paulmataruso/main
1
0
Fork 0
mirror of https://github.com/socfortress/Wazuh-Rules.git synced 2025-11-02 04:43:15 +00:00
Code Issues Packages Projects Releases Wiki Activity
58 Commits 1 Branch 1 Tag
3379a94a088accbe5e2a0ae19802dba12cc209a3
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
SOCFortress 3379a94a08 Update README.md
2022-08-08 16:12:53 -05:00
Modsecutiry
Create 100100-Modsecurity.xml
2022-08-08 09:37:29 -05:00
Office 365
Update README.md
2022-08-08 16:12:33 -05:00
Office Defender
Update README.md
2022-08-08 16:12:43 -05:00
Suricata
Update README.md
2022-08-08 16:12:53 -05:00
Threat Intel
Create README.md
2022-08-08 10:28:36 -05:00
Windows_Sysmon
Create agent.conf
2022-08-08 10:30:55 -05:00
README.md
Update README.md
2022-08-08 09:15:27 -05:00

README.md

SOCFortress Wazuh-Rules N|Solid N|Solid N|Solid

logo_website (1)

Have Wazuh deployed and ingesting your logs but looking for some better detection rules? Look no further. The objective for this repo is to provide the Wazuh community with rulesets that are more accurate, descriptive, and enriched from various sources and integrations.

FEEL FREE TO MERGE REQUEST ANY RULES THAT YOU THINK THE COMMUNITY COULD BENEFIT FROM

Categories of various tools that this repo containes rules for are below

  • Sysmon for Windows
  • Sysmon for Linux
  • Office365
  • Microsoft Defender
  • Sophos
  • MISP
  • Osquery
  • Yara
  • Suricata
  • Packetbeat
  • Falco
  • Modsecurity
  • F-Secure
  • Domain Stats
  • Snyk
  • Autoruns
  • Sigcheck
  • Powershell
Reference in New Issue View Git Blame Copy Permalink
Description
Advanced Wazuh Rules for more accurate threat detection. Feel free to implement within your own Wazuh environment, contribute, or fork!
Readme 11 MiB
Languages
Python 45.7%
Shell 36.4%
PowerShell 17.3%
Batchfile 0.6%