Commit 01f12f1
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
[Rule Tuning] 3rd Party EDR - Add Crowdstrike FDR support - 1 (#4220)
* [Rule Tuning] 3rd Party EDR - Add Crowdstrike FDR support - 1
* Update Integrations unit tests
* Update test_all_rules.py
Removed changes from:
- rules/windows/collection_email_powershell_exchange_mailbox.toml
- rules/windows/command_and_control_headless_browser.toml
- rules/windows/command_and_control_rdp_tunnel_plink.toml
- rules/windows/command_and_control_screenconnect_childproc.toml
- rules/windows/command_and_control_tunnel_vscode.toml
- rules/windows/credential_access_domain_backup_dpapi_private_keys.toml
- rules/windows/credential_access_kirbi_file.toml
- rules/windows/credential_access_relay_ntlm_auth_via_http_spoolss.toml
- rules/windows/defense_evasion_disable_windows_firewall_rules_with_netsh.toml
- rules/windows/defense_evasion_dotnet_compiler_parent_process.toml
(selectively cherry picked from commit 81292ae)1 parent 28393f3 commit 01f12f1
File tree
4 files changed
+4
-2
lines changed- detection_rules
- etc
- schemas
- tests
4 files changed
+4
-2
lines changedBinary file not shown.
Binary file not shown.
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
79 | 79 | | |
80 | 80 | | |
81 | 81 | | |
82 | | - | |
| 82 | + | |
| 83 | + | |
83 | 84 | | |
84 | 85 | | |
85 | 86 | | |
| |||
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
353 | 353 | | |
354 | 354 | | |
355 | 355 | | |
356 | | - | |
| 356 | + | |
| 357 | + | |
357 | 358 | | |
358 | 359 | | |
359 | 360 | | |
| |||
0 commit comments