 @@ LogTypes: - OneLogin.Events Tags: - Identity & Access Management +Reference: https://onelogin.service-now.com/kb_view_customer.do?sysparm_article=KB0010391 Severity: Low SummaryAttributes: - account_id diff --git a/rules/onelogin_rules/onelogin_unusual_login.yml b/rules/onelogin_rules/onelogin_unusual_login.yml index 1e982554d..d614e0344 100644 --- a/rules/onelogin_rules/onelogin_unusual_login.yml +++ b/rules/onelogin_rules/onelogin_unusual_login.yml @@ -9,6 +9,7 @@ LogTypes: - OneLogin.Events Tags: - Identity & Access Management +Reference: https://actzero.ai/resources/blog/a-smarter-way-to-detect-suspicious-cloud-logins Severity: Medium Description: Deprecated. Please see Standard.UnusualLogin instead. SummaryAttributes: