Path	Lines of Code
Solutions/1Password/Analytics Rules/1Password - Changes to SSO configuration.yaml	51
Solutions/1Password/Analytics Rules/1Password - Changes to firewall rules.yaml	51
Solutions/1Password/Analytics Rules/1Password - Disable MFA factor or type for all user accounts.yaml	49
Solutions/1Password/Analytics Rules/1Password - Log Ingestion Failure.yaml	39
Solutions/1Password/Analytics Rules/1Password - Manual account creation.yaml	55
Solutions/1Password/Analytics Rules/1Password - New service account integration created.yaml	51
Solutions/1Password/Analytics Rules/1Password - Non-privileged vault user permission change.yaml	65
Solutions/1Password/Analytics Rules/1Password - Potential insider privilege escalation via group.yaml	62
Solutions/1Password/Analytics Rules/1Password - Potential insider privilege escalation via vault.yaml	57
Solutions/1Password/Analytics Rules/1Password - Privileged vault permission change.yaml	66
Solutions/1Password/Analytics Rules/1Password - Secret Extraction Post Vault Access Change By Administrator.yaml	78
Solutions/1Password/Analytics Rules/1Password - Service account integration token adjustment.yaml	51
Solutions/1Password/Analytics Rules/1Password - Successful anomalous sign-in.yaml	66
Solutions/1Password/Analytics Rules/1Password - User account MFA settings changed.yaml	50
Solutions/1Password/Analytics Rules/1Password - User added to privileged group.yaml	69
Solutions/1Password/Analytics Rules/1Password - Vault Export Post Account Creation.yaml	63
Solutions/1Password/Analytics Rules/1Password - Vault Export.yaml	48
Solutions/1Password/Analytics Rules/1Password - Vault export prior to account suspension or deletion.yaml	71
Solutions/1Password/Data Connectors/Modules/HelperFunctions/HelperFunctions.psm1	351
Solutions/1Password/Data Connectors/function/run.ps1	61
Solutions/1Password/Data Connectors/profile.ps1	19
Solutions/1Password/Data Connectors/requirements.psd1	9
Solutions/42Crunch API Protection/Analytic Rules/APIAPIScaping.yaml	46
Solutions/42Crunch API Protection/Analytic Rules/APIAccountTakeover.yaml	45
Solutions/42Crunch API Protection/Analytic Rules/APIAnomalyDetection.yaml	48
Solutions/42Crunch API Protection/Analytic Rules/APIBOLA.yaml	56
Solutions/42Crunch API Protection/Analytic Rules/APIFirstTimeAccess.yaml	51
Solutions/42Crunch API Protection/Analytic Rules/APIInvalidHostAccess.yaml	42
Solutions/42Crunch API Protection/Analytic Rules/APIJWTValidation.yaml	44
Solutions/42Crunch API Protection/Analytic Rules/APIKiterunnerDetection.yaml	47
Solutions/42Crunch API Protection/Analytic Rules/APIPasswordCracking.yaml	45
Solutions/42Crunch API Protection/Analytic Rules/APIRateLimiting.yaml	44
Solutions/42Crunch API Protection/Analytic Rules/APISuspiciousLogin.yaml	47
Solutions/AIShield AI Security Monitoring/Analytic Rules/BIIDetectionVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/BanTopicVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/BlockCompetitorVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/BlockSubstringVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/CodeDetectionVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/ContentAccessControlAllowedListVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/ContentAccessControlBlockedListVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/ContentSafetyProfanityVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/ContentSafetyToxicityVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/GenderBiasVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/ImageClassficationModelEvasionHighSuspiciousVulnDetection.yaml	43
Solutions/AIShield AI Security Monitoring/Analytic Rules/ImageClassficationModelEvasionLowSuspiciousVulnDetection.yaml	43
Solutions/AIShield AI Security Monitoring/Analytic Rules/ImageClassficationModelExtractionHighSuspiciousVulnDetection.yaml	43
Solutions/AIShield AI Security Monitoring/Analytic Rules/ImageSegmentationModelExtractionHighSuspiciousVulnDetection.yaml	43
Solutions/AIShield AI Security Monitoring/Analytic Rules/InputOutputRelevanceVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/InputRateLimiterVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/InvisibleTextVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/JSONPolicyViolationVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/LanguageDetectionVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/MaliciousURLDetectionVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/NaturalLanguageProcessingModelExtractionHighSuspiciousVulDetection.yaml	22
Solutions/AIShield AI Security Monitoring/Analytic Rules/NoLLMOutputVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/NotSafeForWorkVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/PrivacyProtectionPIIVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/RacialBiasVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/RegexVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/SameInOpLanguageDetectionVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/SecretsVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/SecurityIntegrityChecksPIIVulDetection.yaml	40
Solutions/AIShield AI Security Monitoring/Analytic Rules/SentimentVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/SpecialPIIDetectionVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/TabularClassificationModelEvasionHighSuspiciousVulnDetection.yaml	43
Solutions/AIShield AI Security Monitoring/Analytic Rules/TabularClassificationModelEvasionLowSuspiciousVulnDetection.yaml	43
Solutions/AIShield AI Security Monitoring/Analytic Rules/TabularClassificationModelExtractionHighSuspiciousVulnDetection.yaml	43
Solutions/AIShield AI Security Monitoring/Analytic Rules/TimeSeriesForecastingModelExtractionHighSuspiciousVulnDetection.yaml	43
Solutions/AIShield AI Security Monitoring/Analytic Rules/TokenLimitVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/URLDetectionVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Analytic Rules/URLReachabilityVulDetection.yaml	41
Solutions/AIShield AI Security Monitoring/Parsers/AIShield.yaml	23
Solutions/AIShield AI Security Monitoring/Parsers/Guardian.yaml	27
Solutions/ALC-WebCTRL/Data Connectors/TaskSetup/ALC-WebCTRL-AuditPull.ps1	103
Solutions/ALC-WebCTRL/Data Connectors/TaskSetup/ALC-WebCTRL-AuditPullTaskConfig.xml	50
Solutions/ARGOSCloudSecurity/Analytic Rules/ExploitableSecurityIssues.yaml	45
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/AddTagsToResource/__init__.py	85
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/CreateDocument/__init__.py	128
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/DeleteDocument/__init__.py	92
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/DescribeDocument/__init__.py	85
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/DescribeInstanceInformation/__init__.py	97
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/DescribeInstancePatches/__init__.py	93
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/GetAutomationExecution/__init__.py	81
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/GetDocument/__init__.py	89
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/GetInventory/__init__.py	96
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/ListDocuments/__init__.py	80
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/ListTagsForResource/__init__.py	76
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/RemoveTagFromResource/__init__.py	82
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/StartAutomationExecution/__init__.py	139
Solutions/AWS Systems Manager/Playbooks/CustomConnector/AWS_SSM_FunctionAppConnector/StopAutomationExecution/__init__.py	78
Solutions/AWSAthena/Playbooks/CustomConnector/AWSAthena_FunctionAppConnector/GetQueryExecution/__init__.py	61
Solutions/AWSAthena/Playbooks/CustomConnector/AWSAthena_FunctionAppConnector/GetQueryResults/__init__.py	78
Solutions/AWSAthena/Playbooks/CustomConnector/AWSAthena_FunctionAppConnector/ListDataCatalogs/__init__.py	47
Solutions/AWSAthena/Playbooks/CustomConnector/AWSAthena_FunctionAppConnector/ListDatabases/__init__.py	68
Solutions/AWSAthena/Playbooks/CustomConnector/AWSAthena_FunctionAppConnector/ListQueryExecutions/__init__.py	47
Solutions/AWSAthena/Playbooks/CustomConnector/AWSAthena_FunctionAppConnector/StartQueryExecution/__init__.py	77
Solutions/AWS_IAM/Playbooks/AWS_IAM_FunctionAppConnector/DeleteAccessKey/__init__.py	21
Solutions/AWS_IAM/Playbooks/AWS_IAM_FunctionAppConnector/DeleteUserPolicy/__init__.py	21
Solutions/AWS_IAM/Playbooks/AWS_IAM_FunctionAppConnector/DetachUserPolicy/__init__.py	22
Solutions/AWS_IAM/Playbooks/AWS_IAM_FunctionAppConnector/GetUser/__init__.py	28
Solutions/AWS_IAM/Playbooks/AWS_IAM_FunctionAppConnector/ListAccessKeys/__init__.py	25
Solutions/AWS_IAM/Playbooks/AWS_IAM_FunctionAppConnector/ListAttachedUserPolicies/__init__.py	25
Solutions/AWS_IAM/Playbooks/AWS_IAM_FunctionAppConnector/ListGroupsForUser/__init__.py	33
Solutions/AWS_IAM/Playbooks/AWS_IAM_FunctionAppConnector/ListUserPolicies/__init__.py	33
Solutions/AWS_IAM/Playbooks/AWS_IAM_FunctionAppConnector/TagUser/__init__.py	31
Solutions/AbnormalSecurity/Data Connectors/SentinelFunctionsOrchestrator/__init__.py	143
Solutions/AbnormalSecurity/Data Connectors/SentinelFunctionsOrchestrator/sentinel_connector_async.py	96
Solutions/AbnormalSecurity/Data Connectors/SentinelFunctionsOrchestrator/soar_connector_async.py	193
Solutions/AbnormalSecurity/Data Connectors/SentinelFunctionsOrchestrator/soar_connector_async_v2.py	230
Solutions/AbnormalSecurity/Data Connectors/SentinelFunctionsOrchestrator/soar_connector_async_v2_local_run.py	75
Solutions/AbnormalSecurity/Data Connectors/SentinelFunctionsOrchestrator/utils.py	135
Solutions/AbnormalSecurity/Data Connectors/SentinelTimerTrigger/__init__.py	13
Solutions/AbnormalSecurity/Data Connectors/SoarDatetimeEntity/__init__.py	30
Solutions/Agari/Data Connectors/AzureFunctionAgari/run.ps1	451
Solutions/Agari/Data Connectors/profile.ps1	18
Solutions/Agari/Data Connectors/requirements.psd1	7
Solutions/Akamai Security Events/Parsers/AkamaiSIEMEvent.yaml	96
Solutions/Alibaba Cloud/DataConnectors/AliCloudSentinelConnector/__init__.py	145
Solutions/Alibaba Cloud/DataConnectors/AliCloudSentinelConnector/state_manager.py	18
Solutions/Alibaba Cloud/Parsers/AliCloud.yaml	24
Solutions/Alsid For AD/Analytic Rules/ADAttacksPathways.yaml	40
Solutions/Alsid For AD/Analytic Rules/DCShadow.yaml	31
Solutions/Alsid For AD/Analytic Rules/DCSync.yaml	31
Solutions/Alsid For AD/Analytic Rules/GoldenTicket.yaml	31
Solutions/Alsid For AD/Analytic Rules/IndicatorsOfAttack.yaml	39
Solutions/Alsid For AD/Analytic Rules/IndicatorsOfExposures.yaml	39
Solutions/Alsid For AD/Analytic Rules/LSASSMemory.yaml	31
Solutions/Alsid For AD/Analytic Rules/PasswordGuessing.yaml	31
Solutions/Alsid For AD/Analytic Rules/PasswordIssues.yaml	40
Solutions/Alsid For AD/Analytic Rules/PasswordSpraying.yaml	31
Solutions/Alsid For AD/Analytic Rules/PrivilegedAccountIssues.yaml	40
Solutions/Alsid For AD/Analytic Rules/UserAccountIssues.yaml	40
Solutions/Alsid For AD/Parsers/afad_parser.yaml	113
Solutions/Amazon Web Services/Analytic Rules/AWS_APIfromTor.yaml	46
Solutions/Amazon Web Services/Analytic Rules/AWS_ChangeToRDSDatabase.yaml	51
Solutions/Amazon Web Services/Analytic Rules/AWS_ChangeToVPC.yaml	53
Solutions/Amazon Web Services/Analytic Rules/AWS_ClearStopChangeTrailLogs.yaml	52
Solutions/Amazon Web Services/Analytic Rules/AWS_ConfigServiceResourceDeletion.yaml	49
Solutions/Amazon Web Services/Analytic Rules/AWS_ConsoleLogonWithoutMFA.yaml	55
Solutions/Amazon Web Services/Analytic Rules/AWS_CreatedCRUDDyanmoDBPolicytoPrivilegeEscalation.yaml	77
Solutions/Amazon Web Services/Analytic Rules/AWS_CreatedCRUDIAMtoPrivilegeEscalation.yaml	77
Solutions/Amazon Web Services/Analytic Rules/AWS_CreatedCRUDKMSPolicytoPrivilegeEscalation.yaml	77
Solutions/Amazon Web Services/Analytic Rules/AWS_CreatedCRUDS3PolicytoPrivilegeEscalation.yaml	77
Solutions/Amazon Web Services/Analytic Rules/AWS_CreatedCURDLambdaPolicytoPrivilegEscalation.yaml	77
Solutions/Amazon Web Services/Analytic Rules/AWS_CreatedCloudFormationPolicytoPrivilegeEscalation.yaml	77
Solutions/Amazon Web Services/Analytic Rules/AWS_CreatedDataPipelinePolicytoPrivilegeEscalation.yaml	77
Solutions/Amazon Web Services/Analytic Rules/AWS_CreatedEC2PolicytoPrivilegeEscalation.yaml	77
Solutions/Amazon Web Services/Analytic Rules/AWS_CreatedGluePolicytoPrivilegeEscalation.yaml	77
Solutions/Amazon Web Services/Analytic Rules/AWS_CreatedSSMPolicytoPrivilegeEscalation.yaml	77
Solutions/Amazon Web Services/Analytic Rules/AWS_CreationofEncryptKeysWithoutMFA.yaml	52
Solutions/Amazon Web Services/Analytic Rules/AWS_CredentialHijack.yaml	52
Solutions/Amazon Web Services/Analytic Rules/AWS_ECRContainerHigh.yaml	47
Solutions/Amazon Web Services/Analytic Rules/AWS_ECRImageScanningDisabled.yaml	45
Solutions/Amazon Web Services/Analytic Rules/AWS_FullAdminPolicyAttachedToRolesUsersGroups.yaml	87
Solutions/Amazon Web Services/Analytic Rules/AWS_GuardDutyDisabled.yaml	42
Solutions/Amazon Web Services/Analytic Rules/AWS_GuardDuty_template.yaml	151
Solutions/Amazon Web Services/Analytic Rules/AWS_IngressEgressSecurityGroupChange.yaml	51
Solutions/Amazon Web Services/Analytic Rules/AWS_LoadBalancerSecGroupChange.yaml	52
Solutions/Amazon Web Services/Analytic Rules/AWS_LogTampering.yaml	49
Solutions/Amazon Web Services/Analytic Rules/AWS_NetworkACLOpenToAllPorts.yaml	48
Solutions/Amazon Web Services/Analytic Rules/AWS_OverlyPermessiveKMS.yaml	47
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationAdminManagedPolicy.yaml	44
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationAdministratorAccessManagedPolicy.yaml	44
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationFullAccessManagedPolicy.yaml	44
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationViaCRUDIAMPolicy.yaml	49
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationViaCRUDKMSPolicy.yaml	49
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationViaCRUDLambdaPolicy.yaml	49
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationViaCRUDS3Policy.yaml	49
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationViaCloudFormationPolicy.yaml	49
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationViaDataPipeline.yaml	49
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationViaEC2Policy.yaml	49
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationViaGluePolicy.yaml	49
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationViaSSM.yaml	49
Solutions/Amazon Web Services/Analytic Rules/AWS_PrivilegeEscalationviaCRUDDynamoDB.yaml	49
Solutions/Amazon Web Services/Analytic Rules/AWS_RDSInstancePubliclyExposed.yaml	43
Solutions/Amazon Web Services/Analytic Rules/AWS_S3BruteForce.yaml	64
Solutions/Amazon Web Services/Analytic Rules/AWS_S3BucketAccessPointExposed.yaml	48
Solutions/Amazon Web Services/Analytic Rules/AWS_S3BucketExposedviaACL.yaml	48
Solutions/Amazon Web Services/Analytic Rules/AWS_S3BucketExposedviaPolicy.yaml	48
Solutions/Amazon Web Services/Analytic Rules/AWS_S3ObjectPubliclyExposed.yaml	32
Solutions/Amazon Web Services/Analytic Rules/AWS_S3Ransomware.yaml	63
Solutions/Amazon Web Services/Analytic Rules/AWS_SAMLUpdateIdentity.yaml	42
Solutions/Amazon Web Services/Analytic Rules/AWS_SSMPubliclyExposed.yaml	44
Solutions/Amazon Web Services/Analytic Rules/AWS_SetDefaulyPolicyVersion.yaml	42
Solutions/Amazon Web Services/Analytic Rules/AWS_SuspiciousCommandEC2.yaml	58
Solutions/Amazon Web Services/Analytic Rules/NRT_AWS_ConsoleLogonWithoutMFA.yaml	50
Solutions/Amazon Web Services/Analytic Rules/SuspiciousAWSCLICommandExecution.yaml	67
Solutions/Amazon Web Services/Analytic Rules/SuspiciousAWSEC2ComputeResourceDeployments.yaml	48
Solutions/Amazon Web Services/Hunting Queries/AWS_AssumeRoleBruteForce.yaml	29
Solutions/Amazon Web Services/Hunting Queries/AWS_BucketVersioningSuspended.yaml	29
Solutions/Amazon Web Services/Hunting Queries/AWS_CreateAccessKey.yaml	29
Solutions/Amazon Web Services/Hunting Queries/AWS_CreateLoginProfile.yaml	29
Solutions/Amazon Web Services/Hunting Queries/AWS_EC2_WithoutKeyPair.yaml	31
Solutions/Amazon Web Services/Hunting Queries/AWS_ECRContainerLow.yaml	31
Solutions/Amazon Web Services/Hunting Queries/AWS_ECRContainerMedium.yaml	31
Solutions/Amazon Web Services/Hunting Queries/AWS_ExcessiveExecutionofDiscoveryEvents.yaml	30
Solutions/Amazon Web Services/Hunting Queries/AWS_FailedBruteForceS3Bucket.yaml	31
Solutions/Amazon Web Services/Hunting Queries/AWS_FailedBruteForceWithoutMFA.yaml	30
Solutions/Amazon Web Services/Hunting Queries/AWS_IAMAccsesDeniedDiscoveryEvents.yaml	28
Solutions/Amazon Web Services/Hunting Queries/AWS_IAMUserGroupChanges.yaml	31
Solutions/Amazon Web Services/Hunting Queries/AWS_IAM_PolicyChange.yaml	35
Solutions/Amazon Web Services/Hunting Queries/AWS_IAM_PrivilegeEscalationbyAttachment.yaml	52
Solutions/Amazon Web Services/Hunting Queries/AWS_LambdaFunctionThrottled.yaml	30
Solutions/Amazon Web Services/Hunting Queries/AWS_LambdaLayerImportedExternalAccount.yaml	34
Solutions/Amazon Web Services/Hunting Queries/AWS_LambdaUpdateFunctionCode.yaml	27
Solutions/Amazon Web Services/Hunting Queries/AWS_LoginProfileUpdated.yaml	29
Solutions/Amazon Web Services/Hunting Queries/AWS_ModificationofRouteTableAttributes.yaml	19
Solutions/Amazon Web Services/Hunting Queries/AWS_ModificationofSubnetAttributes.yaml	19
Solutions/Amazon Web Services/Hunting Queries/AWS_ModificationofVPCAttributes.yaml	19
Solutions/Amazon Web Services/Hunting Queries/AWS_NetworkACLDeleted.yaml	29
Solutions/Amazon Web Services/Hunting Queries/AWS_NewRootAccessKey.yaml	29
Solutions/Amazon Web Services/Hunting Queries/AWS_PolicywithExcessivePermissions.yaml	35
Solutions/Amazon Web Services/Hunting Queries/AWS_PrivilegedRoleAttachedToInstance.yaml	49
Solutions/Amazon Web Services/Hunting Queries/AWS_RDSMasterPasswordChanged.yaml	28
Solutions/Amazon Web Services/Hunting Queries/AWS_RiskyRoleName.yaml	35
Solutions/Amazon Web Services/Hunting Queries/AWS_S3BucketDeleted.yaml	29
Solutions/Amazon Web Services/Hunting Queries/AWS_S3BucketEncryptionModified.yaml	29
Solutions/Amazon Web Services/Hunting Queries/AWS_STStoEC2.yaml	67
Solutions/Amazon Web Services/Hunting Queries/AWS_STStoECS.yaml	67
Solutions/Amazon Web Services/Hunting Queries/AWS_STStoGlue.yaml	60
Solutions/Amazon Web Services/Hunting Queries/AWS_STStoKWN.yaml	67
Solutions/Amazon Web Services/Hunting Queries/AWS_STStoLambda.yaml	60
Solutions/Amazon Web Services/Hunting Queries/AWS_SuspiciousCredentialTokenAccessOfValid_IAM_Roles.yaml	48
Solutions/Amazon Web Services/Hunting Queries/AWS_Unused_UnsupportedCloudRegions.yaml	51
Solutions/Apache Log4j Vulnerability Detection/Analytic Rules/AzureWAFmatching_log4j_vuln.yaml	47
Solutions/Apache Log4j Vulnerability Detection/Analytic Rules/Log4J_IPIOC_Dec112021.yaml	219
Solutions/Apache Log4j Vulnerability Detection/Analytic Rules/Log4jVulnerableMachines.yaml	38
Solutions/Apache Log4j Vulnerability Detection/Analytic Rules/UserAgentSearch_log4j.yaml	101
Solutions/Apache Log4j Vulnerability Detection/Hunting Queries/Apache_log4j_Vulnerability.yaml	53
Solutions/Apache Log4j Vulnerability Detection/Hunting Queries/Base64_Download_Activity.yaml	50
Solutions/Apache Log4j Vulnerability Detection/Hunting Queries/Container_Miner_Activity.yaml	47
Solutions/Apache Log4j Vulnerability Detection/Hunting Queries/Firewall_Disable_Activity.yaml	45
Solutions/Apache Log4j Vulnerability Detection/Hunting Queries/Linux_Toolkit_Detected.yaml	46
Solutions/Apache Log4j Vulnerability Detection/Hunting Queries/NetworkConnectionToNewExternalLDAPServer.yaml	65
Solutions/Apache Log4j Vulnerability Detection/Hunting Queries/NetworkConnectionldap_log4j.yaml	57
Solutions/Apache Log4j Vulnerability Detection/Hunting Queries/Process_Termination_Activity.yaml	46
Solutions/Apache Log4j Vulnerability Detection/Hunting Queries/Suspicious_ShellScript_Activity.yaml	48
Solutions/Apache Log4j Vulnerability Detection/Hunting Queries/WAF_log4j_vulnerability.yaml	47
Solutions/ApacheHTTPServer/Analytic Rules/ApacheCVE-2021-41773.yaml	34
Solutions/ApacheHTTPServer/Analytic Rules/ApacheCommandInURI.yaml	31
Solutions/ApacheHTTPServer/Analytic Rules/ApacheKnownMaliciousUserAgents.yaml	31
Solutions/ApacheHTTPServer/Analytic Rules/ApacheMultipleClientErrorsFromSingleIP.yaml	33
Solutions/ApacheHTTPServer/Analytic Rules/ApacheMultipleServerErrorsRequestsFromSingleIP.yaml	35
Solutions/ApacheHTTPServer/Analytic Rules/ApachePrivateIpInUrl.yaml	30
Solutions/ApacheHTTPServer/Analytic Rules/ApachePutSuspiciousFiles.yaml	39
Solutions/ApacheHTTPServer/Analytic Rules/ApacheRequestFromPrivateIP.yaml	32
Solutions/ApacheHTTPServer/Analytic Rules/ApacheRequestToRareFile.yaml	42
Solutions/ApacheHTTPServer/Analytic Rules/ApacheRequestToSensitiveFiles.yaml	36
Solutions/ApacheHTTPServer/Hunting Queries/ApacheFilesErrorRequests.yaml	28
Solutions/ApacheHTTPServer/Hunting Queries/ApacheFilesRequested.yaml	27
Solutions/ApacheHTTPServer/Hunting Queries/ApacheRareFilesRequested.yaml	27
Solutions/ApacheHTTPServer/Hunting Queries/ApacheRareUAWithClientErrors.yaml	26
Solutions/ApacheHTTPServer/Hunting Queries/ApacheRareURLsRequested.yaml	26
Solutions/ApacheHTTPServer/Hunting Queries/ApacheRareUserAgents.yaml	26
Solutions/ApacheHTTPServer/Hunting Queries/ApacheRequestsToUnexistingFiles.yaml	26
Solutions/ApacheHTTPServer/Hunting Queries/ApacheUnexpectedPostRequests.yaml	27
Solutions/ApacheHTTPServer/Hunting Queries/ApacheUrlClienterrors.yaml	28
Solutions/ApacheHTTPServer/Hunting Queries/ApacheUrlServerErrors.yaml	28
Solutions/ApacheHTTPServer/Parsers/ApacheHTTPServer.yaml	58
Solutions/AristaAwakeSecurity/Analytic Rules/HighMatchCountsByDevice.yaml	63
Solutions/AristaAwakeSecurity/Analytic Rules/HighSeverityMatchesByDevice.yaml	61
Solutions/AristaAwakeSecurity/Analytic Rules/ModelMatchesWithMultipleDestinationsByDevice.yaml	61
Solutions/Armis/Data Connectors/ArmisActivities/ArmisActivitySentinelConnector/__init__.py	367
Solutions/Armis/Data Connectors/ArmisActivities/ArmisActivitySentinelConnector/state_manager.py	27
Solutions/Armis/Data Connectors/ArmisActivities/Exceptions/ArmisExceptions.py	4
Solutions/Armis/Data Connectors/ArmisAlerts/ArmisAlertSentinelConnector/__init__.py	361
Solutions/Armis/Data Connectors/ArmisAlerts/ArmisAlertSentinelConnector/state_manager.py	27
Solutions/Armis/Data Connectors/ArmisAlerts/Exceptions/ArmisExceptions.py	4
Solutions/Armis/Data Connectors/ArmisAlertsActivities/ArmisAlertActivitySentinelConnector/__init__.py	340
Solutions/Armis/Data Connectors/ArmisAlertsActivities/ArmisAlertActivitySentinelConnector/consts.py	30
Solutions/Armis/Data Connectors/ArmisAlertsActivities/ArmisAlertActivitySentinelConnector/exports_store.py	74
Solutions/Armis/Data Connectors/ArmisAlertsActivities/ArmisAlertActivitySentinelConnector/sentinel.py	150
Solutions/Armis/Data Connectors/ArmisAlertsActivities/ArmisAlertActivitySentinelConnector/state_manager.py	33
Solutions/Armis/Data Connectors/ArmisAlertsActivities/ArmisAlertActivitySentinelConnector/utils.py	205
Solutions/Armis/Data Connectors/ArmisAlertsActivities/Exceptions/ArmisExceptions.py	4
Solutions/Armis/Data Connectors/ArmisDevice/ArmisDeviceSentinelConnector/__init__.py	456
Solutions/Armis/Data Connectors/ArmisDevice/ArmisDeviceSentinelConnector/exports_store.py	76
Solutions/Armis/Data Connectors/ArmisDevice/ArmisDeviceSentinelConnector/state_manager.py	32
Solutions/Armis/Data Connectors/ArmisDevice/Exceptions/ArmisExceptions.py	6
Solutions/Armis/Parsers/ArmisActivities.yaml	40
Solutions/Armis/Parsers/ArmisAlerts.yaml	38
Solutions/Armis/Parsers/ArmisDevice.yaml	64
Solutions/Armorblox/Analytic Rules/ArmorbloxNeedsReviewAlert.yaml	40
Solutions/Armorblox/Data Connectors/ArmorbloxAzureSentinelConnector/__init__.py	122
Solutions/Armorblox/Data Connectors/ArmorbloxAzureSentinelConnector/state_manager.py	18
Solutions/Aruba ClearPass/Parsers/ArubaClearPass.yaml	89
Solutions/AtlassianConfluenceAudit/Data Connectors/AtlassianConfluenceAuditDataConnector/ConfluenceAuditAPISentinelConnector/__init__.py	115
Solutions/AtlassianConfluenceAudit/Data Connectors/AtlassianConfluenceAuditDataConnector/ConfluenceAuditAPISentinelConnector/state_manager.py	18
Solutions/AtlassianConfluenceAudit/Parsers/ConfluenceAudit.yaml	76
Solutions/AtlassianJiraAudit/Analytic Rules/JiraGlobalPermissionAdded.yaml	34
Solutions/AtlassianJiraAudit/Analytic Rules/JiraNewPrivilegedUser.yaml	32
Solutions/AtlassianJiraAudit/Analytic Rules/JiraNewUser.yaml	31
Solutions/AtlassianJiraAudit/Analytic Rules/JiraPermissionSchemeUpdated.yaml	34
Solutions/AtlassianJiraAudit/Analytic Rules/JiraPrivilegedUserPasswordChanged.yaml	37
Solutions/AtlassianJiraAudit/Analytic Rules/JiraProjectRolesChanged.yaml	34
Solutions/AtlassianJiraAudit/Analytic Rules/JiraUserPasswordChange.yaml	36
Solutions/AtlassianJiraAudit/Analytic Rules/JiraUserRemovedFromGroup.yaml	31
Solutions/AtlassianJiraAudit/Analytic Rules/JiraUserRemovedFromProject.yaml	31
Solutions/AtlassianJiraAudit/Analytic Rules/JiraWorkflowSchemeCopied.yaml	35
Solutions/AtlassianJiraAudit/Data Connectors/JiraAuditAPISentinelConnector/__init__.py	118
Solutions/AtlassianJiraAudit/Data Connectors/JiraAuditAPISentinelConnector/state_manager.py	18
Solutions/AtlassianJiraAudit/Hunting Queries/JiraBlockedTasks.yaml	25
Solutions/AtlassianJiraAudit/Hunting Queries/JiraNewUsers.yaml	25
Solutions/AtlassianJiraAudit/Hunting Queries/JiraProjectVersionsReleased.yaml	24
Solutions/AtlassianJiraAudit/Hunting Queries/JiraUpdatedProjectVersions.yaml	24
Solutions/AtlassianJiraAudit/Hunting Queries/JiraUpdatedProjects.yaml	24
Solutions/AtlassianJiraAudit/Hunting Queries/JiraUpdatedUsers.yaml	26
Solutions/AtlassianJiraAudit/Hunting Queries/JiraUpdatedWorkflowSchemes.yaml	24
Solutions/AtlassianJiraAudit/Hunting Queries/JiraUpdatedWorkflows.yaml	24
Solutions/AtlassianJiraAudit/Hunting Queries/JiraUserIPs.yaml	25
Solutions/AtlassianJiraAudit/Hunting Queries/JiraWorkflowAddedToProject.yaml	24
Solutions/AtlassianJiraAudit/Parsers/JiraAudit.yaml	55
Solutions/AtlassianJiraAudit/Playbooks/Sync-CommentsFunctionApp/Sync-Comment.ps1	87
Solutions/Attacker Tools Threat Protection Essentials/Analytic Rules/AdFind_Usage.yaml	60
Solutions/Attacker Tools Threat Protection Essentials/Analytic Rules/CredentialDumpingServiceInstallation.yaml	48
Solutions/Attacker Tools Threat Protection Essentials/Analytic Rules/CredentialDumpingToolsFileArtifacts.yaml	49
Solutions/Attacker Tools Threat Protection Essentials/Analytic Rules/powershell_empire.yaml	146
Solutions/Attacker Tools Threat Protection Essentials/Hunting Queries/CobaltDNSBeacon.yaml	40
Solutions/Attacker Tools Threat Protection Essentials/Hunting Queries/PotentialImpacketExecution.yaml	61
Solutions/Auth0/Data Connectors/Auth0Connector/main.py	321
Solutions/Auth0/Data Connectors/Auth0Connector/sentinel_connector.py	90
Solutions/Auth0/Data Connectors/Auth0Connector/state_manager.py	18
Solutions/Auth0/Parsers/Auth0.yaml	20
Solutions/Authomize/Analytic Rules/AWS_role_with_admin_privileges.yaml	57
Solutions/Authomize/Analytic Rules/AWS_role_with_shadow_admin_privileges.yaml	58
Solutions/Authomize/Analytic Rules/Access_to_AWS_without_MFA.yaml	58
Solutions/Authomize/Analytic Rules/Admin_SaaS_account_detected.yaml	59
Solutions/Authomize/Analytic Rules/Admin_password_wasnt_updated.yaml	44
Solutions/Authomize/Analytic Rules/Chain_of_3_or_more_roles.yaml	58
Solutions/Authomize/Analytic Rules/Detect_AWS_IAM_Users.yaml	57
Solutions/Authomize/Analytic Rules/Empty_group_with_entitlements.yaml	58
Solutions/Authomize/Analytic Rules/IaaS_admin_detected.yaml	58
Solutions/Authomize/Analytic Rules/IaaS_policy_not_attached_to_any_identity.yaml	58
Solutions/Authomize/Analytic Rules/IaaS_shadow_admin_detected.yaml	58
Solutions/Authomize/Analytic Rules/New_direct_access_policy_was_granted.yaml	60
Solutions/Authomize/Analytic Rules/New_service_account_gained_access_to_IaaS_resource.yaml	57
Solutions/Authomize/Analytic Rules/Password_Exfiltration_over_SCIM.yaml	60
Solutions/Authomize/Analytic Rules/Privileged_Machines_Exposed_to_the_Internet.yaml	58
Solutions/Authomize/Analytic Rules/Refactor_AWS_policy_based_on_activities.yaml	57
Solutions/Authomize/Analytic Rules/Stale_AWS_policy_attachment_to_identity.yaml	58
Solutions/Authomize/Analytic Rules/Stale_IAAS_policy_attachment_to_role.yaml	58
Solutions/Authomize/Analytic Rules/Unused_IaaS_Policy.yaml	61
Solutions/Authomize/Analytic Rules/User_assigned_to_a_default_admin_role.yaml	58
Solutions/Authomize/Analytic Rules/User_without_MFA.yaml	58
Solutions/Authomize/Data Connectors/AuthomizeSentinelConnector/__init__.py	123
Solutions/Authomize/Data Connectors/AuthomizeSentinelConnector/azureworker.py	43
Solutions/Authomize/Hunting queries/Admin_SaaS_account_detected.yaml	4
Solutions/Authomize/Hunting queries/Chain_of_3_or_more_roles.yaml	24
Solutions/Authomize/Hunting queries/IaaS_admin_detected.yaml	24
Solutions/Authomize/Hunting queries/IaaS_shadow_admin_detected.yaml	24
Solutions/Authomize/Hunting queries/Password_Exfiltration_over_SCIM_application.yaml	28
Solutions/Authomize/Hunting queries/Privileged_Machines_Exposed_to_the_Internet.yaml	24
Solutions/Azure Activity/Analytic Rules/AADHybridHealthADFSNewServer.yaml	46
Solutions/Azure Activity/Analytic Rules/AADHybridHealthADFSServiceDelete.yaml	47
Solutions/Azure Activity/Analytic Rules/AADHybridHealthADFSSuspApp.yaml	52
Solutions/Azure Activity/Analytic Rules/Creating_Anomalous_Number_Of_Resources_detection.yaml	64
Solutions/Azure Activity/Analytic Rules/Creation_of_Expensive_Computes_in_Azure.yaml	53
Solutions/Azure Activity/Analytic Rules/Granting_Permissions_To_Account_detection.yaml	65
Solutions/Azure Activity/Analytic Rules/Machine_Learning_Creation.yaml	53
Solutions/Azure Activity/Analytic Rules/NRT-AADHybridHealthADFSNewServer.yaml	42
Solutions/Azure Activity/Analytic Rules/NRT_Creation_of_Expensive_Computes_in_Azure.yaml	49
Solutions/Azure Activity/Analytic Rules/New-CloudShell-User.yaml	49
Solutions/Azure Activity/Analytic Rules/NewResourceGroupsDeployedTo.yaml	38
Solutions/Azure Activity/Analytic Rules/RareOperations.yaml	43
Solutions/Azure Activity/Analytic Rules/SubscriptionMigration.yaml	63
Solutions/Azure Activity/Analytic Rules/TimeSeriesAnomaly_Mass_Cloud_Resource_Deletions.yaml	59
Solutions/Azure Activity/Hunting Queries/AnalyticsRulesAdministrativeOperations.yaml	37
Solutions/Azure Activity/Hunting Queries/AnomalousAzureOperationModel.yaml	121
Solutions/Azure Activity/Hunting Queries/Anomalous_Listing_Of_Storage_Keys.yaml	35
Solutions/Azure Activity/Hunting Queries/AzureAdministrationFromVPS.yaml	38
Solutions/Azure Activity/Hunting Queries/AzureNSG_AdministrativeOperations.yaml	37
Solutions/Azure Activity/Hunting Queries/AzureRunCommandFromAzureIP.yaml	49
Solutions/Azure Activity/Hunting Queries/AzureSentinelConnectors_AdministrativeOperations.yaml	36
Solutions/Azure Activity/Hunting Queries/AzureSentinelWorkbooks_AdministrativeOperation.yaml	37
Solutions/Azure Activity/Hunting Queries/AzureVirtualNetworkSubnets_AdministrativeOperationset.yaml	37
Solutions/Azure Activity/Hunting Queries/Common_Deployed_Resources.yaml	44
Solutions/Azure Activity/Hunting Queries/Creating_Anomalous_Number_Of_Resources.yaml	29
Solutions/Azure Activity/Hunting Queries/Granting_Permissions_to_Account.yaml	43
Solutions/Azure Activity/Hunting Queries/Machine_Learning_Creation.yaml	44
Solutions/Azure Activity/Hunting Queries/PortOpenedForAzureResource.yaml	51
Solutions/Azure Activity/Hunting Queries/Rare_Custom_Script_Extension.yaml	72
Solutions/Azure Cloud NGFW by Palo Alto Networks/Analytic Rules/CloudNGFW-NetworkBeaconing.yaml	67
Solutions/Azure Cloud NGFW by Palo Alto Networks/Analytic Rules/CloudNGFW-PortScanning.yaml	60
Solutions/Azure Cloud NGFW by Palo Alto Networks/Analytic Rules/CloudNGFW-UnusualThreatSignatures.yaml	59
Solutions/Azure Cloud NGFW by Palo Alto Networks/Hunting Queries/CloudNGFW-HighRiskPorts.yaml	114
Solutions/Azure Cloud NGFW by Palo Alto Networks/Hunting Queries/CloudNGFW-PotentialBeaconing.yaml	59
Solutions/Azure DDoS Protection/Analytic Rules/AttackSourcesPPSThreshold.yaml	34
Solutions/Azure DDoS Protection/Analytic Rules/AttackSourcesPercentThreshold.yaml	38
Solutions/Azure Firewall/Analytic Rules/Azure Firewall - Abnormal Deny Rate for Source IP.yaml	86
Solutions/Azure Firewall/Analytic Rules/Azure Firewall - Abnormal Port to Protocol.yaml	82
Solutions/Azure Firewall/Analytic Rules/Azure Firewall - Multiple Sources Affected by the Same TI Destination.yaml	51
Solutions/Azure Firewall/Analytic Rules/Azure Firewall - Port Scan.yaml	51
Solutions/Azure Firewall/Analytic Rules/Azure Firewall - Port Sweep.yaml	59
Solutions/Azure Firewall/Analytic Rules/SeveralDenyActionsRegistered.yaml	70
Solutions/Azure Firewall/Hunting Queries/Azure Firewall - First Time Source IP to Destination Using Port.yaml	40
Solutions/Azure Firewall/Hunting Queries/Azure Firewall - First time source IP to Destination.yaml	40
Solutions/Azure Firewall/Hunting Queries/Azure Firewall - Source IP Abnormally Connects to Multiple Destinations.yaml	46
Solutions/Azure Firewall/Hunting Queries/Azure Firewall - Uncommon Port for Organization.yaml	41
Solutions/Azure Firewall/Hunting Queries/Azure Firewall - Uncommon Port to IP.yaml	40
Solutions/Azure Key Vault/Analytic Rules/KeyVaultSensitiveOperations.yaml	49
Solutions/Azure Key Vault/Analytic Rules/KeyvaultMassSecretRetrieval.yaml	80
Solutions/Azure Key Vault/Analytic Rules/NRT_KeyVaultSensitiveOperations.yaml	45
Solutions/Azure Key Vault/Analytic Rules/TimeSeriesKeyvaultAccessAnomaly.yaml	85
Solutions/Azure SQL Database solution for sentinel/Analytic Rules/Detection-ErrorsCredentialStatefulAnomalyOnDatabase.yaml	86
Solutions/Azure SQL Database solution for sentinel/Analytic Rules/Detection-ErrorsFirewallStatefulAnomalyOnDatabase.yaml	86
Solutions/Azure SQL Database solution for sentinel/Analytic Rules/Detection-ErrorsSyntaxStatefulAnomalyOnDatabase.yaml	86
Solutions/Azure SQL Database solution for sentinel/Analytic Rules/Detection-HotwordsDropStatefulAnomalyOnDatabase.yaml	93
Solutions/Azure SQL Database solution for sentinel/Analytic Rules/Detection-HotwordsExecutionStatefulAnomalyOnDatabase.yaml	93
Solutions/Azure SQL Database solution for sentinel/Analytic Rules/Detection-HotwordsFirewallRuleStatefulAnomalyOnDatabase.yaml	93
Solutions/Azure SQL Database solution for sentinel/Analytic Rules/Detection-HotwordsOLEObjectStatefulAnomalyOnDatabase.yaml	93
Solutions/Azure SQL Database solution for sentinel/Analytic Rules/Detection-HotwordsOutgoingStatefulAnomalyOnDatabase.yaml	93
Solutions/Azure SQL Database solution for sentinel/Analytic Rules/Detection-VolumeAffectedRowsStatefulAnomalyOnDatabase.yaml	84
Solutions/Azure SQL Database solution for sentinel/Analytic Rules/Detection-VolumeResponseRowsStatefulAnomalyOnDatabase.yaml	83
Solutions/Azure SQL Database solution for sentinel/Hunting Queries/HuntingQuery-AffectedRowAnomaly.yaml	66
Solutions/Azure SQL Database solution for sentinel/Hunting Queries/HuntingQuery-BooleanBlindSQLi.yaml	88
Solutions/Azure SQL Database solution for sentinel/Hunting Queries/HuntingQuery-ExecutionTimeAnomaly.yaml	86
Solutions/Azure SQL Database solution for sentinel/Hunting Queries/HuntingQuery-PrevalenceBasedQuerySizeAnomaly.yaml	81
Solutions/Azure SQL Database solution for sentinel/Hunting Queries/HuntingQuery-SuspiciousStoredProcedures.yaml	51
Solutions/Azure SQL Database solution for sentinel/Hunting Queries/HuntingQuery-TimeBasedQuerySizeAnomaly.yaml	83
Solutions/Azure SQL Database solution for sentinel/Hunting Queries/HuntingQuery-VolumeAffectedRowsStatefulAnomalyOnDatabase.yaml	89
Solutions/Azure SQL Database solution for sentinel/Hunting Queries/HuntingQuery-VolumeResponseRowsStatefulAnomalyOnDatabase.yaml	82
Solutions/Azure Web Application Firewall (WAF)/Analytic Rules/AFD-Premium-WAF-SQLiDetection.yaml	53
Solutions/Azure Web Application Firewall (WAF)/Analytic Rules/AFD-Premium-WAF-XSSDetection.yaml	50
Solutions/Azure Web Application Firewall (WAF)/Analytic Rules/AFD-WAF-Code-Injection.yaml	53
Solutions/Azure Web Application Firewall (WAF)/Analytic Rules/AFD-WAF-Path-Traversal-Attack.yaml	55
Solutions/Azure Web Application Firewall (WAF)/Analytic Rules/App-GW-WAF-Code-Injection.yaml	53
Solutions/Azure Web Application Firewall (WAF)/Analytic Rules/App-GW-WAF-Path-Traversal-Attack.yaml	55
Solutions/Azure Web Application Firewall (WAF)/Analytic Rules/App-GW-WAF-SQLiDetection.yaml	56
Solutions/Azure Web Application Firewall (WAF)/Analytic Rules/App-GW-WAF-Scanner-detection.yaml	56
Solutions/Azure Web Application Firewall (WAF)/Analytic Rules/App-GW-WAF-XSSDetection.yaml	53
Solutions/Azure Web Application Firewall (WAF)/Analytic Rules/MaliciousWAFSessions.yaml	63
Solutions/Azure kubernetes Service/Hunting Queries/AKS-Rbac.yaml	3
Solutions/Azure kubernetes Service/Hunting Queries/AKS-clusterrolebinding.yaml	3
Solutions/AzureDevOpsAuditing/Analytic Rules/ADOAgentPoolCreatedDeleted.yaml	57
Solutions/AzureDevOpsAuditing/Analytic Rules/ADOAuditStreamDisabled.yaml	37
Solutions/AzureDevOpsAuditing/Analytic Rules/ADOMaliciousToolingDetections1.yaml	36
Solutions/AzureDevOpsAuditing/Analytic Rules/ADONewExtensionAdded.yaml	41
Solutions/AzureDevOpsAuditing/Analytic Rules/ADOPATUsedWithBrowser.yaml	38
Solutions/AzureDevOpsAuditing/Analytic Rules/ADOPipelineModifiedbyNewUser.yaml	65
Solutions/AzureDevOpsAuditing/Analytic Rules/ADORetentionReduced.yaml	39
Solutions/AzureDevOpsAuditing/Analytic Rules/ADOSecretNotSecured.yaml	44
Solutions/AzureDevOpsAuditing/Analytic Rules/ADOVariableModifiedByNewUser.yaml	53
Solutions/AzureDevOpsAuditing/Analytic Rules/AzDOAdminGroupAdditions.yaml	47
Solutions/AzureDevOpsAuditing/Analytic Rules/AzDOHistoricPrPolicyBypassing.yaml	52
Solutions/AzureDevOpsAuditing/Analytic Rules/AzDOHistoricServiceConnectionAdds.yaml	67
Solutions/AzureDevOpsAuditing/Analytic Rules/AzDOPatSessionMisuse.yaml	50
Solutions/AzureDevOpsAuditing/Analytic Rules/AzDOPipelineCreatedDeletedOneDay.yaml	69
Solutions/AzureDevOpsAuditing/Analytic Rules/AzDOServiceConnectionUsage.yaml	38
Solutions/AzureDevOpsAuditing/Analytic Rules/ExternalUpstreamSourceAddedtoAzureDevOpsFeed.yaml	55
Solutions/AzureDevOpsAuditing/Analytic Rules/NRT_ADOAuditStreamDisabled.yaml	33
Solutions/AzureDevOpsAuditing/Analytic Rules/NewAgentAddedToPoolbyNewUserorofNewOS.yaml	72
Solutions/AzureDevOpsAuditing/Analytic Rules/NewPAPCAPCASaddedtoADO.yaml	54
Solutions/AzureDevOpsAuditing/Hunting Queries/ADOBuildCheckDeleted.yaml	27
Solutions/AzureDevOpsAuditing/Hunting Queries/ADOBuildDeletedAfterPipelineMod.yaml	19
Solutions/AzureDevOpsAuditing/Hunting Queries/ADOInternalUpstreamPacakgeFeedAdded.yaml	67
Solutions/AzureDevOpsAuditing/Hunting Queries/ADONewAgentPoolCreated.yaml	6
Solutions/AzureDevOpsAuditing/Hunting Queries/ADONewPATOperation.yaml	33
Solutions/AzureDevOpsAuditing/Hunting Queries/ADONewPackageFeedCreated.yaml	34
Solutions/AzureDevOpsAuditing/Hunting Queries/ADONewReleaseApprover.yaml	42
Solutions/AzureDevOpsAuditing/Hunting Queries/ADOReleasePipelineCreated.yaml	51
Solutions/AzureDevOpsAuditing/Hunting Queries/ADOVariableCreatedDeleted.yaml	37
Solutions/AzureDevOpsAuditing/Hunting Queries/Addtional Org Admin Added.yaml	30
Solutions/AzureDevOpsAuditing/Hunting Queries/AzDODisplayNameSwapping.yaml	25
Solutions/AzureDevOpsAuditing/Hunting Queries/AzDOPrPolicyBypassers.yaml	25
Solutions/AzureDevOpsAuditing/Hunting Queries/EntraID Conditional Access Disabled.yaml	29
Solutions/AzureDevOpsAuditing/Hunting Queries/Guest users access enabled.yaml	29
Solutions/AzureDevOpsAuditing/Hunting Queries/Project visibility changed to public.yaml	28
Solutions/AzureDevOpsAuditing/Hunting Queries/Public Projects enabled.yaml	29
Solutions/AzureDevOpsAuditing/Hunting Queries/Public project created.yaml	28
Solutions/AzureDevOpsAuditing/Parsers/ADOAuditLogs.yaml	17
Solutions/AzureSecurityBenchmark/Analytic Rules/AzureSecurityBenchmarkPostureChanged.yaml	38
Solutions/Barracuda CloudGen Firewall/Parsers/CGFWFirewallActivity.yaml	37
Solutions/BitSight/Analytic Rules/BitSightCompromisedSystemsDetected.yaml	46
Solutions/BitSight/Analytic Rules/BitSightDiligenceRiskCategoryDetected.yaml	48
Solutions/BitSight/Analytic Rules/BitSightDropInCompanyRatings.yaml	39
Solutions/BitSight/Analytic Rules/BitSightDropInHeadlineRating.yaml	38
Solutions/BitSight/Analytic Rules/BitSightNewAlertFound.yaml	45
Solutions/BitSight/Analytic Rules/BitSightNewBreachFound.yaml	45
Solutions/BitSight/Data Connectors/BitSightDataConnector/AlertsGraphStatisticsDetails/__init__.py	29
Solutions/BitSight/Data Connectors/BitSightDataConnector/AlertsGraphStatisticsDetails/bitsight_statistics.py	473
Solutions/BitSight/Data Connectors/BitSightDataConnector/BreachesDetails/__init__.py	29
Solutions/BitSight/Data Connectors/BitSightDataConnector/BreachesDetails/bitsight_breaches.py	189
Solutions/BitSight/Data Connectors/BitSightDataConnector/CompaniesDetails/__init__.py	29
Solutions/BitSight/Data Connectors/BitSightDataConnector/CompaniesDetails/bitsight_companies.py	248
Solutions/BitSight/Data Connectors/BitSightDataConnector/FindingsDetails/__init__.py	14
Solutions/BitSight/Data Connectors/BitSightDataConnector/FindingsDetails/bitsight_findings.py	247
Solutions/BitSight/Data Connectors/BitSightDataConnector/FindingsSummaryDetails/__init__.py	27
Solutions/BitSight/Data Connectors/BitSightDataConnector/FindingsSummaryDetails/bitsight_findings_summary.py	226
Solutions/BitSight/Data Connectors/BitSightDataConnector/PortFolioCompanies/__init__.py	19
Solutions/BitSight/Data Connectors/BitSightDataConnector/PortFolioCompanies/bitsight_portfolio.py	134
Solutions/BitSight/Data Connectors/BitSightDataConnector/SharedCode/__init__.py	1
Solutions/BitSight/Data Connectors/BitSightDataConnector/SharedCode/azure_sentinel.py	85
Solutions/BitSight/Data Connectors/BitSightDataConnector/SharedCode/bitsight_client.py	153
Solutions/BitSight/Data Connectors/BitSightDataConnector/SharedCode/bitsight_exception.py	3
Solutions/BitSight/Data Connectors/BitSightDataConnector/SharedCode/consts.py	59
Solutions/BitSight/Data Connectors/BitSightDataConnector/SharedCode/get_logs_data.py	61
Solutions/BitSight/Data Connectors/BitSightDataConnector/SharedCode/logger.py	22
Solutions/BitSight/Data Connectors/BitSightDataConnector/SharedCode/state_manager.py	18
Solutions/BitSight/Data Connectors/BitSightDataConnector/SharedCode/utils.py	201
Solutions/BitSight/Parsers/BitSightAlerts.yaml	43
Solutions/BitSight/Parsers/BitSightBreaches.yaml	45
Solutions/BitSight/Parsers/BitSightCompanyDetails.yaml	115
Solutions/BitSight/Parsers/BitSightCompanyRatings.yaml	43
Solutions/BitSight/Parsers/BitSightDiligenceHistoricalStatistics.yaml	29
Solutions/BitSight/Parsers/BitSightDiligenceStatistics.yaml	47
Solutions/BitSight/Parsers/BitSightFindingsData.yaml	73
Solutions/BitSight/Parsers/BitSightFindingsSummary.yaml	43
Solutions/BitSight/Parsers/BitSightGraphData.yaml	29
Solutions/BitSight/Parsers/BitSightIndustrialStatistics.yaml	31
Solutions/BitSight/Parsers/BitSightObservationStatistics.yaml	31
Solutions/Bitglass/Analytic Rules/BitglassFilesSharedWithExternal.yaml	34
Solutions/Bitglass/Analytic Rules/BitglassImpossibleTravelDistance.yaml	30
Solutions/Bitglass/Analytic Rules/BitglassMultipleFailedLogins.yaml	33
Solutions/Bitglass/Analytic Rules/BitglassNewAdminUser.yaml	30
Solutions/Bitglass/Analytic Rules/BitglassNewDevice.yaml	35
Solutions/Bitglass/Analytic Rules/BitglassNewRiskyUser.yaml	30
Solutions/Bitglass/Analytic Rules/BitglassSmartEdgeAgentUninstall.yaml	30
Solutions/Bitglass/Analytic Rules/BitglassSuspiciousFileUpload.yaml	33
Solutions/Bitglass/Analytic Rules/BitglassUserLoginNewGeoLocation.yaml	39
Solutions/Bitglass/Analytic Rules/BitglassUserUAChanged.yaml	35
Solutions/Bitglass/Data Connectors/BitglassSentinelConnector/__init__.py	194
Solutions/Bitglass/Data Connectors/BitglassSentinelConnector/state_manager.py	18
