Skip to content

Commit

Permalink
Add references to rules (aws_eks_rules)
Browse files Browse the repository at this point in the history
  • Loading branch information
akozlovets098 committed Dec 11, 2023
1 parent ca86dd4 commit 2b18565
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions rules/aws_eks_rules/source_ip_multiple_403.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ Tags:
Reports:
MITRE ATT&CK:
- 'TA0007:T1613'
Reference: https://aws.github.io/aws-eks-best-practices/security/docs/detective/
Severity: Info
Description: > # (Optional)
This detection identifies if a public sourceIP is generating multiple 403s
Expand Down
1 change: 1 addition & 0 deletions rules/aws_eks_rules/system_namespace_public_ip.yml
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@ Tags:
#Reports: # (Optional)
# MITRE ATT&CK:
# - 'TA0027:T1475' # Tactic ID:Technique ID (https://attack.mitre.org/tactics/enterprise/)
Reference: https://docs.aws.amazon.com/eks/latest/userguide/network_reqs.html
Severity: Info
Description: > # (Optional)
This detection identifies if an activity is recorded in the Kubernetes audit log where
Expand Down

0 comments on commit 2b18565

Please sign in to comment.