Update v8.12.24
editUpdate v8.12.24
editThis section lists all updates associated with version 8.12.24 of the Fleet integration Prebuilt Security Detection Rules.
Rule | Description | Status | Version |
---|---|---|---|
Identifies when a single AWS resource is making |
new |
2 |
|
Identifies when a single AWS resource is making |
new |
2 |
|
Identifies attempts to brute force a Microsoft 365 user account. An adversary may attempt a brute force attack to obtain unauthorized access to user accounts. |
new |
210 |
|
Detects successful single sign-on (SSO) events to Okta applications from an unrecognized or "unknown" client device, as identified by the user-agent string. This activity may be indicative of exploitation of a vulnerability in Okta’s Classic Engine, which could allow an attacker to bypass application-specific sign-on policies, such as device or network restrictions. The vulnerability potentially enables unauthorized access to applications using only valid, stolen credentials, without requiring additional authentication factors. |
new |
1 |