wazuh/wazuh-ruleset v3.13.0

Wazuh Ruleset v3.13.0

on GitHub

Added

• Added rules and decoders for macOS sshd logs (#593)
• Added TSC/SOC compliance mapping (#613)
• Added rules and decoders for PaloAlto logs (#658)
• Added rules and decoder to monitor the FIM database status. (#4717)
• Added rules for WAF. (#687)

Changed

• Changed description of Vulnerability Detector rules (#638)
• Changed squid decoders (#672)

Fixed

• Fix the provider name so that Windows Eventlog logs match with the Wazuh rules. (#662)
• Fixed static filters related to the system_name field. (#684)
• Remove trailing whitespaces in the group name section of the ruleset. Thanks to Kevin Branch (@branchnetconsulting). (#667)
• Remove invalid zeroes from rules id. Thanks to @lucanus81. (#691)