Solutions/Bitglass/Hunting Queries/BitglassApplications.yaml	24
Solutions/Bitglass/Hunting Queries/BitglassInsecureWebProtocol.yaml	28
Solutions/Bitglass/Hunting Queries/BitglassLoginFailures.yaml	29
Solutions/Bitglass/Hunting Queries/BitglassNewApplications.yaml	25
Solutions/Bitglass/Hunting Queries/BitglassNewUsers.yaml	33
Solutions/Bitglass/Hunting Queries/BitglassPrivilegedLoginFailures.yaml	29
Solutions/Bitglass/Hunting Queries/BitglassRiskyUsers.yaml	24
Solutions/Bitglass/Hunting Queries/BitglassTopUsersWithBlocks.yaml	25
Solutions/Bitglass/Hunting Queries/BitglassUncategorizedResources.yaml	25
Solutions/Bitglass/Hunting Queries/BitglassUserDevices.yaml	25
Solutions/Bitglass/Parsers/Bitglass.yaml	160
Solutions/Bitwarden/Parsers/BitwardenEventLogs.yaml	129
Solutions/Blackberry CylancePROTECT/Parsers/CylancePROTECT-old.yaml	126
Solutions/Blackberry CylancePROTECT/Parsers/CylancePROTECT.yaml	127
Solutions/BloodHound Enterprise/Analytic Rules/BloodHoundEnterpriseCriticalAttackPaths.yaml	30
Solutions/BloodHound Enterprise/Analytic Rules/BloodHoundEnterpriseExposure.yaml	30
Solutions/BloodHound Enterprise/Analytic Rules/BloodHoundEnterpriseTierZeroAssets.yaml	30
Solutions/BloodHound Enterprise/Data Connectors/handler.go	172
Solutions/BloodHound Enterprise/Data Connectors/pkg/azure/client.go	12
Solutions/BloodHound Enterprise/Data Connectors/pkg/bloodhound/client.go	200
Solutions/BloodHound Enterprise/Data Connectors/pkg/connector/config.go	44
Solutions/BloodHound Enterprise/Data Connectors/pkg/connector/main.go	597
Solutions/BloodHound Enterprise/Data Connectors/pkg/control/http_control.go	45
Solutions/BloodHound Enterprise/Data Connectors/pkg/model/model.go	36
Solutions/Box/Analytic Rules/BoxAbnormalUserActivity.yaml	54
Solutions/Box/Analytic Rules/BoxBinaryFile.yaml	29
Solutions/Box/Analytic Rules/BoxDownloadForbiddenFiles.yaml	37
Solutions/Box/Analytic Rules/BoxInactiveUserLogin.yaml	42
Solutions/Box/Analytic Rules/BoxItemSharedToExternalUser.yaml	32
Solutions/Box/Analytic Rules/BoxMultipleItemsDeletedByUser.yaml	32
Solutions/Box/Analytic Rules/BoxNewExternalUser.yaml	38
Solutions/Box/Analytic Rules/BoxUserLoginAsAdmin.yaml	41
Solutions/Box/Analytic Rules/BoxUserRoleChangedToOwner.yaml	42
Solutions/Box/Data Connectors/AzureFunctionBox/main.py	158
Solutions/Box/Data Connectors/AzureFunctionBox/sentinel_connector.py	98
Solutions/Box/Data Connectors/AzureFunctionBox/state_manager.py	18
Solutions/Box/Hunting Queries/BoxAdminIpAddress.yaml	25
Solutions/Box/Hunting Queries/BoxDeletedUsers.yaml	24
Solutions/Box/Hunting Queries/BoxInactiveAdmins.yaml	36
Solutions/Box/Hunting Queries/BoxInactiveUsers.yaml	36
Solutions/Box/Hunting Queries/BoxNewUsers.yaml	25
Solutions/Box/Hunting Queries/BoxUserDownloadsByVolume.yaml	29
Solutions/Box/Hunting Queries/BoxUserGroupChanges.yaml	24
Solutions/Box/Hunting Queries/BoxUserUploadsByVolume.yaml	28
Solutions/Box/Hunting Queries/BoxUsersWithOwnerPermissions.yaml	25
Solutions/Box/Parsers/BoxEvents.yaml	320
Solutions/Broadcom SymantecDLP/Parsers/SymantecDLP.yaml	32
Solutions/Business Email Compromise - Financial Fraud/Analytic Rules/AccountElevatedtoNewRole.yaml	87
Solutions/Business Email Compromise - Financial Fraud/Analytic Rules/AuthenticationMethodChangedforPrivilegedAccount.yaml	71
Solutions/Business Email Compromise - Financial Fraud/Analytic Rules/BEC_MailboxRule.yaml	54
Solutions/Business Email Compromise - Financial Fraud/Analytic Rules/PrivilegedAccountPermissionsChanged.yaml	79
Solutions/Business Email Compromise - Financial Fraud/Analytic Rules/SuspiciousAccessOfBECRelatedDocuments.yaml	88
Solutions/Business Email Compromise - Financial Fraud/Analytic Rules/SuspiciousAccessOfBECRelatedDocumentsInAWSS3Buckets.yaml	72
Solutions/Business Email Compromise - Financial Fraud/Analytic Rules/UserAddedtoAdminRole.yaml	74
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/AWSBucketAPILogs-S3BucketDataTransferTimeSeriesAnomaly.yaml	54
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/AWSBucketAPILogs-SuspiciousDataAccessToS3BucketsfromUnknownIP.yaml	49
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/Emailforwarding_SAPdownload.yaml	76
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/LegacyAuthAttempt.yaml	42
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/OfficeMailRuleCreationWithMailMoveActivity.yaml	72
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/SAP_HighdownloadfromPriviledgedaccount.yaml	56
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/SuccessfulSigninFromNon-CompliantDevice.yaml	67
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/UserAccounts-NewSingleFactorAuth.yaml	67
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/UserAccounts-UnusualLogonTimes.yaml	76
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/UserDetectPrivilegeGroup.yaml	34
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/UserLoginIPAddressTeleportation.yaml	112
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/new_locations_azuread_signin.yaml	65
Solutions/Business Email Compromise - Financial Fraud/Hunting Queries/riskSignInWithNewMFAMethod.yaml	94
Solutions/CTERA/Analytic Rules/InfectedFileDetected.yaml	49
Solutions/CTERA/Analytic Rules/MassAccessDenied.yaml	65
Solutions/CTERA/Analytic Rules/MassDeletions.yaml	65
Solutions/CTERA/Analytic Rules/MassPermissionChanges.yaml	65
Solutions/CTERA/Analytic Rules/RansomwareDetected.yaml	48
Solutions/CTERA/Analytic Rules/RansomwareUserBlocked.yaml	50
Solutions/CTERA/Hunting Queries/AccessDenied.yaml	40
Solutions/CTERA/Hunting Queries/BatchDeletions.yaml	40
Solutions/CTERA/Hunting Queries/BatchPermissionChanges.yaml	40
Solutions/CTM360/Analytic Rules/AutoGeneratedPage.yaml	40
Solutions/CTM360/Analytic Rules/BrandAbuse.yaml	47
Solutions/CTM360/Analytic Rules/BrandImpersonationHIGH.yaml	43
Solutions/CTM360/Analytic Rules/BrandImpersonationINFO.yaml	42
Solutions/CTM360/Analytic Rules/CodeRepository.yaml	41
Solutions/CTM360/Analytic Rules/CompromisedCards.yaml	41
Solutions/CTM360/Analytic Rules/CookiesHttponlyFlagNotUsed.yaml	48
Solutions/CTM360/Analytic Rules/CookiesSamesiteFlagNotUsed.yaml	49
Solutions/CTM360/Analytic Rules/CookiesSecureFlagNotUsed.yaml	48
Solutions/CTM360/Analytic Rules/DMARCNotConfigured.yaml	49
Solutions/CTM360/Analytic Rules/DomainInfringemen.yaml	43
Solutions/CTM360/Analytic Rules/ExecutiveImpersonation.yaml	41
Solutions/CTM360/Analytic Rules/ExposedAdminLoginPage.yaml	50
Solutions/CTM360/Analytic Rules/ExposedEmailAddress.yaml	41
Solutions/CTM360/Analytic Rules/ExposedUserList.yaml	48
Solutions/CTM360/Analytic Rules/HeaderContentSecurityPolicyMissing.yaml	49
Solutions/CTM360/Analytic Rules/HeaderHTTPStrictTransportSecurityMissing.yaml	49
Solutions/CTM360/Analytic Rules/HeaderReferrerPolicyMissing.yaml	49
Solutions/CTM360/Analytic Rules/HeaderWebServerExposed.yaml	48
Solutions/CTM360/Analytic Rules/HeaderXFrameOptionsMissingInformational.yaml	48
Solutions/CTM360/Analytic Rules/HeaderXFrameOptionsMissingLow.yaml	48
Solutions/CTM360/Analytic Rules/HeaderXFrameOptionsMissingMedium.yaml	49
Solutions/CTM360/Analytic Rules/HeaderXXSSProtectionMissing.yaml	48
Solutions/CTM360/Analytic Rules/LeakedCredential.yaml	38
Solutions/CTM360/Analytic Rules/Phishing.yaml	43
Solutions/CTM360/Analytic Rules/SPFNotConfigured.yaml	50
Solutions/CTM360/Analytic Rules/SPFPolicySetToSoftFail.yaml	50
Solutions/CTM360/Analytic Rules/SubdomainInfringement.yaml	44
Solutions/CTM360/Analytic Rules/SubresourceIntegritySRINotImplemented.yaml	48
Solutions/CTM360/Analytic Rules/SuspiciousMobileAppHigh.yaml	41
Solutions/CTM360/Analytic Rules/SuspiciousMobileAppINFO.yaml	42
Solutions/CTM360/Analytic Rules/TLSCertificateHostnameMismatch.yaml	50
Solutions/CTM360/Analytic Rules/TLSCertificateUsingWeakCipherInformational.yaml	53
Solutions/CTM360/Analytic Rules/TLSCertificateUsingWeakCipherMedium.yaml	53
Solutions/CTM360/Analytic Rules/Tlsv11InUseInfo.yaml	53
Solutions/CTM360/Analytic Rules/Tlsv11InUseMedium.yaml	60
Solutions/CTM360/Analytic Rules/Tlsv1InUseLow.yaml	53
Solutions/CTM360/Analytic Rules/Tlsv1InUseMedium.yaml	53
Solutions/CTM360/Data Connectors/CBS/AzureFunctionCTM360_CBS/__init__.py	149
Solutions/CTM360/Data Connectors/CBS/AzureFunctionCTM360_CBS/state_manager.py	18
Solutions/CTM360/Data Connectors/HackerView/AzureFunctionCTM360_HV/__init__.py	150
Solutions/CTM360/Data Connectors/HackerView/AzureFunctionCTM360_HV/state_manager.py	18
Solutions/Cisco ACI/Parsers/CiscoACIEvent.yaml	27
Solutions/Cisco ETD/Data Connectors/CiscoETDAzureSentinelConnector/__init__.py	199
Solutions/Cisco ISE/Analytic Rules/CiscoISEAdminPasswordReset.yaml	38
Solutions/Cisco ISE/Analytic Rules/CiscoISEAttempDeleteLocalStoreLogs.yaml	42
Solutions/Cisco ISE/Analytic Rules/CiscoISEBackupFailed.yaml	37
Solutions/Cisco ISE/Analytic Rules/CiscoISECertExpired.yaml	42
Solutions/Cisco ISE/Analytic Rules/CiscoISECmdExecutionWithHighestPrivilegesNewIP.yaml	51
Solutions/Cisco ISE/Analytic Rules/CiscoISECmdExecutionWithHighestPrivilegesNewUser.yaml	51
Solutions/Cisco ISE/Analytic Rules/CiscoISEDeviceChangedIP.yaml	45
Solutions/Cisco ISE/Analytic Rules/CiscoISEDevicePostureStatusChanged.yaml	41
Solutions/Cisco ISE/Analytic Rules/CiscoISELogCollectorSuspended.yaml	32
Solutions/Cisco ISE/Analytic Rules/CiscoISELogsDeleted.yaml	42
Solutions/Cisco ISE/Hunting Queries/CiscoISEAuthenticationToSuspendedAccount.yaml	16
Solutions/Cisco ISE/Hunting Queries/CiscoISEDynamicAuthorizationFailed.yaml	17
Solutions/Cisco ISE/Hunting Queries/CiscoISEExpiredCertInClientCertChain.yaml	13
Solutions/Cisco ISE/Hunting Queries/CiscoISEFailedAuthentication.yaml	16
Solutions/Cisco ISE/Hunting Queries/CiscoISEFailedLoginsSSHCLI.yaml	16
Solutions/Cisco ISE/Hunting Queries/CiscoISEGuestAuthenticationFailed.yaml	15
Solutions/Cisco ISE/Hunting Queries/CiscoISEGuestAuthenticationSuccess.yaml	20
Solutions/Cisco ISE/Hunting Queries/CiscoISERareUserAgent.yaml	24
Solutions/Cisco ISE/Hunting Queries/CiscoISESourceHighNumberAuthenticationErrors.yaml	18
Solutions/Cisco ISE/Hunting Queries/CiscoISESuspendLogCollector.yaml	15
Solutions/Cisco SD-WAN/Analytic Rules/CiscoSDWANSentinelIPSEventThreshold.yaml	38
Solutions/Cisco SD-WAN/Analytic Rules/CiscoSDWANSentinelIntrusionEvents.yaml	36
Solutions/Cisco SD-WAN/Analytic Rules/CiscoSDWANSentinelMalwareEvents.yaml	55
Solutions/Cisco SD-WAN/Analytic Rules/CiscoSDWANSentinelMonitorCriticalIP.yaml	41
Solutions/Cisco SD-WAN/Parsers/CiscoSDWANNetflow.yaml	243
Solutions/Cisco SD-WAN/Parsers/CiscoSyslogFW6LogSummary.yaml	47
Solutions/Cisco SD-WAN/Parsers/CiscoSyslogUTD.yaml	51
Solutions/Cisco SD-WAN/Parsers/MapNetflowUsername.yaml	18
Solutions/Cisco Secure Cloud Analytics/Parsers/StealthwatchEvent.yaml	42
Solutions/Cisco Secure Endpoint/Analytic Rules/CiscoEndpointHighAlert.yaml	42
Solutions/Cisco Secure Endpoint/Analytic Rules/CiscoSEC2Connection.yaml	33
Solutions/Cisco Secure Endpoint/Analytic Rules/CiscoSEDropperActivity.yaml	33
Solutions/Cisco Secure Endpoint/Analytic Rules/CiscoSEGenIoC.yaml	33
Solutions/Cisco Secure Endpoint/Analytic Rules/CiscoSEMalwareExecution.yaml	33
Solutions/Cisco Secure Endpoint/Analytic Rules/CiscoSEMalwareOutbreak.yaml	33
Solutions/Cisco Secure Endpoint/Analytic Rules/CiscoSEMultipleMalwareOnHost.yaml	33
Solutions/Cisco Secure Endpoint/Analytic Rules/CiscoSEPolicyUpdateFailure.yaml	29
Solutions/Cisco Secure Endpoint/Analytic Rules/CiscoSERansomwareActivityOnHost copy.yaml	33
Solutions/Cisco Secure Endpoint/Analytic Rules/CiscoSEUnexpectedBinary.yaml	33
Solutions/Cisco Secure Endpoint/Analytic Rules/CiscoSEWebshell.yaml	33
Solutions/Cisco Secure Endpoint/Data Connectors/AzureFunctionCiscoSecureEndpoint/main.py	151
Solutions/Cisco Secure Endpoint/Data Connectors/AzureFunctionCiscoSecureEndpoint/sentinel_connector.py	100
Solutions/Cisco Secure Endpoint/Data Connectors/AzureFunctionCiscoSecureEndpoint/state_manager.py	21
Solutions/Cisco Secure Endpoint/Hunting Queries/CiscoSEInfectedHosts.yaml	24
Solutions/Cisco Secure Endpoint/Hunting Queries/CiscoSEInfectedUsers.yaml	24
Solutions/Cisco Secure Endpoint/Hunting Queries/CiscoSELoginsToConsole.yaml	24
Solutions/Cisco Secure Endpoint/Hunting Queries/CiscoSEMaliciousFiles.yaml	28
Solutions/Cisco Secure Endpoint/Hunting Queries/CiscoSEModifiedAgent.yaml	24
Solutions/Cisco Secure Endpoint/Hunting Queries/CiscoSERareFilesScanned.yaml	25
Solutions/Cisco Secure Endpoint/Hunting Queries/CiscoSEScannedFiles.yaml	24
Solutions/Cisco Secure Endpoint/Hunting Queries/CiscoSESuspiciousPSDownloads.yaml	24
Solutions/Cisco Secure Endpoint/Hunting Queries/CiscoSEUncommonApplicationBehavior.yaml	24
Solutions/Cisco Secure Endpoint/Hunting Queries/CiscoSEVulnerableApplications.yaml	24
Solutions/Cisco Secure Endpoint/Parsers/CiscoSecureEndpoint.yaml	58
Solutions/Cisco UCS/Parsers/CiscoUCS.yaml	55
Solutions/CiscoASA/Analytic Rules/CiscoASA-AvgAttackDetectRateIncrease.yaml	78
Solutions/CiscoASA/Analytic Rules/CiscoASA-ThreatDetectionMessage.yaml	39
Solutions/CiscoDuoSecurity/Analytic Rules/CiscoDuoADSyncFailed.yaml	29
Solutions/CiscoDuoSecurity/Analytic Rules/CiscoDuoAdminDeleted.yaml	29
Solutions/CiscoDuoSecurity/Analytic Rules/CiscoDuoAdminMFAFailures.yaml	32
Solutions/CiscoDuoSecurity/Analytic Rules/CiscoDuoAdminPasswordReset.yaml	4
Solutions/CiscoDuoSecurity/Analytic Rules/CiscoDuoMultipleUserLoginFailures.yaml	33
Solutions/CiscoDuoSecurity/Analytic Rules/CiscoDuoMultipleUsersDeleted.yaml	31
Solutions/CiscoDuoSecurity/Analytic Rules/CiscoDuoNewAccessDevice.yaml	40
Solutions/CiscoDuoSecurity/Analytic Rules/CiscoDuoNewAdmin.yaml	30
Solutions/CiscoDuoSecurity/Analytic Rules/CiscoDuoNewAuthDeviceLocation.yaml	40
Solutions/CiscoDuoSecurity/Analytic Rules/CiscoDuoUnexpectedAuthFactor.yaml	36
Solutions/CiscoDuoSecurity/Data Connectors/AzureFunctionCiscoDuo/main.py	373
Solutions/CiscoDuoSecurity/Data Connectors/AzureFunctionCiscoDuo/sentinel_connector.py	90
Solutions/CiscoDuoSecurity/Data Connectors/AzureFunctionCiscoDuo/state_manager.py	18
Solutions/CiscoDuoSecurity/Hunting Queries/CiscoDuoAdmin2FAFailure.yaml	28
Solutions/CiscoDuoSecurity/Hunting Queries/CiscoDuoAdminDeleteActions.yaml	28
Solutions/CiscoDuoSecurity/Hunting Queries/CiscoDuoAdminFailure.yaml	28
Solutions/CiscoDuoSecurity/Hunting Queries/CiscoDuoAuthenticationErrorEvents.yaml	29
Solutions/CiscoDuoSecurity/Hunting Queries/CiscoDuoAuthenticationErrorReasons.yaml	25
Solutions/CiscoDuoSecurity/Hunting Queries/CiscoDuoDeletedUsers.yaml	28
Solutions/CiscoDuoSecurity/Hunting Queries/CiscoDuoFraudAuthentication.yaml	29
Solutions/CiscoDuoSecurity/Hunting Queries/CiscoDuoNewUsers.yaml	29
Solutions/CiscoDuoSecurity/Hunting Queries/CiscoDuoUnpachedAccessDevices.yaml	30
Solutions/CiscoDuoSecurity/Hunting Queries/CiscoDuoUnsecuredDevices.yaml	29
Solutions/CiscoDuoSecurity/Parsers/CiscoDuo.yaml	97
Solutions/CiscoMeraki/Parsers/CiscoMeraki.yaml	246
Solutions/CiscoSEG/Analytic Rules/CiscoSEGDLPViolation.yaml	32
Solutions/CiscoSEG/Analytic Rules/CiscoSEGMaliciousAttachmentNotBlocked.yaml	33
Solutions/CiscoSEG/Analytic Rules/CiscoSEGMultipleLargeEmails.yaml	37
Solutions/CiscoSEG/Analytic Rules/CiscoSEGMultipleSuspiciousEmails.yaml	34
Solutions/CiscoSEG/Analytic Rules/CiscoSEGPossibleOutbreak.yaml	32
Solutions/CiscoSEG/Analytic Rules/CiscoSEGPotentialLinkToMalwareDownload.yaml	33
Solutions/CiscoSEG/Analytic Rules/CiscoSEGSuspiciousLink.yaml	33
Solutions/CiscoSEG/Analytic Rules/CiscoSEGSuspiciousSenderDomain.yaml	39
Solutions/CiscoSEG/Analytic Rules/CiscoSEGUnclassifiedLink.yaml	33
Solutions/CiscoSEG/Analytic Rules/CiscoSEGUnexpextedAttachment.yaml	32
Solutions/CiscoSEG/Analytic Rules/CiscoSEGUnscannableAttachment.yaml	32
Solutions/CiscoSEG/Hunting Queries/CiscoSEGDroppedInMails.yaml	25
Solutions/CiscoSEG/Hunting Queries/CiscoSEGDroppedOutMails.yaml	25
Solutions/CiscoSEG/Hunting Queries/CiscoSEGFailedDKIMFailure.yaml	25
Solutions/CiscoSEG/Hunting Queries/CiscoSEGFailedDMARKFailure.yaml	25
Solutions/CiscoSEG/Hunting Queries/CiscoSEGFailedSPFFailure.yaml	25
Solutions/CiscoSEG/Hunting Queries/CiscoSEGFailedTLSIn.yaml	25
Solutions/CiscoSEG/Hunting Queries/CiscoSEGFailedTLSOut.yaml	25
Solutions/CiscoSEG/Hunting Queries/CiscoSEGInsecureProtocol.yaml	25
Solutions/CiscoSEG/Hunting Queries/CiscoSEGSpamMails.yaml	27
Solutions/CiscoSEG/Hunting Queries/CiscoSEGUsersReceivedSpam.yaml	27
Solutions/CiscoSEG/Parsers/CiscoSEGEvent.yaml	47
Solutions/CiscoUmbrella/Analytic Rules/CiscoUmbrellaConnectionNon-CorporatePrivateNetwork.yaml	33
Solutions/CiscoUmbrella/Analytic Rules/CiscoUmbrellaConnectionToUnpopularWebsiteDetected.yaml	44
Solutions/CiscoUmbrella/Analytic Rules/CiscoUmbrellaCryptoMinerUserAgentDetected.yaml	39
Solutions/CiscoUmbrella/Analytic Rules/CiscoUmbrellaEmptyUserAgentDetected.yaml	35
Solutions/CiscoUmbrella/Analytic Rules/CiscoUmbrellaHackToolUserAgentDetected.yaml	93
Solutions/CiscoUmbrella/Analytic Rules/CiscoUmbrellaPowershellUserAgentDetected.yaml	39
Solutions/CiscoUmbrella/Analytic Rules/CiscoUmbrellaRareUserAgentDetected.yaml	41
Solutions/CiscoUmbrella/Analytic Rules/CiscoUmbrellaRequestAllowedHarmfulMaliciousURICategory.yaml	54
Solutions/CiscoUmbrella/Analytic Rules/CiscoUmbrellaRequestBlocklistedFileType.yaml	40
Solutions/CiscoUmbrella/Analytic Rules/CiscoUmbrellaURIContainsIPAddress.yaml	37
Solutions/CiscoUmbrella/Data Connectors/ciscoUmbrellaDataConn/__init__.py	543
Solutions/CiscoUmbrella/Data Connectors/ciscoUmbrellaDataConn/state_manager.py	21
Solutions/CiscoUmbrella/Hunting Queries/CiscoUmbrellaAnomalousFQDNsforDomain.yaml	18
Solutions/CiscoUmbrella/Hunting Queries/CiscoUmbrellaBlockedUserAgents.yaml	15
Solutions/CiscoUmbrella/Hunting Queries/CiscoUmbrellaDNSErrors.yaml	17
Solutions/CiscoUmbrella/Hunting Queries/CiscoUmbrellaDNSRequestsUunreliableCategory.yaml	19
Solutions/CiscoUmbrella/Hunting Queries/CiscoUmbrellaHighCountsOfTheSameBytesInSize.yaml	19
Solutions/CiscoUmbrella/Hunting Queries/CiscoUmbrellaHighValuesOfUploadedData.yaml	18
Solutions/CiscoUmbrella/Hunting Queries/CiscoUmbrellaPossibleConnectionC2.yaml	18
Solutions/CiscoUmbrella/Hunting Queries/CiscoUmbrellaPossibleDataExfiltration.yaml	18
Solutions/CiscoUmbrella/Hunting Queries/CiscoUmbrellaProxyAllowedUnreliableCategory.yaml	19
Solutions/CiscoUmbrella/Hunting Queries/CiscoUmbrellaRequestsUncategorizedURI.yaml	17
Solutions/CiscoUmbrella/Parsers/Cisco_Umbrella.yaml	156
Solutions/CiscoWSA/Analytic Rules/CiscoWSAAccessToUnwantedSite.yaml	31
Solutions/CiscoWSA/Analytic Rules/CiscoWSADataExfiltration.yaml	36
Solutions/CiscoWSA/Analytic Rules/CiscoWSAMultipleErrorsToUnwantedCategory.yaml	40
Solutions/CiscoWSA/Analytic Rules/CiscoWSAMultipleErrorsToUrl.yaml	36
Solutions/CiscoWSA/Analytic Rules/CiscoWSAMultipleInfectedFiles.yaml	36
Solutions/CiscoWSA/Analytic Rules/CiscoWSAMultipleUnwantedFileTypes.yaml	36
Solutions/CiscoWSA/Analytic Rules/CiscoWSAProtocolAbuse.yaml	34
Solutions/CiscoWSA/Analytic Rules/CiscoWSAPublicIPSource.yaml	30
Solutions/CiscoWSA/Analytic Rules/CiscoWSAUnexpectedFileType.yaml	36
Solutions/CiscoWSA/Analytic Rules/CiscoWSAUnexpectedUrl.yaml	34
Solutions/CiscoWSA/Analytic Rules/CiscoWSAUnscannableFile.yaml	38
Solutions/CiscoWSA/Hunting Queries/CiscoWSABlockedFiles.yaml	24
Solutions/CiscoWSA/Hunting Queries/CiscoWSARareApplications.yaml	26
Solutions/CiscoWSA/Hunting Queries/CiscoWSATopApplications.yaml	23
Solutions/CiscoWSA/Hunting Queries/CiscoWSATopResources.yaml	27
Solutions/CiscoWSA/Hunting Queries/CiscoWSAUncategorizedResources.yaml	32
Solutions/CiscoWSA/Hunting Queries/CiscoWSAUploadedFiles.yaml	25
Solutions/CiscoWSA/Hunting Queries/CiscoWSAUrlRareErrorUrl.yaml	27
Solutions/CiscoWSA/Hunting Queries/CiscoWSAUrlShortenerLinks.yaml	32
Solutions/CiscoWSA/Hunting Queries/CiscoWSAUrlSuspiciousResources.yaml	32
Solutions/CiscoWSA/Hunting Queries/CiscoWSAUrlUsersWithErrors.yaml	30
Solutions/CiscoWSA/Parsers/CiscoWSAEvent.yaml	141
Solutions/Citrix ADC/Parsers/CitrixADCEventOld.yaml	168
Solutions/Claroty/Analytic Rules/ClarotyAssetDown.yaml	30
Solutions/Claroty/Analytic Rules/ClarotyCriticalBaselineDeviation.yaml	31
Solutions/Claroty/Analytic Rules/ClarotyLoginToUncommonSite.yaml	44
Solutions/Claroty/Analytic Rules/ClarotyMultipleFailedLogin.yaml	35
Solutions/Claroty/Analytic Rules/ClarotyMultipleFailedLoginsSameDst.yaml	37
Solutions/Claroty/Analytic Rules/ClarotyNewAsset.yaml	30
Solutions/Claroty/Analytic Rules/ClarotyPolicyViolation.yaml	30
Solutions/Claroty/Analytic Rules/ClarotySuspiciousActivity.yaml	30
Solutions/Claroty/Analytic Rules/ClarotySuspiciousFileTransfer.yaml	30
Solutions/Claroty/Analytic Rules/ClarotyTreat.yaml	36
Solutions/Claroty/Hunting Queries/ClarotyBaselineDeviation.yaml	24
Solutions/Claroty/Hunting Queries/ClarotyConflictAssets.yaml	24
Solutions/Claroty/Hunting Queries/ClarotyCriticalEvents.yaml	23
Solutions/Claroty/Hunting Queries/ClarotyPLCLogins.yaml	25
Solutions/Claroty/Hunting Queries/ClarotySRAFailedLogins.yaml	26
Solutions/Claroty/Hunting Queries/ClarotyScanSources.yaml	24
Solutions/Claroty/Hunting Queries/ClarotyScantargets.yaml	24
Solutions/Claroty/Hunting Queries/ClarotyUnapprovedAccess.yaml	24
Solutions/Claroty/Hunting Queries/ClarotyUnresolvedAlerts.yaml	24
Solutions/Claroty/Hunting Queries/ClarotyWriteExecuteOperations.yaml	24
Solutions/Claroty/Parsers/ClarotyEvent.yaml	89
Solutions/Cloud Identity Threat Protection Essentials/Analytic Rules/MFADisable.yaml	58
Solutions/Cloud Identity Threat Protection Essentials/Analytic Rules/NewExtUserGrantedAdmin.yaml	87
Solutions/Cloud Identity Threat Protection Essentials/Hunting Queries/ApplicationGrantedEWSPermissions.yaml	54
Solutions/Cloud Identity Threat Protection Essentials/Hunting Queries/DisabledAccountSigninAttempts.yaml	43
Solutions/Cloud Identity Threat Protection Essentials/Hunting Queries/DisabledAccountSigninAttemptsByIP.yaml	28
Solutions/Cloud Identity Threat Protection Essentials/Hunting Queries/Signins-From-VPS-Providers.yaml	8
Solutions/Cloud Identity Threat Protection Essentials/Hunting Queries/Signins-from-NordVPN-Providers.yaml	72
Solutions/Cloud Identity Threat Protection Essentials/Hunting Queries/StsRefreshTokenModification.yaml	67
