Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sync this fork to panther-labs/panther-analysis v3.41.0 #1

Open
wants to merge 11 commits into
base: main
Choose a base branch
from
Open

sync this fork to panther-labs/panther-analysis v3.41.0 #1

wants to merge 11 commits into from

Commits on Feb 13, 2024

  1. updated broken link (panther-labs#78) (panther-labs#1103) 

    Co-authored-by: Ariel Ropek <[email protected]>
    @arielkr256
    Evan Gibler and arielkr256 authored Feb 13, 2024
    Configuration menu
    Copy the full SHA
    60aaeb7 View commit details
    Browse the repository at this point in the history

  2. [sync] GCP compute.instances.create Privilege Escalation - rule (pant… 

    …her-labs#63) (panther-labs#1100)

* GCP compute.instances.create Privilege Escalation - rule

* GCP compute.instances.create Privilege Escalation - check KeyPath existence

* GCP compute.instances.create Privilege Escalation - python rule

* GCP compute.instances.create Privilege Escalation - linter fix

Co-authored-by: akozlovets098 <[email protected]>
    @akozlovets098
    Evan Gibler and akozlovets098 authored Feb 13, 2024
    Configuration menu
    Copy the full SHA
    9b31818 View commit details
    Browse the repository at this point in the history

  3. [sync] Add GCP.Storage.Hmac.Keys.Create detection rule (panther-labs#64 

    …) (panther-labs#1101)

Co-authored-by: Oleh Melenevskyi <[email protected]>
    @melenevskyi
    Evan Gibler and melenevskyi authored Feb 13, 2024
    Configuration menu
    Copy the full SHA
    5b622ef View commit details
    Browse the repository at this point in the history

  4. [sync] Add GCP.Kubernetes.New.Daemonset.Deployed rule (panther-labs#76)… 

    … (panther-labs#1102)

Co-authored-by: Oleh Melenevskyi <[email protected]>
    @melenevskyi
    Evan Gibler and melenevskyi authored Feb 13, 2024
    Configuration menu
    Copy the full SHA
    56df42b View commit details
    Browse the repository at this point in the history

  5. [sync] GitHub Data Model Admin Actions update (panther-labs#79) (pant… 

    …her-labs#1104)

* action = 'team.add_repository' and perm = 'admin'

* fmt

---------

Co-authored-by: Ariel Ropek <[email protected]>
    @arielkr256
    Evan Gibler and arielkr256 authored Feb 13, 2024
    Configuration menu
    Copy the full SHA
    e60b7c7 View commit details
    Browse the repository at this point in the history

  6. [sync] Add GCP.K8s.IOC.Activity rule (panther-labs#80) (panther-labs#… 

    …1105)

* Add GCP.K8s.IOC.Activity rule

* Update rules/gcp_k8s_rules/gcp_k8s_ioc_activity.yml



---------

Co-authored-by: Oleh Melenevskyi <[email protected]>
    @melenevskyi
    Evan Gibler and melenevskyi authored Feb 13, 2024
    Configuration menu
    Copy the full SHA
    c28793b View commit details
    Browse the repository at this point in the history

  7. [sync] GCP K8S Privileged Pod Created - rule (panther-labs#81) (panth… 

    …er-labs#1106)

Co-authored-by: akozlovets098 <[email protected]>
    @akozlovets098
    Evan Gibler and akozlovets098 authored Feb 13, 2024
    Configuration menu
    Copy the full SHA
    3f5e90d View commit details
    Browse the repository at this point in the history

  8. build(deps): bump aws-actions/configure-aws-credentials from 4.0.1 to… 

    … 4.0.2 (panther-labs#1099)

Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@010d0da...e3dd6a4)

---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Evan Gibler <[email protected]>
    @dependabot
    dependabot[bot] and Evan Gibler authored Feb 13, 2024
    Configuration menu
    Copy the full SHA
    38b4707 View commit details
    Browse the repository at this point in the history

  9. standard_rules/impossible_travel_login: set IS_PRIVATE_RELAY to true … 

    …only when private relay is in use (panther-labs#1098)

Co-authored-by: Evan Gibler <[email protected]>
    Sam Kottler and Evan Gibler authored Feb 13, 2024
    Configuration menu
    Copy the full SHA
    bdc9e86 View commit details
    Browse the repository at this point in the history

  10. [sync] added config tags and enabled rules w/o config (panther-labs#75)… 

    … (panther-labs#1107)

Co-authored-by: Ariel Ropek <[email protected]>
    @arielkr256
    Evan Gibler and arielkr256 authored Feb 13, 2024
    Configuration menu
    Copy the full SHA
    ae19c50 View commit details
    Browse the repository at this point in the history

  11. Update panther_analysis_tool version (panther-labs#1108) 

    * Update panther_analysis_tool version

* make deps-update
    @nskobov
    nskobov authored Feb 13, 2024
    Configuration menu
    Copy the full SHA
    50fd32b View commit details
    Browse the repository at this point in the history