Issues
is:issue state:open
is:issue state:open
Search results
[FR] Remote Validation for ES|QL Rules
documentationImprovements or additions to documentationImprovements or additions to documentationenhancementNew feature or requestNew feature or requestesqlES|QLES|QLStatus: Open.#5222 In elastic/detection-rules;[New Rule] Azure Compute Restore Point Collection Deleted
Integration: Azureazure related rulesazure related rulesRule: NewProposal for new ruleProposal for new ruleStatus: Open.#5216 In elastic/detection-rules;[New Rule] Azure Recovery Services Deletion
Rule: NewProposal for new ruleProposal for new ruleStatus: Open.#5213 In elastic/detection-rules;[New Rule] Azure Compute Snapshot Deletion(s)
Integration: Azureazure related rulesazure related rulesRule: NewProposal for new ruleProposal for new ruleStatus: Open.#5210 In elastic/detection-rules;[Rule Tuning] Suspicious PowerShell Engine ImageLoad - Docker Desktop
Rule: Tuningtweaking or tuning an existing ruletweaking or tuning an existing ruleStatus: Open.#5208 In elastic/detection-rules;[Rule Tuning] Potential Application Shimming via Sdbinst - sysMergeInboxStoreApp.sdb
Rule: Tuningtweaking or tuning an existing ruletweaking or tuning an existing ruleStatus: Open.#5207 In elastic/detection-rules;[Rule Tuning] Potential PowerShell Obfuscated Script - Ansible
Rule: Tuningtweaking or tuning an existing ruletweaking or tuning an existing ruleStatus: Open.#5206 In elastic/detection-rules;[Rule Tuning] AWS Access Token Used from Multiple Addresses - possible Defender for Cloud Apps
Rule: Tuningtweaking or tuning an existing ruletweaking or tuning an existing ruleStatus: Open.#5205 In elastic/detection-rules;[Rule Tuning] Unusual High Word Policy Blocks Detected
Rule: Tuningtweaking or tuning an existing ruletweaking or tuning an existing ruleStatus: Open.#5204 In elastic/detection-rules;[Rule Tuning] Unusual High Denied Topic Blocks Detected
Rule: Tuningtweaking or tuning an existing ruletweaking or tuning an existing ruleStatus: Open.#5203 In elastic/detection-rules;[Rule Tuning] Unusual High Denied Sensitive Information Policy Blocks Detected
Rule: Tuningtweaking or tuning an existing ruletweaking or tuning an existing ruleStatus: Open.#5202 In elastic/detection-rules;[New Rule] Azure Storage Account Deletion
Integration: Azureazure related rulesazure related rulesRule: NewProposal for new ruleProposal for new ruleStatus: Open.#5199 In elastic/detection-rules;