Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Update Teleport Rules #955

Merged
merged 4 commits into from
Dec 4, 2023
Merged

Update Teleport Rules #955

merged 4 commits into from
Dec 4, 2023

Conversation

jof
Copy link
Contributor

@jof jof commented Nov 20, 2023
edited
Loading

This PR is based off of the config system in #950, so those changes will show on this PR until that other PR lands.

Teleport Rules

This PR adds some new Gravitational Teleport rules, which leverage this new panther_config scheme introduced in #950

  • Add a Rule to detect user-like logins with company domains, but that are not using SAML
  • Added a Rule to detect SAML logins, but not using known company domains

@jof jof marked this pull request as ready for review November 20, 2023 19:07
@jof jof requested a review from a team November 20, 2023 19:07
@arielkr256
Copy link
Contributor

@jof would you be willing to split the few rules that rely on #950 into a separate PR? The config helper requires a bit more testing on our end to ensure it's not going to cause issues for customers using packs, and I don't want that to block the other updates to the Teleport rules.

@jof jof force-pushed the jof/public/teleport_rules branch from 9009f1a to b71308a Compare November 22, 2023 18:54
@jof jof requested a review from a team November 22, 2023 18:54
@jof
Copy link
Contributor Author

jof commented Nov 22, 2023
edited
Loading

@jof would you be willing to split the few rules that rely on #950 into a separate PR? The config helper requires a bit more testing on our end to ensure it's not going to cause issues for customers using packs, and I don't want that to block the other updates to the Teleport rules.

@arielkr256 Sure, that sounds good to me. I will start another PR for updating Teleport rules, but which don't require this panther_config scheme.

The other PR is #966

@jof jof requested a review from reedloden November 22, 2023 19:03
@jof jof force-pushed the jof/public/teleport_rules branch 2 times, most recently from b71f570 to 80cd154 Compare November 28, 2023 23:00
@jof jof force-pushed the jof/public/teleport_rules branch from 80cd154 to ecbe52c Compare November 28, 2023 23:00
arielkr256
arielkr256 approved these changes Dec 4, 2023
View reviewed changes
Copy link
Contributor

@arielkr256 arielkr256 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@arielkr256 arielkr256 merged commit b863082 into panther-labs:main Dec 4, 2023
3 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arielkr256 arielkr256 arielkr256 approved these changes

@reedloden reedloden Awaiting requested review from reedloden

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jof @arielkr256 @reedloden