Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sync this fork to panther-labs/panther-analysis v3.42.0 #2

Open
wants to merge 14 commits into
base: main
Choose a base branch
from
Open

sync this fork to panther-labs/panther-analysis v3.42.0 #2

wants to merge 14 commits into from

Conversation

github-actions[bot]
Copy link

No description provided.

Evan Gibler and others added 14 commits February 13, 2024 19:50
@arielkr256
updated broken link (panther-labs#78) (panther-labs#1103)
60aaeb7 
Co-authored-by: Ariel Ropek <[email protected]>
@akozlovets098
[sync] GCP compute.instances.create Privilege Escalation - rule (pant…
9b31818 
…her-labs#63) (panther-labs#1100)

* GCP compute.instances.create Privilege Escalation - rule

* GCP compute.instances.create Privilege Escalation - check KeyPath existence

* GCP compute.instances.create Privilege Escalation - python rule

* GCP compute.instances.create Privilege Escalation - linter fix

Co-authored-by: akozlovets098 <[email protected]>
@melenevskyi
[sync] Add GCP.Storage.Hmac.Keys.Create detection rule (panther-labs#64
5b622ef 
…) (panther-labs#1101)

Co-authored-by: Oleh Melenevskyi <[email protected]>
@melenevskyi
[sync] Add GCP.Kubernetes.New.Daemonset.Deployed rule (panther-labs#76)…
56df42b 
… (panther-labs#1102)

Co-authored-by: Oleh Melenevskyi <[email protected]>
@arielkr256
[sync] GitHub Data Model Admin Actions update (panther-labs#79) (pant…
e60b7c7 
…her-labs#1104)

* action = 'team.add_repository' and perm = 'admin'

* fmt

---------

Co-authored-by: Ariel Ropek <[email protected]>
@melenevskyi
[sync] Add GCP.K8s.IOC.Activity rule (panther-labs#80) (panther-labs#…
c28793b 
…1105)

* Add GCP.K8s.IOC.Activity rule

* Update rules/gcp_k8s_rules/gcp_k8s_ioc_activity.yml



---------

Co-authored-by: Oleh Melenevskyi <[email protected]>
@akozlovets098
[sync] GCP K8S Privileged Pod Created - rule (panther-labs#81) (panth…
3f5e90d 
…er-labs#1106)

Co-authored-by: akozlovets098 <[email protected]>
@dependabot
build(deps): bump aws-actions/configure-aws-credentials from 4.0.1 to…
38b4707 
… 4.0.2 (panther-labs#1099)

Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@010d0da...e3dd6a4)

---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Evan Gibler <[email protected]>
standard_rules/impossible_travel_login: set IS_PRIVATE_RELAY to true …
bdc9e86 
…only when private relay is in use (panther-labs#1098)

Co-authored-by: Evan Gibler <[email protected]>
@arielkr256
[sync] added config tags and enabled rules w/o config (panther-labs#75)…
ae19c50 
… (panther-labs#1107)

Co-authored-by: Ariel Ropek <[email protected]>
@nskobov
Update panther_analysis_tool version (panther-labs#1108)
50fd32b 
* Update panther_analysis_tool version

* make deps-update
Add SDYAML directories for Rules (panther-labs#1110)
49db59c 
* Add SDYAML directories for Rules

* Make simple_rules a top-level directory
Add _simple suffix to SDYAML Rules (panther-labs#1111)
0ea1223
@melenevskyi @akozlovets098
Prepare for 3.42.0 (panther-labs#1117)
f03e975 
* Add .Simple suffix to Simple Rule IDs (panther-labs#1112)

* Add .Simple suffix to Simple Rule IDs

* Update Rule IDs in Packs

* [sync] Add GCP GKE Kubernetes Cron Job Created Or Modified rule (panther-labs#68) (panther-labs#1113)

* Add GCP GKE Kubernetes Cron Job Created Or Modified rule (panther-labs#68)

Co-authored-by: Evan Gibler <[email protected]>

* Move to simple_rules

---------

Co-authored-by: Oleh Melenevskyi <[email protected]>

* [sync] Add GCP.K8s.Pod.Using.Host.PID.Namespace rule (panther-labs#84) (panther-labs#1114)

* Add GCP.K8s.Pod.Using.Host.PID.Namespace rule

* Update filename

* Add .Simple suffix to Rule ID

---------

Co-authored-by: Oleh Melenevskyi <[email protected]>
Co-authored-by: akozlovets098 <[email protected]>

* [sync] GCP K8S Pod Create Or Modify Host Path Volume Mount - rule (panther-labs#85) (panther-labs#1115)

Co-authored-by: akozlovets098 <[email protected]>

* [sync] GCP K8S Service Type NodePort Deployed - rule (panther-labs#86) (panther-labs#1116)

* GCP K8S Service Type NodePort Deployed - rule

* GCP K8S Service Type NodePort Deployed - moved to simple rules folder

* Update filename

* Add .Simple suffix to Rule ID

---------

Co-authored-by: akozlovets098 <[email protected]>

---------

Co-authored-by: Oleh Melenevskyi <[email protected]>
Co-authored-by: akozlovets098 <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@nskobov