Solutions/Cloud Identity Threat Protection Essentials/Hunting Queries/SuspiciousSignintoPrivilegedAccount.yaml	92
Solutions/Cloud Identity Threat Protection Essentials/Hunting Queries/UserGrantedAccess_GrantsOthersAccess.yaml	76
Solutions/Cloud Service Threat Protection Essentials/Hunting Queries/AzureKeyVaultAccessManipulation.yaml	50
Solutions/Cloud Service Threat Protection Essentials/Hunting Queries/AzureResourceAssignedPublicIP.yaml	77
Solutions/Cloudflare/Analytic Rules/CloudflareBadClientIp.yaml	36
Solutions/Cloudflare/Analytic Rules/CloudflareEmptyUA.yaml	30
Solutions/Cloudflare/Analytic Rules/CloudflareMultipleErrorsSource.yaml	33
Solutions/Cloudflare/Analytic Rules/CloudflareMultipleUAs.yaml	33
Solutions/Cloudflare/Analytic Rules/CloudflareUnexpectedCountry.yaml	36
Solutions/Cloudflare/Analytic Rules/CloudflareUnexpectedPost.yaml	35
Solutions/Cloudflare/Analytic Rules/CloudflareUnexpectedRequest.yaml	32
Solutions/Cloudflare/Analytic Rules/CloudflareUnexpectedUrl.yaml	32
Solutions/Cloudflare/Analytic Rules/CloudflareWafThreatAllowed.yaml	36
Solutions/Cloudflare/Analytic Rules/CloudflareXSSProbingPattern.yaml	38
Solutions/Cloudflare/Data Connectors/AzureFunctionCloudflare/main.py	160
Solutions/Cloudflare/Data Connectors/AzureFunctionCloudflare/sentinel_connector_async.py	94
Solutions/Cloudflare/Hunting Queries/CloudflareClientErrors.yaml	31
Solutions/Cloudflare/Hunting Queries/CloudflareClientTlsErrors.yaml	32
Solutions/Cloudflare/Hunting Queries/CloudflareFilesRequested.yaml	30
Solutions/Cloudflare/Hunting Queries/CloudflareRareUAs.yaml	25
Solutions/Cloudflare/Hunting Queries/CloudflareServerErrors.yaml	31
Solutions/Cloudflare/Hunting Queries/CloudflareServerTlsErrors.yaml	32
Solutions/Cloudflare/Hunting Queries/CloudflareTopNetworkRules.yaml	26
Solutions/Cloudflare/Hunting Queries/CloudflareTopWafRules.yaml	26
Solutions/Cloudflare/Hunting Queries/CloudflareUnexpectedCountries.yaml	24
Solutions/Cloudflare/Hunting Queries/CloudflareUnexpectedEdgeResponse.yaml	29
Solutions/Cloudflare/Parsers/Cloudflare.yaml	221
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/CofenseIntelligenceMalware/__init__.py	13
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/CofenseIntelligenceMalware/cofense_malware_data_to_sentinel.py	391
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/CofenseToSentinel/__init__.py	13
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/CofenseToSentinel/cofense_to_sentinel.py	273
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/CofenseToSentinel/cofense_to_sentinel_mapping.py	60
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/CofenseToSentinel/sentinel.py	126
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/DownloadThreatReports/__init__.py	149
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/RetryFailedIndicators/__init__.py	12
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/RetryFailedIndicators/retry_failed_indicators.py	269
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/RetryFailedIndicators/sentinel.py	111
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SentinelToDefender/__init__.py	34
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SentinelToDefender/defender.py	283
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SentinelToDefender/sentinel.py	711
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SentinelToDefender/sentinel_to_defender_mapping.py	151
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SharedCode/__init__.py	1
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SharedCode/cofense_intelligence_exception.py	3
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SharedCode/consts.py	63
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SharedCode/logger.py	25
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SharedCode/manage_checkpoints.py	82
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SharedCode/sentinel.py	117
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SharedCode/state_manager.py	37
Solutions/CofenseIntelligence/Data Connectors/CofenseIntelligenceDataConnector/SharedCode/utils.py	433
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/CofenseBasedIndicatorCreator/__init__.py	22
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/CofenseBasedIndicatorCreator/cofense.py	86
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/CofenseBasedIndicatorCreator/cofense_to_sentinel_mapping.py	323
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/CofenseBasedIndicatorCreator/sentinel.py	193
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/IndicatorCreatorToDefender/__init__.py	23
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/IndicatorCreatorToDefender/defender.py	281
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/IndicatorCreatorToDefender/sentinel.py	751
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/IndicatorCreatorToDefender/sentinel_to_defender_mapping.py	168
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/NonCofenseBasedIndicatorCreatorToCofense/__init__.py	23
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/NonCofenseBasedIndicatorCreatorToCofense/cofense.py	330
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/NonCofenseBasedIndicatorCreatorToCofense/sentinel.py	727
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/NonCofenseBasedIndicatorCreatorToCofense/sentinel_to_cofense_mapping.py	42
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/RetryFailedIndicators/__init__.py	13
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/RetryFailedIndicators/retry_failed_indicators.py	270
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/RetryFailedIndicators/sentinel.py	193
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/SharedCode/__init__.py	1
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/SharedCode/cofense_exception.py	3
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/SharedCode/consts.py	66
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/SharedCode/logger.py	22
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/SharedCode/state_manager.py	37
Solutions/CofenseTriage/Data Connectors/CofenseTriageDataConnector/SharedCode/utils.py	444
Solutions/Cognni/Analytic Rules/CognniHighRiskBusinessIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniHighRiskFinancialIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniHighRiskGovernanceIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniHighRiskHRIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniHighRiskLegalIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniLowRiskBusinessIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniLowRiskFinancialIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniLowRiskGovernanceIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniLowRiskHRIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniLowRiskLegalIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniMediumRiskBusinessIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniMediumRiskFinancialIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniMediumRiskGovernanceIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniMediumRiskHRIncidents.yaml	33
Solutions/Cognni/Analytic Rules/CognniMediumRiskLegalIncidents.yaml	33
Solutions/CognyteLuminar/Data Connectors/Cognyte Luminar/__init__.py	403
Solutions/CognyteLuminar/Data Connectors/Cognyte Luminar/state_manager.py	18
Solutions/CohesitySecurity/Data Connectors/Helios2Sentinel/IncidentConsumer/IncidentConsumer.cs	105
Solutions/CohesitySecurity/Data Connectors/Helios2Sentinel/IncidentProducer/IncidentProducer.cs	376
Solutions/CohesitySecurity/Data Connectors/Helios2Sentinel/deploy.py	20
Solutions/CohesitySecurity/Data Connectors/Helios2Sentinel/remove.py	37
Solutions/CohesitySecurity/Tools/Cohesity_Playbook_ARM_Template_Generator.ps1	445
Solutions/CohesitySecurity/build.ps1	2
Solutions/CohesitySecurity/build_one_solution.ps1	1315
Solutions/Commvault Security IQ/Analytic Rules/CommvaultSecurityIQ_Alert.yaml	35
Solutions/Commvault Security IQ/Analytic Rules/Data_Alert.yaml	33
Solutions/Commvault Security IQ/Analytic Rules/IDP_Alert.yaml	31
Solutions/Commvault Security IQ/Analytic Rules/User_Alert.yaml	35
Solutions/Commvault Security IQ/Data Connectors/AzureFunctionCommvaultSecurityIQ/main.py	467
Solutions/Commvault Security IQ/Playbooks/Runbooks/Commvault_Cycle_Token.ps1	69
Solutions/Commvault Security IQ/Playbooks/Runbooks/Commvault_Disable_Data_Aging.py	78
Solutions/Commvault Security IQ/Playbooks/Runbooks/Commvault_Disable_IDP.py	50
Solutions/Commvault Security IQ/Playbooks/Runbooks/Commvault_Disable_User.py	53
Solutions/Commvault Security IQ/Tools/AssignLogicAppRoles.ps1	67
Solutions/Commvault Security IQ/Tools/Setup-CommvaultAutomation.ps1	222
Solutions/ContinuousDiagnostics&Mitigation/Analytic Rules/ContinuousDiagnostics&MitigationPostureChanged.yaml	54
Solutions/ContinuousDiagnostics&Mitigation/Hunting Queries/ContinuousDiagnostics&MitigationPosture.yaml	43
Solutions/Contrast Protect/Analytic Rules/ContrastBlocks.yaml	67
Solutions/Contrast Protect/Analytic Rules/ContrastExploits.yaml	67
Solutions/Contrast Protect/Analytic Rules/ContrastProbes.yaml	67
Solutions/Contrast Protect/Analytic Rules/ContrastSuspicious.yaml	67
Solutions/Corelight/Analytic Rules/CorelightC2RepetitiveFailures.yaml	35
Solutions/Corelight/Analytic Rules/CorelightExternalProxyDetected.yaml	31
Solutions/Corelight/Analytic Rules/CorelightForcedExternalOutboundSMB.yaml	33
Solutions/Corelight/Analytic Rules/CorelightMultipleCompressedFilesTransferredOverHTTP.yaml	34
Solutions/Corelight/Analytic Rules/CorelightMultipleFilesSentOverHTTPAbnormalRequests.yaml	35
Solutions/Corelight/Analytic Rules/CorelightNetworkServiceScanning.yaml	37
Solutions/Corelight/Analytic Rules/CorelightPossibleWebshell.yaml	33
Solutions/Corelight/Analytic Rules/CorelightPossibleWebshellRarePOST.yaml	36
Solutions/Corelight/Analytic Rules/CorelightSMTPEmailSubjectNonAsciiCharacters.yaml	36
Solutions/Corelight/Analytic Rules/CorelightTypoSquattingOrPunycodePhishingHTTPRequest.yaml	31
Solutions/Corelight/Hunting Queries/CorelightAbnormalEmailSubject.yaml	22
Solutions/Corelight/Hunting Queries/CorelightCompressedFilesTransferredOverHTTP.yaml	26
Solutions/Corelight/Hunting Queries/CorelightDataTransferedByIp.yaml	25
Solutions/Corelight/Hunting Queries/CorelightExternalServices.yaml	26
Solutions/Corelight/Hunting Queries/CorelightFilesSeen.yaml	29
Solutions/Corelight/Hunting Queries/CorelightFilesTransferedByIp.yaml	28
Solutions/Corelight/Hunting Queries/CorelightMultipleRemoteSMBConnectionsFromSingleIP.yaml	26
Solutions/Corelight/Hunting Queries/CorelightObfuscatedBinary.yaml	25
Solutions/Corelight/Hunting Queries/CorelightRarePOST.yaml	31
Solutions/Corelight/Hunting Queries/CorelightRepetitiveDnsFailures.yaml	27
Solutions/Corelight/Parsers/corelight_bacnet.yaml	33
Solutions/Corelight/Parsers/corelight_capture_loss.yaml	28
Solutions/Corelight/Parsers/corelight_cip.yaml	31
Solutions/Corelight/Parsers/corelight_conn.yaml	198
Solutions/Corelight/Parsers/corelight_conn_long.yaml	64
Solutions/Corelight/Parsers/corelight_conn_red.yaml	64
Solutions/Corelight/Parsers/corelight_corelight_burst.yaml	33
Solutions/Corelight/Parsers/corelight_corelight_metrics_disk.yaml	968
Solutions/Corelight/Parsers/corelight_corelight_metrics_iface.yaml	164
Solutions/Corelight/Parsers/corelight_corelight_metrics_memory.yaml	63
Solutions/Corelight/Parsers/corelight_corelight_metrics_system.yaml	61
Solutions/Corelight/Parsers/corelight_corelight_metrics_zeek_doctor.yaml	67
Solutions/Corelight/Parsers/corelight_corelight_overall_capture_loss.yaml	26
Solutions/Corelight/Parsers/corelight_corelight_profiling.yaml	27
Solutions/Corelight/Parsers/corelight_datared.yaml	41
Solutions/Corelight/Parsers/corelight_dce_rpc.yaml	32
Solutions/Corelight/Parsers/corelight_dga.yaml	33
Solutions/Corelight/Parsers/corelight_dhcp.yaml	37
Solutions/Corelight/Parsers/corelight_dnp3.yaml	31
Solutions/Corelight/Parsers/corelight_dns.yaml	167
Solutions/Corelight/Parsers/corelight_dns_red.yaml	33
Solutions/Corelight/Parsers/corelight_dpd.yaml	31
Solutions/Corelight/Parsers/corelight_encrypted_dns.yaml	29
Solutions/Corelight/Parsers/corelight_enip.yaml	34
Solutions/Corelight/Parsers/corelight_enip_debug.yaml	29
Solutions/Corelight/Parsers/corelight_enip_list_identity.yaml	37
Solutions/Corelight/Parsers/corelight_etc_viz.yaml	111
Solutions/Corelight/Parsers/corelight_files.yaml	137
Solutions/Corelight/Parsers/corelight_files_red.yaml	47
Solutions/Corelight/Parsers/corelight_ftp.yaml	107
Solutions/Corelight/Parsers/corelight_generic_dns_tunnels.yaml	27
Solutions/Corelight/Parsers/corelight_generic_icmp_tunnels.yaml	32
Solutions/Corelight/Parsers/corelight_http.yaml	205
Solutions/Corelight/Parsers/corelight_http2.yaml	46
Solutions/Corelight/Parsers/corelight_http_red.yaml	53
Solutions/Corelight/Parsers/corelight_icmp_specific_tunnels.yaml	33
Solutions/Corelight/Parsers/corelight_intel.yaml	101
Solutions/Corelight/Parsers/corelight_ipsec.yaml	52
Solutions/Corelight/Parsers/corelight_irc.yaml	37
Solutions/Corelight/Parsers/corelight_iso_cotp.yaml	29
Solutions/Corelight/Parsers/corelight_kerberos.yaml	42
Solutions/Corelight/Parsers/corelight_known_certs.yaml	36
Solutions/Corelight/Parsers/corelight_known_devices.yaml	33
Solutions/Corelight/Parsers/corelight_known_domains.yaml	32
Solutions/Corelight/Parsers/corelight_known_hosts.yaml	33
Solutions/Corelight/Parsers/corelight_known_names.yaml	32
Solutions/Corelight/Parsers/corelight_known_remotes.yaml	28
Solutions/Corelight/Parsers/corelight_known_services.yaml	35
Solutions/Corelight/Parsers/corelight_known_users.yaml	33
Solutions/Corelight/Parsers/corelight_local_subnets.yaml	31
Solutions/Corelight/Parsers/corelight_local_subnets_dj.yaml	28
Solutions/Corelight/Parsers/corelight_local_subnets_graphs.yaml	28
Solutions/Corelight/Parsers/corelight_log4shell.yaml	35
Solutions/Corelight/Parsers/corelight_modbus.yaml	30
Solutions/Corelight/Parsers/corelight_mqtt_connect.yaml	34
Solutions/Corelight/Parsers/corelight_mqtt_publish.yaml	35
Solutions/Corelight/Parsers/corelight_mqtt_subscribe.yaml	33
Solutions/Corelight/Parsers/corelight_mysql.yaml	87
Solutions/Corelight/Parsers/corelight_notice.yaml	146
Solutions/Corelight/Parsers/corelight_ntlm.yaml	35
Solutions/Corelight/Parsers/corelight_ntp.yaml	41
Solutions/Corelight/Parsers/corelight_ocsp.yaml	33
Solutions/Corelight/Parsers/corelight_openflow.yaml	56
Solutions/Corelight/Parsers/corelight_packet_filter.yaml	27
Solutions/Corelight/Parsers/corelight_pe.yaml	39
Solutions/Corelight/Parsers/corelight_profinet.yaml	33
Solutions/Corelight/Parsers/corelight_profinet_dce_rpc.yaml	35
Solutions/Corelight/Parsers/corelight_profinet_debug.yaml	29
Solutions/Corelight/Parsers/corelight_radius.yaml	36
Solutions/Corelight/Parsers/corelight_rdp.yaml	117
Solutions/Corelight/Parsers/corelight_reporter.yaml	26
Solutions/Corelight/Parsers/corelight_rfb.yaml	38
Solutions/Corelight/Parsers/corelight_s7comm.yaml	97
Solutions/Corelight/Parsers/corelight_signatures.yaml	34
Solutions/Corelight/Parsers/corelight_sip.yaml	49
Solutions/Corelight/Parsers/corelight_smartpcap.yaml	24
Solutions/Corelight/Parsers/corelight_smartpcap_stats.yaml	44
Solutions/Corelight/Parsers/corelight_smb_files.yaml	125
Solutions/Corelight/Parsers/corelight_smb_mapping.yaml	97
Solutions/Corelight/Parsers/corelight_smtp.yaml	129
Solutions/Corelight/Parsers/corelight_smtp_links.yaml	31
Solutions/Corelight/Parsers/corelight_snmp.yaml	37
Solutions/Corelight/Parsers/corelight_socks.yaml	38
Solutions/Corelight/Parsers/corelight_software.yaml	74
Solutions/Corelight/Parsers/corelight_specific_dns_tunnels.yaml	32
Solutions/Corelight/Parsers/corelight_ssh.yaml	162
Solutions/Corelight/Parsers/corelight_ssl.yaml	133
Solutions/Corelight/Parsers/corelight_ssl_red.yaml	43
Solutions/Corelight/Parsers/corelight_stats.yaml	48
Solutions/Corelight/Parsers/corelight_stepping.yaml	35
Solutions/Corelight/Parsers/corelight_stun.yaml	35
Solutions/Corelight/Parsers/corelight_stun_nat.yaml	33
Solutions/Corelight/Parsers/corelight_suri_aggregations.yaml	64
Solutions/Corelight/Parsers/corelight_suricata_corelight.yaml	207
Solutions/Corelight/Parsers/corelight_suricata_eve.yaml	24
Solutions/Corelight/Parsers/corelight_suricata_stats.yaml	24
Solutions/Corelight/Parsers/corelight_suricata_zeek_stats.yaml	30
Solutions/Corelight/Parsers/corelight_syslog.yaml	32
Solutions/Corelight/Parsers/corelight_tds.yaml	29
Solutions/Corelight/Parsers/corelight_tds_rpc.yaml	30
Solutions/Corelight/Parsers/corelight_tds_sql_batch.yaml	30
Solutions/Corelight/Parsers/corelight_traceroute.yaml	26
Solutions/Corelight/Parsers/corelight_tunnel.yaml	30
Solutions/Corelight/Parsers/corelight_unknown_smartpcap.yaml	26
Solutions/Corelight/Parsers/corelight_util_stats.yaml	24
Solutions/Corelight/Parsers/corelight_vpn.yaml	177
Solutions/Corelight/Parsers/corelight_weird.yaml	32
Solutions/Corelight/Parsers/corelight_weird_red.yaml	33
Solutions/Corelight/Parsers/corelight_weird_stats.yaml	25
Solutions/Corelight/Parsers/corelight_wireguard.yaml	31
Solutions/Corelight/Parsers/corelight_x509.yaml	171
Solutions/Corelight/Parsers/corelight_x509_red.yaml	44
Solutions/Corelight/Parsers/corelight_zeek_doctor.yaml	30
Solutions/Cortex XDR/Analytic Rules/CortexXDR_High.yaml	51
Solutions/Cortex XDR/Analytic Rules/CortexXDR_Low.yaml	51
Solutions/Cortex XDR/Analytic Rules/CortexXDR_Medium.yaml	51
Solutions/Cortex XDR/Parsers/PaloAltoCortexXDR.yaml	41
Solutions/Cribl/Parsers/CriblAccess.yaml	20
Solutions/Cribl/Parsers/CriblAudit.yaml	31
Solutions/Cribl/Parsers/CriblInternal.yaml	32
Solutions/Cribl/Parsers/CriblUIAccess.yaml	29
Solutions/CrowdStrike Falcon Endpoint Protection/Analytic Rules/CriticalOrHighSeverityDetectionsByUser.yaml	19
Solutions/CrowdStrike Falcon Endpoint Protection/Analytic Rules/CriticalSeverityDetection.yaml	45
Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdStrikeFalconAdversaryIntelligence/CrowdStrikeFalconThreatIntelConnector/__init__.py	187
Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdStrikeFalconAdversaryIntelligence/CrowdStrikeFalconThreatIntelConnector/utils.py	107
Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicator/CrowdstrikeFalconAPISentinelConnector/__init__.py	195
Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicator/CrowdstrikeFalconAPISentinelConnector/sentinel_connector_async.py	95
Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicator/CrowdstrikeFalconAPISentinelConnector/state_manager.py	18
Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/CrowdstrikeFalconAPISentinelConn/QueueTriggerCS/__init__.py	284
Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/CrowdstrikeFalconAPISentinelConn/QueueTriggerCS/sentinel_connector_clv2_async.py	95
Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/CrowdstrikeFalconAPISentinelConn/Replicator/main_aws_queue.py	157
Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/Data Collection Rules/Transformations/ASimAuthenticationEventCrowdStrikeFalcon.yaml	79
Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/Data Collection Rules/Transformations/ASimProcessEventCrowdStrikeFalcon.yaml	86
Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/Data Collection Rules/Transformations/ASimRegistryEventCrowdStrikeFalcon.yaml	57
Solutions/CrowdStrike Falcon Endpoint Protection/Data Connectors/CrowdstrikeReplicatorCLv2/Data Collection Rules/Transformations/ASimUserManagementCrowdStrikeFalcon.yaml	54
Solutions/CrowdStrike Falcon Endpoint Protection/Parsers/CrowdStrikeFalconEventStream.yaml	67
Solutions/CrowdStrike Falcon Endpoint Protection/Parsers/CrowdStrikeReplicator.yaml	1074
Solutions/CrowdStrike Falcon Endpoint Protection/Parsers/CrowdStrikeReplicatorV2.yaml	155
Solutions/CrowdStrike Falcon Endpoint Protection/Parsers/CrowdStrikeReplicator_future.yaml	1123
Solutions/CyberArkAudit/Data Connectors/CyberArkAuditConnector/audit.py	165
Solutions/CyberArkAudit/Data Connectors/CyberArkAuditConnector/exporter.py	45
Solutions/CyberArkAudit/Data Connectors/CyberArkAuditConnector/main.py	15
Solutions/CyberArkAudit/Data Connectors/CyberArkAuditConnector/storage.py	39
Solutions/CyberArkEPM/Analytic Rules/CyberArkEPMAttackAttemptNotBlocked.yaml	30
Solutions/CyberArkEPM/Analytic Rules/CyberArkEPMMSBuildLOLBin.yaml	30
Solutions/CyberArkEPM/Analytic Rules/CyberArkEPMMultipleAttackAttempts.yaml	30
Solutions/CyberArkEPM/Analytic Rules/CyberArkEPMNewProcessStartetFromSystem.yaml	33
Solutions/CyberArkEPM/Analytic Rules/CyberArkEPMPossibleExecutionOfPowershellEmpire.yaml	29
Solutions/CyberArkEPM/Analytic Rules/CyberArkEPMProcessChangedStartLocation.yaml	33
Solutions/CyberArkEPM/Analytic Rules/CyberArkEPMRareProcInternetAccess.yaml	41
Solutions/CyberArkEPM/Analytic Rules/CyberArkEPMRenamedWindowsBinary.yaml	23
Solutions/CyberArkEPM/Analytic Rules/CyberArkEPMUnexpectedExecutableExtension.yaml	24
Solutions/CyberArkEPM/Analytic Rules/CyberArkEPMUnexpectedExecutableLocation.yaml	23
Solutions/CyberArkEPM/DataConnectors/CyberArkEPMSentinelConnector/__init__.py	160
Solutions/CyberArkEPM/DataConnectors/CyberArkEPMSentinelConnector/pyepm.py	184
Solutions/CyberArkEPM/DataConnectors/CyberArkEPMSentinelConnector/state_manager.py	18
Solutions/CyberArkEPM/Hunting Queries/CyberArkEPMElevationRequests.yaml	25
Solutions/CyberArkEPM/Hunting Queries/CyberArkEPMPowershellDownloads.yaml	25
Solutions/CyberArkEPM/Hunting Queries/CyberArkEPMPowershellExecutionParameters.yaml	25
Solutions/CyberArkEPM/Hunting Queries/CyberArkEPMProcessNewHash.yaml	25
Solutions/CyberArkEPM/Hunting Queries/CyberArkEPMProcessesAccessedInternet.yaml	24
Solutions/CyberArkEPM/Hunting Queries/CyberArkEPMProcessesRunAsAdmin.yaml	26
Solutions/CyberArkEPM/Hunting Queries/CyberArkEPMRareProcVendors.yaml	25
Solutions/CyberArkEPM/Hunting Queries/CyberArkEPMRareProcessesRunByUsers.yaml	25
Solutions/CyberArkEPM/Hunting Queries/CyberArkEPMScriptsExecuted.yaml	28
Solutions/CyberArkEPM/Hunting Queries/CyberArkEPMSuspiciousActivityAttempts.yaml	23
Solutions/CyberArkEPM/Parsers/CyberArkEPM.yaml	96
Solutions/CybersecurityMaturityModelCertification(CMMC)2.0/Analytic Rules/CMMC2.0Level1FoundationalPosture.yaml	35
Solutions/CybersecurityMaturityModelCertification(CMMC)2.0/Analytic Rules/CMMC2.0Level2AdvancedPosture.yaml	35
Solutions/Cybersixgill-Actionable-Alerts/Data Connectors/CybersixgillAlerts/__init__.py	192
Solutions/Cybersixgill-Actionable-Alerts/Data Connectors/CybersixgillAlerts/state_manager.py	18
Solutions/Cybersixgill-Actionable-Alerts/Data Connectors/CybersixgillAlerts/utils.py	48
Solutions/Cybersixgill-Actionable-Alerts/Hunting Queries/ActionableAlerts.yaml	11
Solutions/Cyborg Security HUNTER/Hunting Queries/Attempted VBScript Stored in Non-Run CurrentVersion Registry Key Value.yaml	29
Solutions/Cyborg Security HUNTER/Hunting Queries/Excessive Windows Discovery and Execution Processes - Potential Malware Installation.yaml	62
Solutions/Cyborg Security HUNTER/Hunting Queries/LSASS Memory Dumping using WerFault.exe - Command Identification.yaml	18
Solutions/Cyborg Security HUNTER/Hunting Queries/Metasploit Impacket PsExec Process Creation Activity.yaml	19
Solutions/Cyborg Security HUNTER/Hunting Queries/Potential Maldoc Execution Chain Observed.yaml	42
Solutions/Cyborg Security HUNTER/Hunting Queries/PowerShell Pastebin Download.yaml	32
Solutions/Cyborg Security HUNTER/Hunting Queries/Powershell Encoded Command Execution.yaml	21
Solutions/Cyborg Security HUNTER/Hunting Queries/Prohibited Applications Spawning cmd.exe or powershell.exe.yaml	39
Solutions/Cyborg Security HUNTER/Hunting Queries/Proxy VBScript Execution via CurrentVersion Registry Key.yaml	22
Solutions/Cyborg Security HUNTER/Hunting Queries/Rundll32 or cmd Executing Application from Explorer - Potential Malware Execution Chain.yaml	30
Solutions/Cynerio/Analytic Rules/IoTDefaultPasswords.yaml	35
Solutions/Cynerio/Analytic Rules/IoTExploitationAttempts.yaml	36
Solutions/Cynerio/Analytic Rules/IoTWeakPasswords.yaml	35
Solutions/Cynerio/Analytic Rules/MedicalDeviceScanning.yaml	32
Solutions/Cynerio/Analytic Rules/SuspiciousConnections.yaml	33
Solutions/Cynerio/Parsers/CynerioEvent_Authentication.yaml	48
Solutions/Cynerio/Parsers/CynerioEvent_NetworkSession.yaml	177
Solutions/Cyware/Hunting queries/DetectingSuspiciousPowerShellCommandExecutions.yaml	28
Solutions/Cyware/Hunting queries/MatchCywareIntelWatchlistItemsWithCommonLogs.yaml	20
Solutions/Cyware/Hunting queries/UnusualNetworkConnectionsToRareExternalDomains.yaml	19
Solutions/DEV-0537DetectionandHunting/Hunting Queries/Empty.yaml	21
Solutions/DNS Essentials/Analytic Rules/ExcessiveNXDOMAINDNSQueriesAnomalyBased.yaml	88
Solutions/DNS Essentials/Analytic Rules/ExcessiveNXDOMAINDNSQueriesStaticThresholdBased.yaml	46
Solutions/DNS Essentials/Analytic Rules/MultipleErrorsReportedForSameDNSQueryAnomalyBased.yaml	121
Solutions/DNS Essentials/Analytic Rules/MultipleErrorsReportedForSameDNSQueryStaticThresholdBased.yaml	74
Solutions/DNS Essentials/Analytic Rules/NgrokReverseProxyOnNetwork.yaml	42
Solutions/DNS Essentials/Analytic Rules/PotentialDGADetectedviaRepetitiveFailuresAnomalyBased.yaml	144
Solutions/DNS Essentials/Analytic Rules/PotentialDGADetectedviaRepetitiveFailuresStaticThresholdBased.yaml	67
Solutions/DNS Essentials/Analytic Rules/RareClientObservedWithHighReverseDNSLookupCountAnomalyBased.yaml	60
Solutions/DNS Essentials/Analytic Rules/RareClientObservedWithHighReverseDNSLookupCountStaticThresholdBased.yaml	58
Solutions/DNS Essentials/Hunting Queries/AnomalousIncreaseInDNSActivityByClients.yaml	119
Solutions/DNS Essentials/Hunting Queries/CVE-2020-1350 (SIGRED)ExploitationPattern.yaml	28
Solutions/DNS Essentials/Hunting Queries/ConnectionToUnpopularWebsiteDetected.yaml	118
Solutions/DNS Essentials/Hunting Queries/DNSQueryWithFailuresInLast24Hours.yaml	26
Solutions/DNS Essentials/Hunting Queries/DomainsWithLargeNumberOfSubDomains.yaml	31
Solutions/DNS Essentials/Hunting Queries/IncreaseInDNSRequestsByClientThanTheDailyAverageCount.yaml	63
Solutions/DNS Essentials/Hunting Queries/PossibleDNSTunnelingOrDataExfiltrationActivity.yaml	17
Solutions/DNS Essentials/Hunting Queries/PotentialBeaconingActivity.yaml	53
Solutions/DNS Essentials/Hunting Queries/Sources(Clients)WithHighNumberOfErrors.yaml	27
Solutions/DNS Essentials/Hunting Queries/UnexpectedTopLevelDomains.yaml	33
Solutions/Darktrace/Analytic Rules/CreateAlertFromModelBreach.yaml	75
Solutions/Darktrace/Analytic Rules/CreateAlertFromSystemStatus.yaml	56
Solutions/Darktrace/Analytic Rules/CreateIncidentFromAIAnalystIncident.yaml	65
Solutions/Dataminr Pulse/Analytic Rules/DataminrSentinelAlerts.yaml	36
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/DataminrPulseAlertsHttpStarter/__init__.py	104
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/DataminrPulseAlertsManualActivity/__init__.py	17
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/DataminrPulseAlertsManualActivity/dataminrpulse_integration_settings.py	341
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/DataminrPulseAlertsSentinelActivity/__init__.py	20
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/DataminrPulseAlertsSentinelActivity/dataminr_pulse.py	288
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/DataminrPulseAlertsSentinelActivity/sentinel.py	94
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/DataminrPulseAlertsSentinelOrchestrator/__init__.py	10
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/DataminrPulseThreatIntelligence/__init__.py	13
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/DataminrPulseThreatIntelligence/dataminr_pulse_threat_intelligence.py	235
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/DataminrPulseThreatIntelligence/dataminr_pulse_to_threat_intelligence_mapping.py	118
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/DataminrPulseThreatIntelligence/get_logs_data.py	64
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/DataminrPulseThreatIntelligence/sentinel.py	193
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/RetryFailedIndicators/__init__.py	12
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/RetryFailedIndicators/post_to_log_analytics.py	115
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/RetryFailedIndicators/retry_failed_indicators.py	271
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/RetryFailedIndicators/sentinel.py	193
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/shared_code/consts.py	36
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/shared_code/dataminrpulse_exception.py	3
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/shared_code/logger.py	12
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/shared_code/state_manager.py	37
Solutions/Dataminr Pulse/Data Connectors/DataminrPulseAlerts/shared_code/validate_params.py	46
Solutions/Dataminr Pulse/Parsers/DataminrPulseAlerts.yaml	102
Solutions/Dataminr Pulse/Parsers/DataminrPulseCyberAlerts.yaml	105
Solutions/Dev 0270 Detection and Hunting/Analytic Rules/Dev-0270NewUserSep2022.yaml	47
Solutions/Dev 0270 Detection and Hunting/Analytic Rules/Dev-0270PowershellSep2022.yaml	45
Solutions/Dev 0270 Detection and Hunting/Analytic Rules/Dev-0270RegistryIOCSep2022.yaml	42
Solutions/Dev 0270 Detection and Hunting/Analytic Rules/Dev-0270WMICDiscoverySep2022.yaml	41
Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianClassifiedDataInsecureTransfer.yaml	35
Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianExfiltrationOverDNS.yaml	29
Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianExfiltrationToFileShareServices.yaml	33
Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianFileSentToExternal.yaml	36
Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianFileSentToExternalDomain.yaml	35
Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianFilesSentToExternalDomain.yaml	38
Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianMultipleIncidentsFromUser.yaml	32
Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianPossibleProtocolAbuse.yaml	30
Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianUnexpectedProtocol.yaml	29
Solutions/Digital Guardian Data Loss Prevention/Analytic Rules/DigitalGuardianViolationNotBlocked.yaml	32
Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianDomains.yaml	26
Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianFilesSentByUsers.yaml	24
Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianIncidentsByUser.yaml	25
Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianInsecureProtocolSources.yaml	24
Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianInspectedFiles.yaml	24
Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianNewIncidents.yaml	25
Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianRareDestinationPorts.yaml	25
Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianRareNetworkProtocols.yaml	30
Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianRareUrls.yaml	26
Solutions/Digital Guardian Data Loss Prevention/Hunting Queries/DigitalGuardianUrlByUser.yaml	24
Solutions/Digital Guardian Data Loss Prevention/Parsers/DigitalGuardianDLPEvent.yaml	31
Solutions/Digital Shadows/Analytic Rules/Digital_Shadows_incident_creation_exclude.yaml	70
Solutions/Digital Shadows/Analytic Rules/Digital_Shadows_incident_creation_include.yaml	70
Solutions/Digital Shadows/Data Connectors/Digital Shadows/DigitalShadowsConnectorAzureFunction/AS_api.py	39
Solutions/Digital Shadows/Data Connectors/Digital Shadows/DigitalShadowsConnectorAzureFunction/AS_poller.py	2
Solutions/Digital Shadows/Data Connectors/Digital Shadows/DigitalShadowsConnectorAzureFunction/DS_api.py	98
Solutions/Digital Shadows/Data Connectors/Digital Shadows/DigitalShadowsConnectorAzureFunction/DS_poller.py	140
Solutions/Digital Shadows/Data Connectors/Digital Shadows/DigitalShadowsConnectorAzureFunction/__init__.py	27
Solutions/Digital Shadows/Data Connectors/Digital Shadows/DigitalShadowsConnectorAzureFunction/constant.py	6
Solutions/Digital Shadows/Data Connectors/Digital Shadows/DigitalShadowsConnectorAzureFunction/state_serializer.py	73
Solutions/DomainTools/Parsers/DomainToolsDNS.yaml	37
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/ClassicReverseIP/__init__.py	74
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/DomainProfile/__init__.py	70
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/DomainRiskScore/__init__.py	70
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/DomainSearch/__init__.py	113
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/EnrichDomain/__init__.py	306
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/EnrichDomain/utils.py	74
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/Evidence/__init__.py	70
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/HostingHistory/__init__.py	70
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/InvestigateDomain/__init__.py	458
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/ParsedWhois/__init__.py	111
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/PivotByMXIP/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/PivotByNameserverIPAddress/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/PivotByRegistrantName/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/PivotByRegistrantOrg/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/PivotBySSLHash/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/PivotMXHost/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/PivotNameServerHost/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/PivotSSLEmail/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/ReturnDomainsFromSearchHash/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/ReturnTaggedWithAll/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/ReturnTaggedWithAny/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/ReverseEmail/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/ReverseEmailDomain/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/ReverseIP/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/ReverseIPHost-Domains/__init__.py	74
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/ReverseIPWhois/__init__.py	95
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/ReverseNameServer/__init__.py	74
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/ReverseWhois/__init__.py	83
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/WhoisHistory/__init__.py	87
Solutions/DomainTools/Playbooks/CustomConnector/DomainTools_FunctionAppConnector/WhoisLookup/__init__.py	70
Solutions/Dragos/Analytic Rules/DragosNotifiction.yaml	63
Solutions/Dragos/Parsers/DragosNotificationsToSentinel.yaml	18
Solutions/Dragos/Parsers/DragosPullNotificationsToSentinel.yaml	46
Solutions/Dragos/Parsers/DragosPushNotificationsToSentinel.yaml	41
Solutions/Dragos/Parsers/DragosSeverityToSentinelSeverity.yaml	19
Solutions/Dynatrace/Analytic Rules/DynatraceApplicationSecurity_AttackDetection.yaml	61
Solutions/Dynatrace/Analytic Rules/DynatraceApplicationSecurity_CodeLevelVulnerabilityDetection.yaml	70
Solutions/Dynatrace/Analytic Rules/DynatraceApplicationSecurity_NonCriticalVulnerabilityDetection.yaml	65
Solutions/Dynatrace/Analytic Rules/DynatraceApplicationSecurity_ThirdPartyVulnerabilityDetection.yaml	71
Solutions/Dynatrace/Analytic Rules/Dynatrace_ProblemDetection.yaml	54
Solutions/Dynatrace/Parsers/DynatraceAttacks.yaml	41
Solutions/Dynatrace/Parsers/DynatraceAuditLogs.yaml	23
Solutions/Dynatrace/Parsers/DynatraceProblems.yaml	30
Solutions/Dynatrace/Parsers/DynatraceSecurityProblems.yaml	40
Solutions/ESET Inspect/Data Connectors/InspectGetDetections/__init__.py	69
Solutions/ESET Inspect/Data Connectors/datacollector/__init__.py	49
Solutions/ESET Inspect/Data Connectors/esetinspect/__init__.py	5
Solutions/ESET Inspect/Data Connectors/esetinspect/eifunctions.py	5
Solutions/ESET Inspect/Data Connectors/esetinspect/inspect.py	142
Solutions/ESET Protect Platform/Data Connectors/function_app.py	17
Solutions/ESET Protect Platform/Data Connectors/integration/__init__.py	1
Solutions/ESET Protect Platform/Data Connectors/integration/exceptions.py	29
Solutions/ESET Protect Platform/Data Connectors/integration/main.py	147
Solutions/ESET Protect Platform/Data Connectors/integration/models.py	86
Solutions/ESET Protect Platform/Data Connectors/integration/models_detections.py	96
Solutions/ESET Protect Platform/Data Connectors/integration/utils.py	276
Solutions/ESET Protect Platform/Parsers/ESETProtectPlatform.yaml	54
Solutions/ESETPROTECT/Analytic Rules/ESETThreatDetected.yaml	45
Solutions/ESETPROTECT/Analytic Rules/ESETWebsiteBlocked.yaml	48
Solutions/ESETPROTECT/Parsers/ESETPROTECT.yaml	138
Solutions/EatonForeseer/Analytic Rules/EatonUnautorizedLogins.yaml	57
Solutions/Egress Defend/Analytic Rules/DangerousAttachmentReceived.yaml	55
Solutions/Egress Defend/Analytic Rules/DangerousLinksClicked.yaml	51
Solutions/Egress Defend/Hunting Queries/DangerousLinksClicked.yaml	16
Solutions/Egress Defend/Parsers/DefendAuditData.yaml	26
Solutions/ElasticAgent/Parsers/ElasticAgentEvent.yaml	168
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/DumpingLSASSProcessIntoaFile.yaml	48
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/LateralMovementViaDCOM.yaml	49
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/MacroInvokingShellBrowserWindowCOMObjects.yaml	48
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/PotentialRemoteDesktopTunneling.yaml	49
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/RegistryPersistenceViaAppCertDLLModification.yaml	45
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/RegistryPersistenceViaAppInt_DLLsModification.yaml	45
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/SecurityEventLogCleared.yaml	59
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/SuspiciousPowerShellCommandExecuted.yaml	69
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/WDigestDowngradeAttack.yaml	44
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/WindowsBinariesExecutedfromNon-DefaultDirectory.yaml	50
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/WindowsBinariesLolbinsRenamed.yaml	50
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/base64_encoded_pefile.yaml	68
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/execute_base64_decodedpayload.yaml	73
Solutions/Endpoint Threat Protection Essentials/Analytic Rules/malware_in_recyclebin.yaml	71
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/ASimProcess_CertutilLoLBins.yaml	26
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/ASimProcess_WindowsSystemShutdownReboot.yaml	24
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/BackupDeletion.yaml	90
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/Certutil-LOLBins.yaml	55
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/DownloadOfNewFileUsingCurl.yaml	60
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/FileExecutionWithOneCharacterInTheName.yaml	52
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/PersistViaIFEORegistryKey.yaml	90
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/PotentialMicrosoftSecurityServicesTampering.yaml	117
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/RemoteLoginPerformedwithWMI.yaml	46
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/RemoteScheduledTaskCreationUpdateUsingATSVCNamedPipe.yaml	49
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/ScheduledTaskCreationUpdateFromUserWritableDrectory.yaml	51
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/SignedBinaryProxyExecutionRundll32.yaml	52
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/SuspiciousPowerShellCommandExecution.yaml	57
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/UnicodeObfuscationInCommandLine.yaml	55
Solutions/Endpoint Threat Protection Essentials/Hunting Queries/WindowsFirewallUpdateUsingNetsh.yaml	147
Solutions/Eset Security Management Center/Analytic Rules/eset-sites-blocked.yaml	45
Solutions/Eset Security Management Center/Analytic Rules/eset-threats.yaml	41
Solutions/Exabeam Advanced Analytics/Parsers/ExabeamEvent.yaml	104
Solutions/ExtraHop/Analytic Rules/ExtraHopSentinelAlerts.yaml	64
Solutions/ExtraHop/Data Connectors/ExtraHopDataConnector/ExtraHopDetectionsOrchestrator/__init__.py	11
Solutions/ExtraHop/Data Connectors/ExtraHopDataConnector/ExtraHopHttpStarter/__init__.py	67
Solutions/ExtraHop/Data Connectors/ExtraHopDataConnector/ExtraHopSentinelActivity/__init__.py	22
Solutions/ExtraHop/Data Connectors/ExtraHopDataConnector/ExtraHopSentinelActivity/extrahop.py	68
Solutions/ExtraHop/Data Connectors/ExtraHopDataConnector/ExtraHopSentinelActivity/sentinel.py	197
Solutions/ExtraHop/Data Connectors/ExtraHopDataConnector/SharedCode/__init__.py	1
Solutions/ExtraHop/Data Connectors/ExtraHopDataConnector/SharedCode/consts.py	10
Solutions/ExtraHop/Data Connectors/ExtraHopDataConnector/SharedCode/extrahop_exceptions.py	9
Solutions/ExtraHop/Data Connectors/ExtraHopDataConnector/SharedCode/logger.py	12
Solutions/FalconFriday/Analytic Rules/ASRBypassingWritingExecutableContent.yaml	26
Solutions/FalconFriday/Analytic Rules/AzureADRareUserAgentAppSignin.yaml	107
Solutions/FalconFriday/Analytic Rules/AzureADUserAgentOSmissmatch.yaml	70
Solutions/FalconFriday/Analytic Rules/COMHijacking.yaml	25
Solutions/FalconFriday/Analytic Rules/CertifiedPreOwned-TGTs-requested.yaml	50
Solutions/FalconFriday/Analytic Rules/CertifiedPreOwned-backup-key-1.yaml	54
Solutions/FalconFriday/Analytic Rules/CertifiedPreOwned-backup-key-2.yaml	46
Solutions/FalconFriday/Analytic Rules/CertutilIngressToolTransfer.yaml	62
Solutions/FalconFriday/Analytic Rules/CreateProcessWithToken.yaml	64
Solutions/FalconFriday/Analytic Rules/DCOMLateralMovement.yaml	37
Solutions/FalconFriday/Analytic Rules/DLLSideLoading.yaml	5
Solutions/FalconFriday/Analytic Rules/DisableOrModifyWindowsDefender.yaml	5
Solutions/FalconFriday/Analytic Rules/DotNetToJScript.yaml	42
Solutions/FalconFriday/Analytic Rules/ExcessiveSharePermissions.yaml	95
Solutions/FalconFriday/Analytic Rules/ExpiredAccessCredentials.yaml	32
Solutions/FalconFriday/Analytic Rules/MatchLegitimateNameOrLocation.yaml	62
Solutions/FalconFriday/Analytic Rules/OfficeASRFromBrowser.yaml	27
Solutions/FalconFriday/Analytic Rules/OfficeProcessInjection.yaml	24
Solutions/FalconFriday/Analytic Rules/OracleSuspiciousCommandExecution.yaml	47
Solutions/FalconFriday/Analytic Rules/PasswordSprayingWithMDE.yaml	47
Solutions/FalconFriday/Analytic Rules/RecognizingBeaconingTraffic.yaml	79
Solutions/FalconFriday/Analytic Rules/RemoteDesktopProtocol.yaml	49
Solutions/FalconFriday/Analytic Rules/SuspiciousNamedPipes.yaml	68
Solutions/FalconFriday/Analytic Rules/SuspiciousParentProcessRelationship.yaml	23
Solutions/FalconFriday/Analytic Rules/TrustedDeveloperUtilitiesProxyExecution.yaml	48
Solutions/FalconFriday/Analytic Rules/UACBypass-1-elevated-COM.yaml	42
Solutions/FalconFriday/Analytic Rules/UACBypass-2-modify-ms-store.yaml	41
Solutions/FalconFriday/Analytic Rules/UACBypass-3-changePK-SLUI-tampering.yaml	42
Solutions/Feedly/Data Connectors/FeedlySentinelConnector/__init__.py	7
Solutions/Feedly/Data Connectors/FeedlySentinelConnector/config.py	29
Solutions/Feedly/Data Connectors/FeedlySentinelConnector/feedly_downloader.py	19
Solutions/Feedly/Data Connectors/FeedlySentinelConnector/sentinel_api.py	42
Solutions/Feedly/Data Connectors/FeedlySentinelConnector/state_manager.py	35
Solutions/Feedly/Data Connectors/FeedlySentinelConnector/worker.py	74
Solutions/FireEye Network Security/Parsers/FireEyeNXEvent.yaml	70
Solutions/Flare/Analytic Rules/FlareCloudBucket.yaml	23
Solutions/Flare/Analytic Rules/FlareCredentialLeaks.yaml	23
Solutions/Flare/Analytic Rules/FlareDarkweb.yaml	23
Solutions/Flare/Analytic Rules/FlareDork.yaml	23
Solutions/Flare/Analytic Rules/FlareHost.yaml	23
Solutions/Flare/Analytic Rules/FlareInfectedDevice.yaml	23
Solutions/Flare/Analytic Rules/FlarePaste.yaml	23
Solutions/Flare/Analytic Rules/FlareSSLcert.yaml	23
Solutions/Flare/Analytic Rules/FlareSourceCode.yaml	23
Solutions/Forescout (Legacy)/Parsers/ForescoutEvent.yaml	23
Solutions/ForescoutHostPropertyMonitor/Analytic Rules/ForeScout-DNSSniffEventMonitor.yaml	35
Solutions/ForgeRock Common Audit for CEF/Parsers/ForgeRockParser.yaml	12
Solutions/Fortinet FortiNDR Cloud/Data Connectors/fortinetFortiNdrCloudDataConn/FetchAndSendDetections/__init__.py	86
Solutions/Fortinet FortiNDR Cloud/Data Connectors/fortinetFortiNdrCloudDataConn/FetchAndSendDetectionsHistory/__init__.py	101
Solutions/Fortinet FortiNDR Cloud/Data Connectors/fortinetFortiNdrCloudDataConn/FetchAndSendEvents/__init__.py	86
Solutions/Fortinet FortiNDR Cloud/Data Connectors/fortinetFortiNdrCloudDataConn/FetchAndSendEventsHistory/__init__.py	76
Solutions/Fortinet FortiNDR Cloud/Data Connectors/fortinetFortiNdrCloudDataConn/FncRestClient.py	27
Solutions/Fortinet FortiNDR Cloud/Data Connectors/fortinetFortiNdrCloudDataConn/OrchestratorWatchdog/__init__.py	150
Solutions/Fortinet FortiNDR Cloud/Data Connectors/fortinetFortiNdrCloudDataConn/SingletonEternalOrchestrator/__init__.py	145
Solutions/Fortinet FortiNDR Cloud/Data Connectors/fortinetFortiNdrCloudDataConn/errors.py	10
Solutions/Fortinet FortiNDR Cloud/Data Connectors/fortinetFortiNdrCloudDataConn/globalVariables.py	4
Solutions/Fortinet FortiNDR Cloud/Data Connectors/fortinetFortiNdrCloudDataConn/sentinel/__init__.py	1
Solutions/Fortinet FortiNDR Cloud/Data Connectors/fortinetFortiNdrCloudDataConn/sentinel/sentinel.py	52
Solutions/Fortinet FortiNDR Cloud/Parsers/Fortinet_FortiNDR_Cloud.yaml	357
Solutions/Fortinet FortiWeb Cloud WAF-as-a-Service connector for Microsoft Sentinel/Analytic Rules/Fortiweb - WAF Allowed threat.yaml	31
Solutions/Fortinet FortiWeb Cloud WAF-as-a-Service connector for Microsoft Sentinel/Hunting Queries/Unexpected Countries.yaml	27
Solutions/Fortinet FortiWeb Cloud WAF-as-a-Service connector for Microsoft Sentinel/Hunting Queries/owaspTop10-Threatsyaml.yaml	27
Solutions/Fortinet FortiWeb Cloud WAF-as-a-Service connector for Microsoft Sentinel/Parsers/Fortiweb.yaml	55
Solutions/GitHub/Analytic Rules/(Preview) GitHub - A payment method was removed.yaml	30
Solutions/GitHub/Analytic Rules/(Preview) GitHub - Activities from Infrequent Country.yaml	45
Solutions/GitHub/Analytic Rules/(Preview) GitHub - Oauth application - a client secret was removed.yaml	30
Solutions/GitHub/Analytic Rules/(Preview) GitHub - Repository was created.yaml	30
Solutions/GitHub/Analytic Rules/(Preview) GitHub - Repository was destroyed.yaml	30
Solutions/GitHub/Analytic Rules/(Preview) GitHub - Two Factor Authentication Disabled in GitHub.yaml	32
Solutions/GitHub/Analytic Rules/(Preview) GitHub - User visibility Was changed.yaml	32
Solutions/GitHub/Analytic Rules/(Preview) GitHub - User was added to the organization.yaml	32
Solutions/GitHub/Analytic Rules/(Preview) GitHub - User was blocked.yaml	32
Solutions/GitHub/Analytic Rules/(Preview) GitHub - User was invited to the repository.yaml	32
Solutions/GitHub/Analytic Rules/(Preview) GitHub - pull request was created.yaml	31
Solutions/GitHub/Analytic Rules/(Preview) GitHub - pull request was merged.yaml	31
Solutions/GitHub/Analytic Rules/NRT Two Factor Authentication Disabled.yaml	31
Solutions/GitHub/Analytic Rules/Security Vulnerability in Repo.yaml	35
Solutions/GitHub/Data Connectors/GithubWebhook/GithubWebhookConnector/__init__.py	99
Solutions/GitHub/Hunting Queries/First Time User Invite and Add Member to Org.yaml	24
Solutions/GitHub/Hunting Queries/Inactive or New Account Usage.yaml	43
Solutions/GitHub/Hunting Queries/Mass Deletion of Repositories .yaml	33
Solutions/GitHub/Hunting Queries/Oauth App Restrictions Disabled.yaml	15
Solutions/GitHub/Hunting Queries/Org Repositories Default Permissions Change.yaml	15
Solutions/GitHub/Hunting Queries/Repository Permission Switched to Public.yaml	14
Solutions/GitHub/Hunting Queries/User First Time Repository Delete Activity.yaml	24
Solutions/GitHub/Hunting Queries/User Grant Access and Grants Other Access.yaml	25
Solutions/GitHub/Parsers/GitHubAuditData.yaml	24
Solutions/GitHub/Parsers/GitHubCodeScanningData.yaml	42
Solutions/GitHub/Parsers/GitHubDependabotData.yaml	39
Solutions/GitHub/Parsers/GitHubSecretScanningData.yaml	43
Solutions/GitLab/Analytic Rules/GitLab_BruteForce.yaml	48
Solutions/GitLab/Analytic Rules/GitLab_ExternalUser.yaml	49
Solutions/GitLab/Analytic Rules/GitLab_Impersonation.yaml	48
Solutions/GitLab/Analytic Rules/GitLab_LocalAuthNoMFA.yaml	33
Solutions/GitLab/Analytic Rules/GitLab_MaliciousIP.yaml	49
Solutions/GitLab/Analytic Rules/GitLab_PAT_Repo.yaml	36
Solutions/GitLab/Analytic Rules/GitLab_RepoVisibilityChange.yaml	39
Solutions/GitLab/Analytic Rules/GitLab_Repo_Deletion.yaml	52
Solutions/GitLab/Analytic Rules/GitLab_SignInBurst.yaml	34
Solutions/GitLab/Parsers/GitLabAccess.yaml	15
Solutions/GitLab/Parsers/GitLabApp.yaml	24
Solutions/GitLab/Parsers/GitLabAudit.yaml	35
Solutions/Global Secure Access/Analytic Rules/Identity - AfterHoursActivity.yaml	41
Solutions/Global Secure Access/Analytic Rules/Office 365 - External User added to Team and immediately uploads file.yaml	125
Solutions/Global Secure Access/Analytic Rules/Office 365 - ExternalUserAddedRemovedInTeams.yaml	94
Solutions/Global Secure Access/Analytic Rules/Office 365 - Mail_redirect_via_ExO_transport_rule.yaml	119
Solutions/Global Secure Access/Analytic Rules/Office 365 - Malicious_Inbox_Rule.yaml	76
Solutions/Global Secure Access/Analytic Rules/Office 365 - MultipleTeamsDeletes.yaml	58
Solutions/Global Secure Access/Analytic Rules/Office 365 - Office_MailForwarding.yaml	71
Solutions/Global Secure Access/Analytic Rules/Office 365 - Office_Uploaded_Executables.yaml	85
Solutions/Global Secure Access/Analytic Rules/Office 365 - RareOfficeOperations.yaml	62
Solutions/Global Secure Access/Analytic Rules/Office 365 - SharePoint_Downloads_byNewIP.yaml	91
Solutions/Global Secure Access/Analytic Rules/Office 365 - SharePoint_Downloads_byNewUserAgent.yaml	116
Solutions/Global Secure Access/Analytic Rules/Office 365 - exchange_auditlogdisabled.yaml	73
Solutions/Global Secure Access/Analytic Rules/Office 365 - office_policytampering.yaml	100
Solutions/Global Secure Access/Analytic Rules/Office 365 - sharepoint_file_transfer_above_threshold.yaml	87
Solutions/Global Secure Access/Analytic Rules/Office 365 - sharepoint_file_transfer_folders_above_threshold.yaml	91
Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Deny Rate.yaml	58
Solutions/Global Secure Access/Analytic Rules/SWG - Abnormal Port to Protocol.yaml	54
Solutions/Global Secure Access/Analytic Rules/SWG - Source IP Port Scan.yaml	41
Solutions/Global Secure Access/Hunting Queries/AnomolousUserAccessingOtherUsersMailbox.yaml	110
Solutions/Global Secure Access/Hunting Queries/ExternalUserAddedRemovedInTeams_HuntVersion.yaml	42
Solutions/Global Secure Access/Hunting Queries/ExternalUserFromNewOrgAddedToTeams.yaml	15
Solutions/Global Secure Access/Hunting Queries/Mail_redirect_via_ExO_transport_rule_hunting.yaml	73
Solutions/Global Secure Access/Hunting Queries/MultiTeamBot.yaml	58
Solutions/Global Secure Access/Hunting Queries/MultiTeamOwner.yaml	74
Solutions/Global Secure Access/Hunting Queries/MultipleTeamsDeletes.yaml	65
Solutions/Global Secure Access/Hunting Queries/MultipleUsersEmailForwardedToSameDestination.yaml	65
Solutions/Global Secure Access/Hunting Queries/NewBotAddedToTeams.yaml	61
Solutions/Global Secure Access/Hunting Queries/New_WindowsReservedFileNamesOnOfficeFileServices.yaml	74
Solutions/Global Secure Access/Hunting Queries/OfficeMailForwarding_hunting.yaml	64
Solutions/Global Secure Access/Hunting Queries/TeamsFilesUploaded.yaml	72
Solutions/Global Secure Access/Hunting Queries/UserAddToTeamsAndUploadsFile.yaml	62
Solutions/Global Secure Access/Hunting Queries/WindowsReservedFileNamesOnOfficeFileServices.yaml	74
Solutions/Global Secure Access/Hunting Queries/double_file_ext_exes.yaml	52
Solutions/Global Secure Access/Hunting Queries/new_adminaccountactivity.yaml	53
Solutions/Global Secure Access/Hunting Queries/new_sharepoint_downloads_by_IP.yaml	67
Solutions/Global Secure Access/Hunting Queries/new_sharepoint_downloads_by_UserAgent.yaml	75
Solutions/Global Secure Access/Hunting Queries/nonowner_MailboxLogin.yaml	67
Solutions/Global Secure Access/Hunting Queries/powershell_or_nonbrowser_MailboxLogin.yaml	50
Solutions/Global Secure Access/Hunting Queries/sharepoint_downloads.yaml	62
Solutions/Google Apigee/Data Connectors/AzureFunctionApigeeX/main.py	99
Solutions/Google Apigee/Data Connectors/AzureFunctionApigeeX/sentinel_connector.py	100
Solutions/Google Apigee/Data Connectors/AzureFunctionApigeeX/state_manager.py	18
Solutions/Google Apigee/Parsers/ApigeeX.yaml	17
Solutions/Google Apigee/Parsers/ApigeeXV2.yaml	43
Solutions/Google Apigee/Parsers/Unified_ApigeeX.yaml	82
Solutions/Google Cloud Platform Cloud Monitoring/Data Connectors/AzureFunctionGCPMonitor/main.py	125
Solutions/Google Cloud Platform Cloud Monitoring/Data Connectors/AzureFunctionGCPMonitor/sentinel_connector_async.py	80
Solutions/Google Cloud Platform Cloud Monitoring/Data Connectors/AzureFunctionGCPMonitor/state_manager.py	18
Solutions/Google Cloud Platform Cloud Monitoring/Parsers/GCP_MONITOR.yaml	23
Solutions/GoogleCloudPlatformDNS/Analytic Rules/GCPDNSCVE-2021-40444.yaml	32
Solutions/GoogleCloudPlatformDNS/Analytic Rules/GCPDNSDataExfiltration.yaml	32
Solutions/GoogleCloudPlatformDNS/Analytic Rules/GCPDNSExchangeAutodiscoverAbuse.yaml	34
Solutions/GoogleCloudPlatformDNS/Analytic Rules/GCPDNSIpCheck.yaml	33
Solutions/GoogleCloudPlatformDNS/Analytic Rules/GCPDNSIpDynDns.yaml	33
Solutions/GoogleCloudPlatformDNS/Analytic Rules/GCPDNSMaliciousPythonPackages.yaml	32
Solutions/GoogleCloudPlatformDNS/Analytic Rules/GCPDNSMultipleErrorsFromIp.yaml	32
Solutions/GoogleCloudPlatformDNS/Analytic Rules/GCPDNSMultipleErrorsQuery.yaml	36
Solutions/GoogleCloudPlatformDNS/Analytic Rules/GCPDNSPrintNightmare.yaml	32
Solutions/GoogleCloudPlatformDNS/Analytic Rules/GCPDNSSIGREDPattern.yaml	32
Solutions/GoogleCloudPlatformDNS/Analytic Rules/GCPDNSUNC2452AptActivity.yaml	32
Solutions/GoogleCloudPlatformDNS/Data Connectors/AzureFunctionGCPDNS/main.py	99
Solutions/GoogleCloudPlatformDNS/Data Connectors/AzureFunctionGCPDNS/sentinel_connector.py	90
Solutions/GoogleCloudPlatformDNS/Data Connectors/AzureFunctionGCPDNS/state_manager.py	18
Solutions/GoogleCloudPlatformDNS/Hunting Queries/GCPDNSErrors.yaml	27
Solutions/GoogleCloudPlatformDNS/Hunting Queries/GCPDNSIpLookup.yaml	28
Solutions/GoogleCloudPlatformDNS/Hunting Queries/GCPDNSOnlineShares.yaml	27
Solutions/GoogleCloudPlatformDNS/Hunting Queries/GCPDNSRareDomains.yaml	25
Solutions/GoogleCloudPlatformDNS/Hunting Queries/GCPDNSRareErrors.yaml	26
Solutions/GoogleCloudPlatformDNS/Hunting Queries/GCPDNSRequestToTOR.yaml	27
Solutions/GoogleCloudPlatformDNS/Hunting Queries/GCPDNSServerLatency.yaml	27
Solutions/GoogleCloudPlatformDNS/Hunting Queries/GCPDNSSourceHighErrors.yaml	24
Solutions/GoogleCloudPlatformDNS/Hunting Queries/GCPDNSUnexpectedTLD.yaml	24
Solutions/GoogleCloudPlatformDNS/Hunting Queries/GCPDNSUnusualTLD.yaml	33
Solutions/GoogleCloudPlatformDNS/Parsers/GCPCloudDNS.yaml	131
Solutions/GoogleCloudPlatformIAM/Analytic Rules/GCPIAMDisableDataAccessLogging.yaml	39
Solutions/GoogleCloudPlatformIAM/Analytic Rules/GCPIAMEmptyUA.yaml	37
Solutions/GoogleCloudPlatformIAM/Analytic Rules/GCPIAMHighPrivilegedRoleAdded.yaml	43
Solutions/GoogleCloudPlatformIAM/Analytic Rules/GCPIAMNewAuthenticationToken.yaml	41
Solutions/GoogleCloudPlatformIAM/Analytic Rules/GCPIAMNewServiceAccount.yaml	40
Solutions/GoogleCloudPlatformIAM/Analytic Rules/GCPIAMNewServiceAccountKey.yaml	41
Solutions/GoogleCloudPlatformIAM/Analytic Rules/GCPIAMPrivilegesEnumeration.yaml	32
Solutions/GoogleCloudPlatformIAM/Analytic Rules/GCPIAMPublicBucket.yaml	42
Solutions/GoogleCloudPlatformIAM/Analytic Rules/GCPIAMServiceAccountEnumeration.yaml	32
Solutions/GoogleCloudPlatformIAM/Analytic Rules/GCPIAMServiceAccountKeysEnumeration.yaml	32
Solutions/GoogleCloudPlatformIAM/Data Connectors/AzureFunctionGCPIAM/main.py	97
Solutions/GoogleCloudPlatformIAM/Data Connectors/AzureFunctionGCPIAM/sentinel_connector.py	90
Solutions/GoogleCloudPlatformIAM/Data Connectors/AzureFunctionGCPIAM/state_manager.py	18
Solutions/GoogleCloudPlatformIAM/Hunting Queries/GCPIAMChangedRoles.yaml	19
Solutions/GoogleCloudPlatformIAM/Hunting Queries/GCPIAMDeletedServiceAccounts.yaml	30
Solutions/GoogleCloudPlatformIAM/Hunting Queries/GCPIAMDisabledServiceAccounts.yaml	30
Solutions/GoogleCloudPlatformIAM/Hunting Queries/GCPIAMNewCustomRoles.yaml	30
Solutions/GoogleCloudPlatformIAM/Hunting Queries/GCPIAMNewServiceAccounts.yaml	30
Solutions/GoogleCloudPlatformIAM/Hunting Queries/GCPIAMNewServiceAccountsKeys.yaml	30
Solutions/GoogleCloudPlatformIAM/Hunting Queries/GCPIAMRareActionUser.yaml	35
Solutions/GoogleCloudPlatformIAM/Hunting Queries/GCPIAMRareUA.yaml	33
Solutions/GoogleCloudPlatformIAM/Hunting Queries/GCPIAMTopServiceAccountsFailedActions.yaml	27
Solutions/GoogleCloudPlatformIAM/Hunting Queries/GCPIAMTopSrcIpAddrFailedActions.yaml	28
Solutions/GoogleWorkspaceReports/Analytic Rules/GWorkspaceAdminPermissionsGranted.yaml	29
Solutions/GoogleWorkspaceReports/Analytic Rules/GWorkspaceAlertEvents.yaml	30
Solutions/GoogleWorkspaceReports/Analytic Rules/GWorkspaceApiAccessToNewClient.yaml	30
Solutions/GoogleWorkspaceReports/Analytic Rules/GWorkspaceChangedUserAccess.yaml	29
Solutions/GoogleWorkspaceReports/Analytic Rules/GWorkspaceDifferentUAsFromSingleIP.yaml	34
Solutions/GoogleWorkspaceReports/Analytic Rules/GWorkspaceOutboundRelayAddedToSuiteDomain.yaml	29
Solutions/GoogleWorkspaceReports/Analytic Rules/GWorkspacePossibleBruteForce.yaml	32
Solutions/GoogleWorkspaceReports/Analytic Rules/GWorkspacePossibleMaldocFileNamesInGDRIVE.yaml	34
Solutions/GoogleWorkspaceReports/Analytic Rules/GWorkspaceTwoStepAuthenticationDisabledForUser.yaml	29
Solutions/GoogleWorkspaceReports/Analytic Rules/GWorkspaceUnexpectedOSUpdate.yaml	44
Solutions/GoogleWorkspaceReports/Data Connectors/GWorkspaceReportsAPISentinelConn/GWorkspaceReports-QueueTrigger/__init__.py	273
Solutions/GoogleWorkspaceReports/Data Connectors/GWorkspaceReportsAPISentinelConn/GWorkspaceReports-QueueTrigger/state_manager.py	99
Solutions/GoogleWorkspaceReports/Data Connectors/GWorkspaceReportsAPISentinelConn/GWorkspaceReports-TimeTrigger/__init__.py	207
Solutions/GoogleWorkspaceReports/Data Connectors/GWorkspaceReportsAPISentinelConn/GWorkspaceReports-TimeTrigger/state_manager.py	68
Solutions/GoogleWorkspaceReports/Data Connectors/get_google_pickle_string.py	12
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceDocumentCopiedToPrivateDrive.yaml	37
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceDocumentSharedExternally.yaml	26
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceDocumentSharedPublicily.yaml	25
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceDocumentSharedPublicilyWithLink.yaml	26
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceLicenseRevokeAndAssignmentToUser.yaml	50
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceMultiIPAddresses.yaml	25
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspacePossibleSCAMSPAMorPhishingCalendar.yaml	31
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceRareDocType.yaml	25
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceSharedPrivateDocument.yaml	25
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceSuspendedUsers.yaml	23
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceUncommonUAsString.yaml	31
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceUnknownLoginType.yaml	27
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceUserReportedCalendarInviteAsSpam.yaml	23
Solutions/GoogleWorkspaceReports/Hunting Queries/GWorkspaceUserWithSeveralDevices.yaml	25
Solutions/GoogleWorkspaceReports/Parsers/GWorkspaceActivityReports.yaml	204
Solutions/GreyNoiseThreatIntelligence/Analytic Rules/GreyNoise_IPEntity_CustomSecurityLog.yaml	66
Solutions/GreyNoiseThreatIntelligence/Analytic Rules/GreyNoise_IPEntity_DnsEvents.yaml	79
Solutions/GreyNoiseThreatIntelligence/Analytic Rules/GreyNoise_IPEntity_OfficeActivity.yaml	80
Solutions/GreyNoiseThreatIntelligence/Analytic Rules/GreyNoise_IPEntity_SigninLogs.yaml	65
Solutions/GreyNoiseThreatIntelligence/Analytic Rules/GreyNoise_IPEntity_imNetworkSession.yaml	130
Solutions/GreyNoiseThreatIntelligence/Data Connectors/GreyNoiseAPISentinelConnector/main.py	300
Solutions/GreyNoiseThreatIntelligence/Data Connectors/GreyNoiseAPISentinelConnector/stixGen.py	38
Solutions/HYAS Protect/Data Connectors/HyasProtect/__init__.py	184
Solutions/HYAS Protect/Data Connectors/HyasProtect/state_manager.py	30
Solutions/HYAS Protect/Data Connectors/HyasProtect/utils.py	70
Solutions/HYAS Protect/Parsers/HYASProtectDNS.yaml	26
Solutions/HolmSecurity/Data Connectors/AzureFunctionHolmSecurityAssetsConn/__init__.py	103
Solutions/IONIX/Analytic Rules/HighUrgencyActionItems.yaml	42
Solutions/IPinfo/Data Connectors/ASN/AzureFunctionIPinfoASN/constants.py	71
Solutions/IPinfo/Data Connectors/ASN/AzureFunctionIPinfoASN/main.py	78
Solutions/IPinfo/Data Connectors/ASN/AzureFunctionIPinfoASN/utils.py	153
Solutions/IPinfo/Data Connectors/Abuse/AzureFunctionIPinfoAbuse/constants.py	73
Solutions/IPinfo/Data Connectors/Abuse/AzureFunctionIPinfoAbuse/main.py	79
Solutions/IPinfo/Data Connectors/Abuse/AzureFunctionIPinfoAbuse/utils.py	153
Solutions/IPinfo/Data Connectors/Carrier/AzureFunctionIPinfoCarrier/constants.py	71
Solutions/IPinfo/Data Connectors/Carrier/AzureFunctionIPinfoCarrier/main.py	78
Solutions/IPinfo/Data Connectors/Carrier/AzureFunctionIPinfoCarrier/utils.py	153
Solutions/IPinfo/Data Connectors/Company/AzureFunctionIPinfoCompany/constants.py	77
Solutions/IPinfo/Data Connectors/Company/AzureFunctionIPinfoCompany/main.py	81
Solutions/IPinfo/Data Connectors/Company/AzureFunctionIPinfoCompany/utils.py	153
Solutions/IPinfo/Data Connectors/Country ASN/AzureFunctionIPinfoCountryASN/constants.py	75
Solutions/IPinfo/Data Connectors/Country ASN/AzureFunctionIPinfoCountryASN/main.py	80
Solutions/IPinfo/Data Connectors/Country ASN/AzureFunctionIPinfoCountryASN/utils.py	153
Solutions/IPinfo/Data Connectors/Domain/AzureFunctionIPinfoDomain/constants.py	65
Solutions/IPinfo/Data Connectors/Domain/AzureFunctionIPinfoDomain/main.py	75
Solutions/IPinfo/Data Connectors/Domain/AzureFunctionIPinfoDomain/utils.py	153
Solutions/IPinfo/Data Connectors/Iplocation Extended/AzureFunctionIPinfoIplocationExtended/constants.py	83
Solutions/IPinfo/Data Connectors/Iplocation Extended/AzureFunctionIPinfoIplocationExtended/main.py	84
Solutions/IPinfo/Data Connectors/Iplocation Extended/AzureFunctionIPinfoIplocationExtended/utils.py	153
Solutions/IPinfo/Data Connectors/Iplocation/AzureFunctionIPinfoIplocation/constants.py	79
Solutions/IPinfo/Data Connectors/Iplocation/AzureFunctionIPinfoIplocation/main.py	81
Solutions/IPinfo/Data Connectors/Iplocation/AzureFunctionIPinfoIplocation/utils.py	153
Solutions/IPinfo/Data Connectors/Privacy Extended/AzureFunctionIPinfoPrivacyExtended/constants.py	87
Solutions/IPinfo/Data Connectors/Privacy Extended/AzureFunctionIPinfoPrivacyExtended/main.py	86
Solutions/IPinfo/Data Connectors/Privacy Extended/AzureFunctionIPinfoPrivacyExtended/utils.py	153
Solutions/IPinfo/Data Connectors/Privacy/AzureFunctionIPinfoPrivacy/constants.py	73
Solutions/IPinfo/Data Connectors/Privacy/AzureFunctionIPinfoPrivacy/main.py	79
Solutions/IPinfo/Data Connectors/Privacy/AzureFunctionIPinfoPrivacy/utils.py	153
Solutions/IPinfo/Data Connectors/RIRWHOIS/AzureFunctionIPinfoRIRWHOIS/constants.py	99
Solutions/IPinfo/Data Connectors/RIRWHOIS/AzureFunctionIPinfoRIRWHOIS/main.py	92
Solutions/IPinfo/Data Connectors/RIRWHOIS/AzureFunctionIPinfoRIRWHOIS/utils.py	153
Solutions/IPinfo/Data Connectors/RWHOIS/AzureFunctionIPinfoRWHOIS/constants.py	87
Solutions/IPinfo/Data Connectors/RWHOIS/AzureFunctionIPinfoRWHOIS/main.py	87
Solutions/IPinfo/Data Connectors/RWHOIS/AzureFunctionIPinfoRWHOIS/utils.py	153
Solutions/IPinfo/Data Connectors/WHOIS ASN/AzureFunctionIPinfoWHOISASN/constants.py	73
Solutions/IPinfo/Data Connectors/WHOIS ASN/AzureFunctionIPinfoWHOISASN/main.py	82
Solutions/IPinfo/Data Connectors/WHOIS ASN/AzureFunctionIPinfoWHOISASN/utils.py	153
Solutions/IPinfo/Data Connectors/WHOIS MNT/AzureFunctionIPinfoWHOISMNT/constants.py	75
Solutions/IPinfo/Data Connectors/WHOIS MNT/AzureFunctionIPinfoWHOISMNT/main.py	83
Solutions/IPinfo/Data Connectors/WHOIS MNT/AzureFunctionIPinfoWHOISMNT/utils.py	153
Solutions/IPinfo/Data Connectors/WHOIS NET/AzureFunctionIPinfoWHOISNET/constants.py	87
Solutions/IPinfo/Data Connectors/WHOIS NET/AzureFunctionIPinfoWHOISNET/main.py	89
Solutions/IPinfo/Data Connectors/WHOIS NET/AzureFunctionIPinfoWHOISNET/utils.py	153
Solutions/IPinfo/Data Connectors/WHOIS ORG/AzureFunctionIPinfoWHOISORG/constants.py	93
Solutions/IPinfo/Data Connectors/WHOIS ORG/AzureFunctionIPinfoWHOISORG/main.py	92
Solutions/IPinfo/Data Connectors/WHOIS ORG/AzureFunctionIPinfoWHOISORG/utils.py	153
Solutions/IPinfo/Data Connectors/WHOIS POC/AzureFunctionIPinfoWHOISPOC/constants.py	83
Solutions/IPinfo/Data Connectors/WHOIS POC/AzureFunctionIPinfoWHOISPOC/main.py	87
Solutions/IPinfo/Data Connectors/WHOIS POC/AzureFunctionIPinfoWHOISPOC/utils.py	153
Solutions/ISC Bind/Parsers/ISCBind.yaml	61
Solutions/Illumio Core/Parsers/IllumioCoreEvent.yaml	194
Solutions/IllumioSaaS/Analytic Rules/Illumio_VEN_Clone_Detection_Query.yaml	41
Solutions/IllumioSaaS/Analytic Rules/Illumio_VEN_Deactivated_Query.yaml	50
Solutions/IllumioSaaS/Analytic Rules/Illumio_VEN_Enforcement_Change_Detection_Query.yaml	58
Solutions/IllumioSaaS/Analytic Rules/Illumio_VEN_Firewall_Tampering_Detection_Query.yaml	47
Solutions/IllumioSaaS/Analytic Rules/Illumio_VEN_Offline_Detection_Query.yaml	44
Solutions/IllumioSaaS/Analytic Rules/Illumio_VEN_Suspend_Query.yaml	46
Solutions/IllumioSaaS/Data Connectors/CommonCode/__init__.py	1
Solutions/IllumioSaaS/Data Connectors/CommonCode/azure_storage_queue.py	32
