[FEATURE] Keep OpenSearch Security Plugin SIGMA rules up to date as of Dec 2023 #838
Labels
enhancement
New feature or request
Comments
riysaxen-amzn
pushed a commit
to riysaxen-amzn/security-analytics
that referenced
this issue
Feb 20, 2024
Signed-off-by: Amardeepsingh Siglani <amardeep7194@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
As a security analyst and operator,
I want to utilise up-to-date SIGMA rules in the OpenSearch Security Plugin, so that I can utilise current contributions from the opensource community.
For example - at the time of writing this - the Okta rules in Security Plugin repo (main branch) have not been updated since February 2023 - with 13 rules available , while the SIGMA repo (master branch) Okta rules were last updated in December 2023 - with 21 rules available, notably including rules based on the high-profile Okta breach in 2023.
The text was updated successfully, but these errors were encountered: