Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Mitigation policies #319

Merged
merged 4 commits into from
Dec 5, 2022
Merged

Mitigation policies #319

merged 4 commits into from
Dec 5, 2022

Conversation

Trinity2019
Copy link
Contributor

@Trinity2019 Trinity2019 commented Nov 28, 2022
edited
Loading

Change Summary

Add mitigation_policies to Windows process creation events.

Sample values

                "mitigation_policies": [
                    "Microsoft only",
                    "CET dynamic APIs can only be called out of proc",
                    "CF Guard"
                ],

Sample document:

Here's a sample process event document.

Release Target

8.7.0

For mapping changes:

  • I ran make after making the schema changes, and committed all changes

@Trinity2019 Trinity2019 requested a review from a team as a code owner November 28, 2022 03:21
@elasticmachine
Copy link
Contributor

elasticmachine commented Nov 28, 2022
edited
Loading

💚 Build Succeeded

the below badges are clickable and redirect to their specific view in the CI or DOCS
Pipeline View Test View Changes Artifacts preview preview

Expand to view the summary

Build stats

  • Start Time: 2022-11-29T23:11:36.444+0000

  • Duration: 9 min 37 sec

🤖 GitHub comments

Expand to view the GitHub comments

To re-run your PR in the CI, just comment with:

  • /test : Re-trigger the build.

@Trinity2019 Trinity2019 enabled auto-merge (squash) November 29, 2022 05:19
@Trinity2019
Copy link
Contributor Author

/test

@Trinity2019
Copy link
Contributor Author

@elastic/security-onboarding-and-lifecycle-mgt could anyone review this pr if anyone got any spare cycles?

@Trinity2019
Copy link
Contributor Author

@elastic/security-onboarding-and-lifecycle-mgt can I get some review of this pr or is it code freezing time? Thanks in advance!

@kevinlog
Copy link
Contributor

kevinlog commented Dec 5, 2022

@Trinity2019 - apologies for the late review. This looks good to me. We were working out some issues with the 8.6.0 package and merged a couple bug fixes last week.

This change looks good to me and is purely additive, so it won't cause any mapping collisions.

@Trinity2019
Copy link
Contributor Author

Thanks all the reviewers! No worries about delay, all good :)

@Trinity2019 Trinity2019 merged commit 4a7289d into main Dec 5, 2022
@Trinity2019 Trinity2019 deleted the mitigation_policies branch December 5, 2022 16:53
@elasticmachine
Copy link
Contributor

Package endpoint - 8.7.0 containing this change is available at https://epr.elastic.co/search?package=endpoint

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@gabriellandau gabriellandau gabriellandau approved these changes

@ferullo ferullo ferullo approved these changes

@kevinlog kevinlog kevinlog approved these changes

@ashokaditya ashokaditya Awaiting requested review from ashokaditya ashokaditya was automatically assigned from elastic/security-onboarding-and-lifecycle-mgt

@dasansol92 dasansol92 Awaiting requested review from dasansol92 dasansol92 was automatically assigned from elastic/security-onboarding-and-lifecycle-mgt

Assignees
No one assigned
Labels
v8.7.0
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@Trinity2019 @elasticmachine @kevinlog @gabriellandau @ferullo