Solutions/IllumioSaaS/Data Connectors/CommonCode/constants.py	45
Solutions/IllumioSaaS/Data Connectors/CommonCode/helper.py	21
Solutions/IllumioSaaS/Data Connectors/CommonCode/sentinel_connector.py	48
Solutions/IllumioSaaS/Data Connectors/OnPremHealthFunctionApp/onprem_health_api.py	33
Solutions/IllumioSaaS/Data Connectors/QueueManagerFunctionApp/queue_manager.py	52
Solutions/IllumioSaaS/Data Connectors/QueueTriggerFuncApp/azure_queue_trigger.py	161
Solutions/IllumioSaaS/Data Connectors/TimedApiFunctionApp/api_response.py	179
Solutions/IllumioSaaS/Data Connectors/TimedSQSFunctionApp/aws_queue.py	250
Solutions/IllumioSaaS/Parsers/IllumioSyslogAuditEvents.yaml	27
Solutions/IllumioSaaS/Parsers/IllumioSyslogNetworkTrafficEvents.yaml	42
Solutions/Illusive Platform/Analytic Rules/Illusive_Detection_Query.yaml	67
Solutions/ImpervaCloudWAF/Analytic Rules/ImpervaAbnormalProtocolUsage.yaml	31
Solutions/ImpervaCloudWAF/Analytic Rules/ImpervaAdminPanelUncommonIp.yaml	31
Solutions/ImpervaCloudWAF/Analytic Rules/ImpervaAttackNotBlocked.yaml	31
Solutions/ImpervaCloudWAF/Analytic Rules/ImpervaCommandInUri.yaml	31
Solutions/ImpervaCloudWAF/Analytic Rules/ImpervaForbiddenCountry.yaml	32
Solutions/ImpervaCloudWAF/Analytic Rules/ImpervaForbiddenMethod.yaml	35
Solutions/ImpervaCloudWAF/Analytic Rules/ImpervaMaliciousClient.yaml	35
Solutions/ImpervaCloudWAF/Analytic Rules/ImpervaMaliciousUA.yaml	31
Solutions/ImpervaCloudWAF/Analytic Rules/ImpervaMultipleUAsSource.yaml	4
Solutions/ImpervaCloudWAF/Analytic Rules/ImpervaSuspiciousDstPort.yaml	32
Solutions/ImpervaCloudWAF/Data Connectors/ImpervaWAFCloudSentinelConnector/__init__.py	221
Solutions/ImpervaCloudWAF/Data Connectors/ImpervaWAFCloudSentinelConnector/state_manager.py	18
Solutions/ImpervaCloudWAF/Hunting Queries/ImpervaDestinationBlocked.yaml	27
Solutions/ImpervaCloudWAF/Hunting Queries/ImpervaInsecureWebProtocolVersion.yaml	24
Solutions/ImpervaCloudWAF/Hunting Queries/ImpervaNonWebApplication.yaml	24
Solutions/ImpervaCloudWAF/Hunting Queries/ImpervaRareApplications.yaml	25
Solutions/ImpervaCloudWAF/Hunting Queries/ImpervaRareClientApplications.yaml	25
Solutions/ImpervaCloudWAF/Hunting Queries/ImpervaRareDstPorts.yaml	24
Solutions/ImpervaCloudWAF/Hunting Queries/ImpervaRequestsFromBots.yaml	24
Solutions/ImpervaCloudWAF/Hunting Queries/ImpervaSourceBlocked.yaml	27
Solutions/ImpervaCloudWAF/Hunting Queries/ImpervaTopApplicationsErrors.yaml	29
Solutions/ImpervaCloudWAF/Hunting Queries/ImpervaTopSourcesErrors.yaml	25
Solutions/ImpervaCloudWAF/Parsers/ImpervaWAFCloud.yaml	48
Solutions/Infoblox Cloud Data Connector/Analytic Rules/Infoblox-DataExfiltrationAttack.yaml	66
Solutions/Infoblox Cloud Data Connector/Analytic Rules/Infoblox-HighThreatLevelQueryNotBlockedDetected.yaml	67
Solutions/Infoblox Cloud Data Connector/Analytic Rules/Infoblox-ManyHighThreatLevelQueriesFromSingleHostDetected.yaml	51
Solutions/Infoblox Cloud Data Connector/Analytic Rules/Infoblox-ManyHighThreatLevelSingleQueryDetected.yaml	51
Solutions/Infoblox Cloud Data Connector/Analytic Rules/Infoblox-ManyNXDOMAINDNSResponsesDetected.yaml	51
Solutions/Infoblox Cloud Data Connector/Analytic Rules/Infoblox-TI-CommonSecurityLogMatchFound-MalwareC2.yaml	67
Solutions/Infoblox Cloud Data Connector/Analytic Rules/Infoblox-TI-InfobloxCDCMatchFound-LookalikeDomains.yaml	79
Solutions/Infoblox Cloud Data Connector/Analytic Rules/Infoblox-TI-SyslogMatchFound-URL.yaml	69
Solutions/Infoblox Cloud Data Connector/Parsers/InfobloxCDC.yaml	64
Solutions/Infoblox NIOS/Analytic Rules/ExcessiveNXDOMAINDNSQueries.yaml	37
Solutions/Infoblox NIOS/Analytic Rules/PotentialDHCPStarvationAttack.yaml	34
Solutions/Infoblox NIOS/Parsers/Infoblox.yaml	11
Solutions/Infoblox NIOS/Parsers/Infoblox_allotherdhcpdTypes.yaml	17
Solutions/Infoblox NIOS/Parsers/Infoblox_allotherdnsTypes.yaml	17
Solutions/Infoblox NIOS/Parsers/Infoblox_allotherlogTypes.yaml	16
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcp_consolidated.yaml	11
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcpack.yaml	24
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcpadded.yaml	23
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcpbindupdate.yaml	25
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcpdiscover.yaml	24
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcpexpire.yaml	23
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcpinform.yaml	24
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcpoffer.yaml	29
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcpoption.yaml	29
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcpother.yaml	17
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcprelease.yaml	27
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcpremoved.yaml	23
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcprequest.yaml	28
Solutions/Infoblox NIOS/Parsers/Infoblox_dhcpsession.yaml	29
Solutions/Infoblox NIOS/Parsers/Infoblox_dns_consolidated.yaml	11
Solutions/Infoblox NIOS/Parsers/Infoblox_dnsclient.yaml	67
Solutions/Infoblox NIOS/Parsers/Infoblox_dnsgss.yaml	22
Solutions/Infoblox NIOS/Parsers/Infoblox_dnszone.yaml	31
Solutions/Infoblox SOC Insights/Analytic Rules/Infoblox-SOCInsightDetected-APISource.yaml	55
Solutions/Infoblox SOC Insights/Analytic Rules/Infoblox-SOCInsightDetected-CDCSource.yaml	56
Solutions/Infoblox SOC Insights/Parsers/InfobloxCDC_SOCInsights.yaml	43
Solutions/Infoblox SOC Insights/Parsers/InfobloxInsight.yaml	41
Solutions/Infoblox SOC Insights/Parsers/InfobloxInsightAssets.yaml	39
Solutions/Infoblox SOC Insights/Parsers/InfobloxInsightComments.yaml	19
Solutions/Infoblox SOC Insights/Parsers/InfobloxInsightEvents.yaml	40
Solutions/Infoblox SOC Insights/Parsers/InfobloxInsightIndicators.yaml	39
Solutions/Infoblox/Analytic Rules/Infoblox-SOCInsight-Detected-APISource.yaml	55
Solutions/Infoblox/Analytic Rules/Infoblox-SOCInsight-Detected-CDCSource.yaml	53
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/AzureStorageToIndicators/__init__.py	18
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/AzureStorageToIndicators/create_indicator.py	167
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/AzureStorageToIndicators/indicator_mapping.py	149
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxCurrentToAzureStorage/__init__.py	35
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxCurrentToAzureStorage/infoblox_to_azure_storage.py	519
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxDossierHttpStarter/__init__.py	65
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxDossierJobResult/__init__.py	19
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxDossierJobResult/get_dossier_result.py	170
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxDossierOrchestrator/__init__.py	88
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxDossierOrchestrator/create_dossier_job.py	105
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxDossierRequiredSource/__init__.py	38
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxDossierRequiredSource/list_of_sources.py	143
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxHistoricalToAzureStorage/__init__.py	35
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxHistoricalToAzureStorage/infoblox_to_azure_storage.py	538
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxParseRawIndicators/__init__.py	22
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/InfobloxParseRawIndicators/parse_json_files.py	372
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/RetryFailedIndicators/__init__.py	13
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/RetryFailedIndicators/retry_failed_indicators.py	89
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/SharedCode/__init__.py	1
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/SharedCode/consts.py	110
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/SharedCode/infoblox_exception.py	6
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/SharedCode/logger.py	18
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/SharedCode/sentinel.py	85
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/SharedCode/state_manager.py	28
Solutions/Infoblox/Data Connectors/InfobloxCloudDataConnector/SharedCode/utils.py	948
Solutions/Infoblox/Parsers/InfobloxCDC_SOCInsights.yaml	43
Solutions/Infoblox/Parsers/InfobloxInsight.yaml	41
Solutions/Infoblox/Parsers/InfobloxInsightAssets.yaml	39
Solutions/Infoblox/Parsers/InfobloxInsightComments.yaml	19
Solutions/Infoblox/Parsers/InfobloxInsightEvents.yaml	40
Solutions/Infoblox/Parsers/InfobloxInsightIndicators.yaml	39
Solutions/Integration for Atlassian Beacon/Analytic Rules/AtlassianBeacon_High.yaml	29
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTDenialofService.yaml	76
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTExcessiveLoginAttempts.yaml	76
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTFirmwareUpdates.yaml	76
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTHighBandwidth.yaml	76
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTINoSensorTrafficDetected.yaml	76
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTInsecurePLC.yaml	76
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTInternetAccess.yaml	76
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTMalware.yaml	77
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTNetworkScanning.yaml	76
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTPLCStopCommand.yaml	77
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTUnauthorizedDevice.yaml	76
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTUnauthorizedNetworkConfiguration.yaml	76
Solutions/IoTOTThreatMonitoringwithDefenderforIoT/Analytic Rules/IoTUnauthorizedRemoteAccess.yaml	76
Solutions/IronNet IronDefense/Analytic Rules/IronDefense_Detection_Query.yaml	63
Solutions/Ivanti Unified Endpoint Management/Parsers/IvantiUEMEvent.yaml	22
Solutions/JBoss/Parsers/JBossEvent.yaml	20
Solutions/Jamf Protect/Analytic Rules/JamfProtectAlerts.yaml	81
Solutions/Jamf Protect/Analytic Rules/JamfProtectNetworkThreats.yaml	4
Solutions/Jamf Protect/Analytic Rules/JamfProtectUnifiedLogs.yaml	52
Solutions/Jamf Protect/Parsers/JamfProtectAlerts.yaml	20
Solutions/Jamf Protect/Parsers/JamfProtectNetworkTraffic.yaml	61
Solutions/Jamf Protect/Parsers/JamfProtectTelemetry.yaml	740
Solutions/Jamf Protect/Parsers/JamfProtectThreatEvents.yaml	65
Solutions/Jamf Protect/Parsers/JamfProtectUnifiedLogs.yaml	11
Solutions/Juniper SRX/Parsers/JuniperSRX.yaml	101
Solutions/JuniperIDP/Parsers/JuniperIDP.yaml	96
Solutions/LastPass/Analytic Rules/EmployeeAccountDeleted.yaml	36
Solutions/LastPass/Analytic Rules/FailedSigninDueToMFA.yaml	43
Solutions/LastPass/Analytic Rules/HighlySensitivePasswordAccessed.yaml	44
Solutions/LastPass/Analytic Rules/TIMapIPEntityToLastPass.yaml	30
Solutions/LastPass/Analytic Rules/UnusualVolumeOfPasswordsUpdatedOrRemoved.yaml	45
Solutions/LastPass/Hunting Queries/FailedSigninsDueToMFA.yaml	21
Solutions/LastPass/Hunting Queries/LoginIntoLastPassFromUnknownIP.yaml	24
Solutions/LastPass/Hunting Queries/PasswordMoveToSharedFolder.yaml	16
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/AquaBlizzardFeb2022.yaml	170
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/BariumDomainIOC112020.yaml	153
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/BariumIPIOC112020.yaml	174
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/CadetBlizzard_Jan2022_IOC.yaml	75
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/CaramelTsunami_IOC.yaml	199
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/ChiaCryptoMining.yaml	225
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/DEV-0322_SolarWinds_Serv-U_IOC.yaml	174
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/DenimTsunamiAVDetection.yaml	4
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/DenimTsunamiC2DomainsJuly2022.yaml	59
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/Dev-0530_July2022.yaml	164
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/DiamondSleetOct292020IOCs.yaml	39
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/EmeraldSleetIOCs.yaml	75
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/ExchangeServerVulnerabilitiesMarch2021IoCs.yaml	130
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/ForestBlizzardOct292020IOCs.yaml	27
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/HiveRansomwareJuly2022.yaml	60
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/KnownMintSandstormDomainsIP-October2020.yaml	68
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/MSHTMLVuln.yaml	48
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/Manganese_VPN-IOCs.yaml	4
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/MidnightBlizzard_DomainIOCsMarch2021.yaml	105
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/MidnightBlizzard_FoggyWeb.yaml	204
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/MidnightBlizzard_IOCsMay2021.yaml	184
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/NylonTyphoonIOCsNov2021.yaml	200
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/PHOSPHORUSMarch2019IOCs.yaml	113
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/PlaidRainIPIoC.yaml	164
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/RubySleetOct292020IOCs.yaml	80
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/SUNSPOTLogFile.yaml	4
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/SeashellBlizzardIOCs.yaml	152
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/SilkTyphoonUmServiceSuspiciousFile.yaml	50
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/Solorigate-Network-Beacon.yaml	87
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/Solorigate-VM-Network.yaml	4
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/TarraskHashIoC.yaml	60
Solutions/Legacy IOC based Threat Protection/Deprecated Analytic Rules/WSLMalwareCorrelation.yaml	141
Solutions/Legacy IOC based Threat Protection/Hunting Queries/Dev-0056CommandLineActivityNovember2021.yaml	45
Solutions/Legacy IOC based Threat Protection/Hunting Queries/Dev-0322CommandLineActivityNovember2021(ASIMVersion).yaml	70
Solutions/Legacy IOC based Threat Protection/Hunting Queries/Dev-0322CommandLineActivityNovember2021.yaml	63
Solutions/Legacy IOC based Threat Protection/Hunting Queries/Dev-0322FileDropActivityNovember2021(ASIMVersion).yaml	9
Solutions/Legacy IOC based Threat Protection/Hunting Queries/Dev-0322FileDropActivityNovember2021.yaml	8
Solutions/Legacy IOC based Threat Protection/Hunting Queries/ForestBlizzard_IOC_RetroHunt.yaml	45
Solutions/Legacy IOC based Threat Protection/Hunting Queries/NetworkConnectiontoOMIPorts.yaml	63
Solutions/Legacy IOC based Threat Protection/Hunting Queries/NylonTyphoonCommandLineActivity-Nov2021.yaml	91
Solutions/Legacy IOC based Threat Protection/Hunting Queries/NylonTyphoonRegIOCPatterns.yaml	91
Solutions/Legacy IOC based Threat Protection/Hunting Queries/SolarWindsInventory.yaml	61
Solutions/Lookout Cloud Security Platform for Microsoft Sentinel/Data Connectors/LookoutCSConnector/LookoutCloudSecurityAnamolies/__init__.py	340
Solutions/Lookout Cloud Security Platform for Microsoft Sentinel/Data Connectors/LookoutCSConnector/LookoutCloudSecurityEvents/__init__.py	340
Solutions/Lookout Cloud Security Platform for Microsoft Sentinel/Data Connectors/LookoutCSConnector/LookoutCloudSecurityViolations/__init__.py	340
Solutions/Lookout Cloud Security Platform for Microsoft Sentinel/Parsers/LookoutCSActivities.yaml	28
Solutions/Lookout Cloud Security Platform for Microsoft Sentinel/Parsers/LookoutCSAnomalies.yaml	36
Solutions/Lookout Cloud Security Platform for Microsoft Sentinel/Parsers/LookoutCSViolations.yaml	39
Solutions/Lookout/Analytic Rules/LookoutThreatEvent.yaml	44
Solutions/Lookout/Data Connectors/LookoutAPISentinelConnector/__init__.py	92
Solutions/Lookout/Data Connectors/LookoutAPISentinelConnector/azuresecret_handler.py	44
Solutions/Lookout/Data Connectors/LookoutAPISentinelConnector/mes_request.py	186
Solutions/Lookout/Parsers/LookoutEvents.yaml	86
Solutions/MailGuard 365/Hunting Queries/MailGuard365HighConfidenceThreats.yaml	25
Solutions/MailGuard 365/Hunting Queries/MailGuard365MalwareThreats.yaml	31
Solutions/MailGuard 365/Hunting Queries/MailGuard365PhishingThreats.yaml	28
Solutions/MailRisk/Data Connectors/MailRiskSentinelIntegration/__init__.py	22
Solutions/MailRisk/Data Connectors/config.py	23
Solutions/MailRisk/Data Connectors/mailrisk.py	79
Solutions/MailRisk/Data Connectors/models/__init__.py	14
Solutions/MailRisk/Data Connectors/models/assessment.py	19
Solutions/MailRisk/Data Connectors/models/attachment.py	34
Solutions/MailRisk/Data Connectors/models/email.py	104
Solutions/MailRisk/Data Connectors/models/event.py	16
Solutions/MailRisk/Data Connectors/models/event_types.py	8
Solutions/MailRisk/Data Connectors/models/header.py	12
Solutions/MailRisk/Data Connectors/models/link.py	14
Solutions/MailRisk/Data Connectors/models/model.py	11
Solutions/MailRisk/Data Connectors/models/risk_categories.py	8
Solutions/MailRisk/Data Connectors/models/risk_levels.py	3
Solutions/MailRisk/Data Connectors/sentinel_api.py	37
Solutions/MailRisk/Data Connectors/sentinel_integration.py	40
Solutions/Malware Protection Essentials/Analytic Rules/BackupDeletionDetected.yaml	97
Solutions/Malware Protection Essentials/Analytic Rules/PrintProcessersModified.yaml	109
Solutions/Malware Protection Essentials/Analytic Rules/StartupRegistryModified.yaml	125
Solutions/Malware Protection Essentials/Analytic Rules/SuspiciousProcessCreation.yaml	95
Solutions/Malware Protection Essentials/Analytic Rules/WindowsAllowFirewallRuleAdded.yaml	113
Solutions/Malware Protection Essentials/Analytic Rules/WindowsUpdateDisabled.yaml	112
Solutions/Malware Protection Essentials/Hunting Queries/ExecutableInUncommonLocation.yaml	104
Solutions/Malware Protection Essentials/Hunting Queries/FileCretaedInStartupFolder.yaml	101
Solutions/Malware Protection Essentials/Hunting Queries/FilesWithRansomwareExtensions.yaml	95
Solutions/Malware Protection Essentials/Hunting Queries/NewMaliciousScheduledTask.yaml	96
Solutions/Malware Protection Essentials/Hunting Queries/NewScheduledTaskCreation.yaml	93
Solutions/Malware Protection Essentials/Hunting Queries/SystemFilesModifiedByUser.yaml	111
Solutions/MarkLogicAudit/Parsers/MarkLogicAudit.yaml	65
Solutions/MaturityModelForEventLogManagementM2131/Analytic Rules/M2131AssetStoppedLogging.yaml	34
Solutions/MaturityModelForEventLogManagementM2131/Analytic Rules/M2131DataConnectorAddedChangedRemoved.yaml	29
Solutions/MaturityModelForEventLogManagementM2131/Analytic Rules/M2131EventLogManagementPostureChangedEL0.yaml	40
Solutions/MaturityModelForEventLogManagementM2131/Analytic Rules/M2131EventLogManagementPostureChangedEL1.yaml	40
Solutions/MaturityModelForEventLogManagementM2131/Analytic Rules/M2131EventLogManagementPostureChangedEL2.yaml	40
Solutions/MaturityModelForEventLogManagementM2131/Analytic Rules/M2131EventLogManagementPostureChangedEL3.yaml	40
Solutions/MaturityModelForEventLogManagementM2131/Analytic Rules/M2131LogRetentionLessThan1Year.yaml	37
Solutions/MaturityModelForEventLogManagementM2131/Analytic Rules/M2131RecommendedDatatableUnhealthy.yaml	90
Solutions/MaturityModelForEventLogManagementM2131/Hunting Queries/M2131RecommendedDatatableNotLoggedEL0.yaml	90
Solutions/MaturityModelForEventLogManagementM2131/Hunting Queries/M2131RecommendedDatatableNotLoggedEL1.yaml	90
Solutions/MaturityModelForEventLogManagementM2131/Hunting Queries/M2131RecommendedDatatableNotLoggedEL2.yaml	90
Solutions/MaturityModelForEventLogManagementM2131/Hunting Queries/M2131RecommendedDatatableNotLoggedEL3.yaml	90
Solutions/McAfee Network Security Platform/Parsers/McAfeeNSPEvent.yaml	36
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOAgentHandlerDown.yaml	33
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOAlertError.yaml	30
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOAttemptUninstallAgent.yaml	34
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPODeploymentFailed.yaml	33
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOExceptionAdded.yaml	31
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOFirewallDisabled.yaml	35
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOLoggingError.yaml	38
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOMultipleThreatsSameHost.yaml	40
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOScanningEngineDisabled.yaml	34
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOSpamEmail.yaml	33
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOTaskError.yaml	33
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOThreatNotBlocked.yaml	35
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOUnableCleanDeleteInfectedFile.yaml	39
Solutions/McAfee ePolicy Orchestrator/Analytic Rules/McAfeeEPOUpdateFailed.yaml	34
Solutions/McAfee ePolicy Orchestrator/Hunting Queries/McAfeeEPOAgentErrors.yaml	35
Solutions/McAfee ePolicy Orchestrator/Hunting Queries/McAfeeEPOApplicationsBlocked.yaml	28
Solutions/McAfee ePolicy Orchestrator/Hunting Queries/McAfeeEPOEmailThreats.yaml	39
Solutions/McAfee ePolicy Orchestrator/Hunting Queries/McAfeeEPOInfectedFiles.yaml	25
Solutions/McAfee ePolicy Orchestrator/Hunting Queries/McAfeeEPOInfectedSystems.yaml	25
Solutions/McAfee ePolicy Orchestrator/Hunting Queries/McAfeeEPOLongTermInfectedSystems.yaml	41
Solutions/McAfee ePolicy Orchestrator/Hunting Queries/McAfeeEPOMultipleThreats.yaml	29
Solutions/McAfee ePolicy Orchestrator/Hunting Queries/McAfeeEPOObjectsNotScanned.yaml	27
Solutions/McAfee ePolicy Orchestrator/Hunting Queries/McAfeeEPOScanErrors.yaml	35
Solutions/McAfee ePolicy Orchestrator/Hunting Queries/McAfeeEPOThreatNotBlocked.yaml	36
Solutions/McAfee ePolicy Orchestrator/Parsers/McAfeeEPOEvent.yaml	200
Solutions/Microsoft 365/Analytic Rules/External User added to Team and immediately uploads file.yaml	88
Solutions/Microsoft 365/Analytic Rules/ExternalUserAddedRemovedInTeams.yaml	71
