Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Wiz audit rules #1323

Merged
merged 14 commits into from
Sep 16, 2024
Merged

Wiz audit rules #1323

merged 14 commits into from
Sep 16, 2024

Conversation

akozlovets098
Copy link
Contributor

Wiz audit rules based on sample logs

@github-actions GitHub Actions
Copy link

github-actions bot commented Aug 9, 2024

😱
looks like some things could be wrong with the packs

[INFO][root]: ignoring file dependabot.yml

@arielkr256 arielkr256 added the enhancement New feature or request label Sep 4, 2024
@arielkr256 arielkr256 added rules Real-time log data detections and removed enhancement New feature or request labels Sep 11, 2024
@arielkr256 arielkr256 marked this pull request as ready for review September 16, 2024 21:08
@arielkr256 arielkr256 requested a review from a team as a code owner September 16, 2024 21:08
arielkr256 and others added 10 commits September 16, 2024 15:23
@arielkr256 @le4ker @melenevskyi
traildiscover enrichment with managed schema (#1177)
b11d926 
* traildiscover enrichment with managed schema

* Add npm install in dockerfile (#1172)

* add npm install in dockerfile

* Remove Python optimizations; add prettier to PATH

---------

Co-authored-by: egibs <[email protected]>

* schema name: TrailDiscover.CloudTrail

* Fix Dockerfile; add Workflow to test image

* updated data set

* Add MongoDB.2FA.Disabled rule (#1190)

Co-authored-by: Ariel Ropek <[email protected]>

* lint and fmt

* fmt

* add OCSF selector

* additional OCSF mappings

* Fix Pipfile

* Rebase changes

---------

Co-authored-by: Panos Sakkos <[email protected]>
Co-authored-by: egibs <[email protected]>
Co-authored-by: Oleh Melenevskyi <[email protected]>
@arielkr256
Update PAT to 0.46.0 (#1216)
8bc62df
@arielkr256
sample_logs
d8c512b
@akozlovets098 @arielkr256
Wiz Audit rules (without Mitre mappings, Severities and Runbooks)
0f31425
@akozlovets098 @arielkr256
Wiz Audit rules (updated Mitre mappings, Severities and Runbooks)
069d06a
@arielkr256
Validate on PR approval (#1354)
6595a59
@arielkr256
more correlation rules from AWS re:inforce (#1289)
937b5a9 
* more correlation rules from AWS re:inforce

* unit tests
@arielkr256
MITRE ATT&CK and severity
d4ee91c
@arielkr256
packs
8fa51ec
@arielkr256
pipfile update
f35ac04
@arielkr256 arielkr256 enabled auto-merge (squash) September 16, 2024 21:54
@arielkr256 arielkr256 disabled auto-merge September 16, 2024 21:54
@arielkr256 arielkr256 enabled auto-merge (squash) September 16, 2024 21:54
@arielkr256 arielkr256 merged commit a39d69c into release Sep 16, 2024
7 checks passed
@arielkr256 arielkr256 deleted the wiz-audit-rules branch September 16, 2024 21:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arielkr256 arielkr256 arielkr256 approved these changes

Assignees
No one assigned
Labels
rules Real-time log data detections
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@akozlovets098 @arielkr256