New Detections:
- Multi-factor authentication disabled (o365)
- Excessive Authentication Failures Alert (o365)
- PST Export Alert (o365)
- Detect high number of login failures from a single source
- Detect Supernova Webshell (used in SUNBURST)
Updates:
- High number of login failures from a single source detection
- Deprecated AWS Searches that have been translated.
Other - Circle CI Config updates
- Increase in testing coverage