Sec-Ops is proud to present Release 6! Chock full of Out of the Box Alerts.
The Devo Threat Research team has released a new set of detections to our customers. In Release 6, we are releasing new detections spread across Office 365, Microsoft Azure, Windows, and now Linux technologies. These data sources are among some of the largest ingested into Devo and help protect our customers against common attacks. Release 6 brings the Security Operations Out Of The Box alerts total to 385 signature based detections with hundreds more on the way.
Full release notes and details of every alert in this Alert Pack.
Here is a sample of 5 of the new Alerts:
- Detects a GetSecretValue action where the source IP does not belong in an Amazon instance IP space.
- Detects the deletion of Web Server access logs.
- Detects the deletion of sensitive Linux system logs
- Detects the deletion of SSH Key.
- Detects for suspicious setcap utility execution to enable SUID bit.
Check out the full release notes here.