Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

sync this fork to panther-labs/panther-analysis v3.42.0 #2

Open
wants to merge 14 commits into
base: main
Choose a base branch
from

Conversation

github-actions[bot]
Copy link

No description provided.

Evan Gibler and others added 14 commits February 13, 2024 19:50
Co-authored-by: Ariel Ropek <79653153+arielkr256@users.noreply.github.com>
…her-labs#63) (panther-labs#1100)

* GCP compute.instances.create Privilege Escalation - rule

* GCP compute.instances.create Privilege Escalation - check KeyPath existence

* GCP compute.instances.create Privilege Escalation - python rule

* GCP compute.instances.create Privilege Escalation - linter fix

Co-authored-by: akozlovets098 <95437895+akozlovets098@users.noreply.github.com>
…) (panther-labs#1101)

Co-authored-by: Oleh Melenevskyi <767472+melenevskyi@users.noreply.github.com>
… (panther-labs#1102)

Co-authored-by: Oleh Melenevskyi <767472+melenevskyi@users.noreply.github.com>
…her-labs#1104)

* action = 'team.add_repository' and perm = 'admin'

* fmt

---------

Co-authored-by: Ariel Ropek <79653153+arielkr256@users.noreply.github.com>
…1105)

* Add GCP.K8s.IOC.Activity rule

* Update rules/gcp_k8s_rules/gcp_k8s_ioc_activity.yml



---------

Co-authored-by: Oleh Melenevskyi <767472+melenevskyi@users.noreply.github.com>
…er-labs#1106)

Co-authored-by: akozlovets098 <95437895+akozlovets098@users.noreply.github.com>
… 4.0.2 (panther-labs#1099)

Bumps [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) from 4.0.1 to 4.0.2.
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@010d0da...e3dd6a4)

---
updated-dependencies:
- dependency-name: aws-actions/configure-aws-credentials
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Evan Gibler <evan.gibler@panther.com>
…only when private relay is in use (panther-labs#1098)

Co-authored-by: Evan Gibler <evan.gibler@panther.com>
… (panther-labs#1107)

Co-authored-by: Ariel Ropek <79653153+arielkr256@users.noreply.github.com>
* Update panther_analysis_tool version

* make deps-update
* Add SDYAML directories for Rules

* Make simple_rules a top-level directory
* Add .Simple suffix to Simple Rule IDs (panther-labs#1112)

* Add .Simple suffix to Simple Rule IDs

* Update Rule IDs in Packs

* [sync] Add GCP GKE Kubernetes Cron Job Created Or Modified rule (panther-labs#68) (panther-labs#1113)

* Add GCP GKE Kubernetes Cron Job Created Or Modified rule (panther-labs#68)

Co-authored-by: Evan Gibler <evan.gibler@panther.com>

* Move to simple_rules

---------

Co-authored-by: Oleh Melenevskyi <767472+melenevskyi@users.noreply.github.com>

* [sync] Add GCP.K8s.Pod.Using.Host.PID.Namespace rule (panther-labs#84) (panther-labs#1114)

* Add GCP.K8s.Pod.Using.Host.PID.Namespace rule

* Update filename

* Add .Simple suffix to Rule ID

---------

Co-authored-by: Oleh Melenevskyi <767472+melenevskyi@users.noreply.github.com>
Co-authored-by: akozlovets098 <95437895+akozlovets098@users.noreply.github.com>

* [sync] GCP K8S Pod Create Or Modify Host Path Volume Mount - rule (panther-labs#85) (panther-labs#1115)

Co-authored-by: akozlovets098 <95437895+akozlovets098@users.noreply.github.com>

* [sync] GCP K8S Service Type NodePort Deployed - rule (panther-labs#86) (panther-labs#1116)

* GCP K8S Service Type NodePort Deployed - rule

* GCP K8S Service Type NodePort Deployed - moved to simple rules folder

* Update filename

* Add .Simple suffix to Rule ID

---------

Co-authored-by: akozlovets098 <95437895+akozlovets098@users.noreply.github.com>

---------

Co-authored-by: Oleh Melenevskyi <767472+melenevskyi@users.noreply.github.com>
Co-authored-by: akozlovets098 <95437895+akozlovets098@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

1 participant