New Detections
- Added new detection for detect_windows_dns_sigred_via_splunk_stream.yml
- Added new detection for detect_windows_dns_sigred_via_zeek.yml
- Added new detection for f5_tmui_rce_cve_2020_5902.yml
- Added new detection for aws_detect_attach_to_role_policy.yml
- Added new detection for aws_detect_permanent_key_creation.yml
- Added new detection for aws_detect_role_creation.yml
- Added new detection for aws_detect_sts_assume_role_abuse.yml
- Added new detection for detections/aws_detect_sts_get_session_token_abuse.yml
Updates
- Updated malicious_powershell_process___encoded_command.yml
- Updated smb_traffic_spike.yml
Fixed Issues
N/A
Other
- Added automated testing capabilities via CI under the tests folder.