New Detections
- AWS detect users creating keys with encrypt policy without MFA
- BCDEdit Failure Recovery Modification
- AWS network access control list created with all open ports
- AWS network access control list deleted
- Detect new open S3 Buckets over AWS CLI
- O365 bypass MFA via trusted IP
- Detect hosts connecting to dynamic domain providers
Updates
- AWS detect users with kms keys performing encryption against S3 buckets
- Detect new open S3 buckets
Other
- Circle CI Config updates
- Increase in testing coverage
- Added notable alert action configurations to all savedsearches