Solutions/Microsoft 365/Analytic Rules/ForestBlizzardCredHarvesting.yaml	4
Solutions/Microsoft 365/Analytic Rules/MailItemsAccessedTimeSeries.yaml	80
Solutions/Microsoft 365/Analytic Rules/Mail_redirect_via_ExO_transport_rule.yaml	52
Solutions/Microsoft 365/Analytic Rules/Malicious_Inbox_Rule.yaml	38
Solutions/Microsoft 365/Analytic Rules/MultipleTeamsDeletes.yaml	41
Solutions/Microsoft 365/Analytic Rules/Office_MailForwarding.yaml	59
Solutions/Microsoft 365/Analytic Rules/Office_Uploaded_Executables.yaml	78
Solutions/Microsoft 365/Analytic Rules/RareOfficeOperations.yaml	45
Solutions/Microsoft 365/Analytic Rules/SharePoint_Downloads_byNewIP.yaml	71
Solutions/Microsoft 365/Analytic Rules/SharePoint_Downloads_byNewUserAgent.yaml	82
Solutions/Microsoft 365/Analytic Rules/exchange_auditlogdisabled.yaml	50
Solutions/Microsoft 365/Analytic Rules/office_policytampering.yaml	62
Solutions/Microsoft 365/Analytic Rules/sharepoint_file_transfer_above_threshold.yaml	59
Solutions/Microsoft 365/Analytic Rules/sharepoint_file_transfer_folders_above_threshold.yaml	59
Solutions/Microsoft 365/Hunting Queries/AnomolousUserAccessingOtherUsersMailbox.yaml	22
Solutions/Microsoft 365/Hunting Queries/ExternalUserAddedRemovedInTeams_HuntVersion.yaml	42
Solutions/Microsoft 365/Hunting Queries/ExternalUserFromNewOrgAddedToTeams.yaml	15
Solutions/Microsoft 365/Hunting Queries/Mail_redirect_via_ExO_transport_rule_hunting.yaml	45
Solutions/Microsoft 365/Hunting Queries/MultiTeamBot.yaml	38
Solutions/Microsoft 365/Hunting Queries/MultiTeamOwner.yaml	43
Solutions/Microsoft 365/Hunting Queries/MultipleTeamsDeletes.yaml	38
Solutions/Microsoft 365/Hunting Queries/MultipleUsersEmailForwardedToSameDestination.yaml	60
Solutions/Microsoft 365/Hunting Queries/NewBotAddedToTeams.yaml	40
Solutions/Microsoft 365/Hunting Queries/New_WindowsReservedFileNamesOnOfficeFileServices.yaml	49
Solutions/Microsoft 365/Hunting Queries/OfficeMailForwarding_hunting.yaml	43
Solutions/Microsoft 365/Hunting Queries/TeamsFilesUploaded.yaml	45
Solutions/Microsoft 365/Hunting Queries/UserAddToTeamsAndUploadsFile.yaml	39
Solutions/Microsoft 365/Hunting Queries/WindowsReservedFileNamesOnOfficeFileServices.yaml	54
Solutions/Microsoft 365/Hunting Queries/double_file_ext_exes.yaml	41
Solutions/Microsoft 365/Hunting Queries/new_adminaccountactivity.yaml	57
Solutions/Microsoft 365/Hunting Queries/new_sharepoint_downloads_by_IP.yaml	52
Solutions/Microsoft 365/Hunting Queries/new_sharepoint_downloads_by_UserAgent.yaml	59
Solutions/Microsoft 365/Hunting Queries/nonowner_MailboxLogin.yaml	44
Solutions/Microsoft 365/Hunting Queries/powershell_or_nonbrowser_MailboxLogin.yaml	31
Solutions/Microsoft 365/Hunting Queries/sharepoint_downloads.yaml	39
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Anomalous application user activity.yaml	96
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Audit log data deletion.yaml	61
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Audit logging disabled.yaml	68
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Bulk record ownership re-assignment or sharing.yaml	72
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Executable uploaded to SharePoint document management site.yaml	83
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Export activity from terminated or notified employee.yaml	76
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Guest user exfiltration following Power Platform defense impairment.yaml	126
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Hierarchy security manipulation.yaml	99
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Honeypot instance activity.yaml	83
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Login by a sensitive privileged user.yaml	71
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Login from IP in the block list.yaml	75
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Login from IP not in the allow list.yaml	77
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Malware found in SharePoint document management site.yaml	90
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Mass deletion of records.yaml	83
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Mass download from SharePoint document management.yaml	79
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Mass export of records to Excel.yaml	90
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Mass record updates.yaml	85
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - New Dataverse application user activity type.yaml	77
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - New non-interactive identity granted access.yaml	87
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - New sign-in from an unauthorized domain.yaml	82
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - New user agent type that was not used before.yaml	91
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - New user agent type that was not used with Office 365.yaml	81
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Organization settings modified.yaml	68
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Removal of blocked file extensions.yaml	65
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - SharePoint document management site added or updated.yaml	79
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Suspicious security role modifications.yaml	100
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Suspicious use of TDS endpoint.yaml	101
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Suspicious use of Web API.yaml	89
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - TI map IP to DataverseActivity.yaml	118
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - TI map URL to DataverseActivity.yaml	123
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Terminated employee exfiltration over email.yaml	106
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Terminated employee exfiltration to USB drive.yaml	86
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - Unusual sign-in following disabled IP address-based cookie binding protection.yaml	108
Solutions/Microsoft Business Applications/Analytic Rules/Dataverse - User bulk retrieval outside normal activity.yaml	97
Solutions/Microsoft Business Applications/Analytic Rules/F&O - Bank account change following network alias reassignment.yaml	87
Solutions/Microsoft Business Applications/Analytic Rules/F&O - Mass update or deletion of user records.yaml	50
Solutions/Microsoft Business Applications/Analytic Rules/F&O - Non-interactive account mapped to self or sensitive privileged user.yaml	75
Solutions/Microsoft Business Applications/Analytic Rules/F&O - Reverted bank account number modifications.yaml	67
Solutions/Microsoft Business Applications/Analytic Rules/F&O - Unusual sign-in activity using single factor authentication.yaml	79
Solutions/Microsoft Business Applications/Analytic Rules/Power Apps - App activity from unauthorized geo.yaml	94
Solutions/Microsoft Business Applications/Analytic Rules/Power Apps - Bulk sharing of Power Apps to newly created guest users.yaml	110
Solutions/Microsoft Business Applications/Analytic Rules/Power Apps - Multiple apps deleted.yaml	82
Solutions/Microsoft Business Applications/Analytic Rules/Power Apps - Multiple users access a malicious link after launching new app.yaml	203
Solutions/Microsoft Business Applications/Analytic Rules/Power Automate - Departing employee flow activity.yaml	71
Solutions/Microsoft Business Applications/Analytic Rules/Power Automate - Unusual bulk deletion of flow resources.yaml	88
Solutions/Microsoft Business Applications/Analytic Rules/Power Platform - Account added to privileged Microsoft Entra roles.yaml	79
Solutions/Microsoft Business Applications/Analytic Rules/Power Platform - Connector added to a sensitive environment.yaml	41
Solutions/Microsoft Business Applications/Analytic Rules/Power Platform - DLP policy updated or removed.yaml	87
Solutions/Microsoft Business Applications/Analytic Rules/Power Platform - Possibly compromised user accesses Power Platform services.yaml	89
Solutions/Microsoft Business Applications/Hunting Queries/Dataverse - Activity after Microsoft Entra alerts.yaml	46
Solutions/Microsoft Business Applications/Hunting Queries/Dataverse - Activity after failed logons.yaml	48
Solutions/Microsoft Business Applications/Hunting Queries/Dataverse - Cross-environment data export activity.yaml	54
Solutions/Microsoft Business Applications/Hunting Queries/Dataverse - Dataverse export copied to USB devices.yaml	61
Solutions/Microsoft Business Applications/Hunting Queries/Dataverse - Generic client app used to access production environments.yaml	56
Solutions/Microsoft Business Applications/Hunting Queries/Dataverse - Identity management activity outside of privileged directory role membership.yaml	36
Solutions/Microsoft Business Applications/Hunting Queries/Dataverse - Identity management changes without MFA.yaml	54
Solutions/Microsoft Business Applications/Hunting Queries/Power Apps - Anomalous bulk sharing of Power App to newly created guest users.yaml	89
Solutions/Microsoft Business Applications/Parsers/DataverseSharePointSites.yaml	30
Solutions/Microsoft Business Applications/Parsers/MSBizAppsNetworkAddresses.yaml	33
Solutions/Microsoft Business Applications/Parsers/MSBizAppsOrgSettings.yaml	478
Solutions/Microsoft Business Applications/Parsers/MSBizAppsTerminatedEmployees.yaml	51
Solutions/Microsoft Business Applications/Parsers/MSBizAppsVIPUsers.yaml	42
Solutions/Microsoft Defender XDR/Analytic Rules/AVSpringShell.yaml	53
Solutions/Microsoft Defender XDR/Analytic Rules/AVTarrask.yaml	49
Solutions/Microsoft Defender XDR/Analytic Rules/AVdetectionsrelatedtoUkrainebasedthreats.yaml	38
Solutions/Microsoft Defender XDR/Analytic Rules/Campaign/Jupyter-Solarmaker/DeimosComponentExecution.yaml	45
Solutions/Microsoft Defender XDR/Analytic Rules/Campaign/Macaw Ransomware/ImminentRansomware.yaml	63
Solutions/Microsoft Defender XDR/Analytic Rules/Campaign/Sysrv-botnet/MaliciousCMDExecutionByJava.yaml	40
Solutions/Microsoft Defender XDR/Analytic Rules/Command and Control/C2-NamedPipe.yaml	82
Solutions/Microsoft Defender XDR/Analytic Rules/Credential Access/DoppelPaymerProcDump.yaml	52
Solutions/Microsoft Defender XDR/Analytic Rules/Credential Access/LSASSCredDumpProcdump.yaml	50
Solutions/Microsoft Defender XDR/Analytic Rules/Defense Evasion/DoppelpaymerStopService.yaml	47
Solutions/Microsoft Defender XDR/Analytic Rules/Defense Evasion/QakbotCampaignSelfDeletion.yaml	45
Solutions/Microsoft Defender XDR/Analytic Rules/Defense Evasion/Regsvr32Rundll32ImageLoadsAbnormalExtension.yaml	63
Solutions/Microsoft Defender XDR/Analytic Rules/Defense Evasion/Regsvr32Rundll32WithAnomalousParentProcess.yaml	63
Solutions/Microsoft Defender XDR/Analytic Rules/Discovery/SuspiciousCommandInitiatedByWebServerProcess.yaml	54
Solutions/Microsoft Defender XDR/Analytic Rules/Execution/BITSAdminActivity.yaml	69
Solutions/Microsoft Defender XDR/Analytic Rules/Execution/OfficeAppsLaunchingWscript.yaml	54
Solutions/Microsoft Defender XDR/Analytic Rules/Execution/PotentialKerberoastActivities.yaml	62
Solutions/Microsoft Defender XDR/Analytic Rules/Exfiltration/FilesCopiedToUSBDrives.yaml	66
Solutions/Microsoft Defender XDR/Analytic Rules/Exploits/MosaicLoader.yaml	45
Solutions/Microsoft Defender XDR/Analytic Rules/Impact/AnomalousVoulmeOfFileDeletion.yaml	79
Solutions/Microsoft Defender XDR/Analytic Rules/Lateral Movement/RemoteFileCreationWithPsExec.yaml	62
Solutions/Microsoft Defender XDR/Analytic Rules/Lateral Movement/ServiceAccountsPerformingRemotePS.yaml	72
Solutions/Microsoft Defender XDR/Analytic Rules/Persistence/AccountCreation.yaml	45
Solutions/Microsoft Defender XDR/Analytic Rules/Persistence/LocalAdminGroupChanges.yaml	83
Solutions/Microsoft Defender XDR/Analytic Rules/Persistence/RareProcessAsService.yaml	85
Solutions/Microsoft Defender XDR/Analytic Rules/PossiblePhishingwithCSL&NetworkSession.yaml	147
Solutions/Microsoft Defender XDR/Analytic Rules/PossibleWebpBufferOverflow.yaml	87
Solutions/Microsoft Defender XDR/Analytic Rules/PotentialBuildProcessCompromiseMDE.yaml	71
Solutions/Microsoft Defender XDR/Analytic Rules/Ransomware/DEV-0270/DisableSecurityServiceViaRegistry.yaml	25
Solutions/Microsoft Defender XDR/Analytic Rules/Ransomware/DataDeletionOnMulipleDrivesUsingCipherExe.yaml	40
Solutions/Microsoft Defender XDR/Analytic Rules/Ransomware/LaZagneCredTheft.yaml	42
Solutions/Microsoft Defender XDR/Analytic Rules/Ransomware/LogDeletionUsingWevtutil.yaml	37
Solutions/Microsoft Defender XDR/Analytic Rules/Ransomware/MultiProcessKillWithTaskKill.yaml	37
Solutions/Microsoft Defender XDR/Analytic Rules/Ransomware/PotentialCobaltStrikeRansomwareActivity.yaml	80
Solutions/Microsoft Defender XDR/Analytic Rules/Ransomware/QakbotDiscoveryActivities.yaml	50
Solutions/Microsoft Defender XDR/Analytic Rules/Ransomware/ShadowCopyDeletion.yaml	67
Solutions/Microsoft Defender XDR/Analytic Rules/SUNSPOTHashes.yaml	54
Solutions/Microsoft Defender XDR/Analytic Rules/SolarWinds_SUNBURST_&_SUPERNOVA_File-IOCs.yaml	58
Solutions/Microsoft Defender XDR/Analytic Rules/SolarWinds_SUNBURST_Network-IOCs.yaml	66
Solutions/Microsoft Defender XDR/Analytic Rules/SolarWinds_TEARDROP_Process-IOCs.yaml	35
Solutions/Microsoft Defender XDR/Hunting Queries/Appspot Phishing Abuse.yaml	54
Solutions/Microsoft Defender XDR/Hunting Queries/Campaigns/Bazacall/PayloadDropUsingCertUtil.yaml	4
Solutions/Microsoft Defender XDR/Hunting Queries/Campaigns/JudgementPandaExfilActivity.yaml	28
Solutions/Microsoft Defender XDR/Hunting Queries/Campaigns/Jupyter-Solarmaker/DeimosComponentExecution.yaml	22
Solutions/Microsoft Defender XDR/Hunting Queries/Campaigns/LemonDuck/LemonDuckRegistrationFunction.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Campaigns/Log4j/DeviceWithLog4jAlerts.yaml	42
Solutions/Microsoft Defender XDR/Hunting Queries/Campaigns/Log4j/Log4jVulnRelatedAlerts.yaml	29
Solutions/Microsoft Defender XDR/Hunting Queries/Campaigns/Macaw Ransomware/ImminentRansomware.yaml	41
Solutions/Microsoft Defender XDR/Hunting Queries/Campaigns/Macaw Ransomware/MaliciousUseOfMSBuildAsLoLBin.yaml	17
Solutions/Microsoft Defender XDR/Hunting Queries/Campaigns/Qakbot/QakbotReconActivities.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Campaigns/RobbinhoodDriver.yaml	26
Solutions/Microsoft Defender XDR/Hunting Queries/Campaigns/Snip3MaliciousNetworkConnectivity.yaml	23
Solutions/Microsoft Defender XDR/Hunting Queries/Campaigns/Sysrv-botnet/MaliciousCMDExecutionByJava.yaml	19
Solutions/Microsoft Defender XDR/Hunting Queries/Check for spoofing attempts on the domain with Authentication failures.yaml	36
Solutions/Microsoft Defender XDR/Hunting Queries/Command and Control/C2-NamedPipe.yaml	65
Solutions/Microsoft Defender XDR/Hunting Queries/Command and Control/ReconWithRundll.yaml	28
Solutions/Microsoft Defender XDR/Hunting Queries/Credential Access/DoppelPaymerProcdump.yaml	30
Solutions/Microsoft Defender XDR/Hunting Queries/Credential Access/LSASSCredDumpProcdump.yaml	26
Solutions/Microsoft Defender XDR/Hunting Queries/Credential Access/LaZagne.yaml	32
Solutions/Microsoft Defender XDR/Hunting Queries/Defense Evasion/ClearSystemLogs.yaml	22
Solutions/Microsoft Defender XDR/Hunting Queries/Defense Evasion/DoppelpaymerStopServices.yaml	27
Solutions/Microsoft Defender XDR/Hunting Queries/Defense Evasion/QakbotCampaignSelfDeletion.yaml	22
Solutions/Microsoft Defender XDR/Hunting Queries/Defense Evasion/Regsvr32Rundll32ImageLoadsAbnormalExtension.yaml	32
Solutions/Microsoft Defender XDR/Hunting Queries/Defense Evasion/Regsvr32Rundll32WithAnomalousParentProcess.yaml	33
Solutions/Microsoft Defender XDR/Hunting Queries/Delivered Bad Emails from Top bad IPv4 addresses.yaml	42
Solutions/Microsoft Defender XDR/Hunting Queries/Discovery/SuspiciousCommandInitiatedByWebServerProcess.yaml	35
Solutions/Microsoft Defender XDR/Hunting Queries/Discovery/User&GroupEnumWithNetCommand.yaml	19
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Attachment/ATP policy status check.yaml	27
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Attachment/JNLP attachment.yaml	18
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Attachment/Safe attachment detection.yaml	23
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Authentication/Authentication failures.yaml	23
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Authentication/Spoof attempts with auth failure.yaml	22
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/General/Audit Email Preview-Download action.yaml	29
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/General/Email sender IP address Geo location information.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/General/Hunt for Admin email access.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/General/Hunt for TABL changes.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/General/Local time to UTC time conversion.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/General/MDO daily detection summary report.yaml	65
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/General/Mail item accessed.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/General/Malicious email senders.yaml	22
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/General/New TABL Items.yaml	33
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/Automated email notifications and suspicious sign-in activity.yaml	26
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/BEC - File sharing tactics - Dropbox.yaml	30
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/BEC - File sharing tactics - OneDrive or SharePoint.yaml	38
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/Email bombing.yaml	12
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/Emails containing links to IP addresses.yaml	18
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/Files share contents and suspicious sign-in activity.yaml	30
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/Good emails from senders with bad patterns.yaml	30
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/Hunt for email bombing attacks.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/Hunt for email conversation take over attempts.yaml	40
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/Hunt for malicious URLs using external IOC source.yaml	28
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/Hunt for malicious attachments using external IOC source.yaml	27
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/Inbox rule change which forward-redirect email.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Hunting/Top outbound recipient domains sending inbound emails with threats.yaml	26
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Mailflow/Detections by detection methods.yaml	46
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Mailflow/Mail reply to new domain.yaml	40
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Mailflow/Mailflow by directionality.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Mailflow/Malicious emails detected per day.yaml	29
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Mailflow/Sender recipient contact establishment.yaml	35
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Mailflow/Top 100 malicious email senders.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Mailflow/Top 100 senders.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Mailflow/Zero day threats.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Malware/Email containing malware accessed on a unmanaged device.yaml	30
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Malware/Email containing malware sent by an internal sender.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Malware/Email malware detection report.yaml	26
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Malware/Malware detections by detection methods.yaml	32
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Overrides/Admin overrides.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Overrides/Top policies performing admin overrides.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Overrides/Top policies performing user overrides.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Overrides/User overrides.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Phish/Appspot phishing abuse.yaml	31
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Phish/PhishDetectionByDetectionMethod.yaml	39
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Phish/Possible Teams phishing activity.yaml	34
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Phish/Possible device code phishing attempts.yaml	47
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Campaign with randomly named attachments.yaml	24
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Campaign with suspicious keywords.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Custom detection-Emails with QR from non-prevalent senders.yaml	51
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Emails delivered having URLs from QR codes.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Emails with QR codes and suspicious keywords in subject.yaml	27
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Emails with QR codes from non-prevalent sender.yaml	36
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Hunting for sender patterns.yaml	47
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Hunting for user signals-clusters.yaml	26
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Inbound emails with QR code URLs.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Personalized campaigns based on the first few keywords.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Personalized campaigns based on the last few keywords.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Risky sign-in attempt from a non-managed device.yaml	31
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/QR code/Suspicious sign-in attempts from QR code phishing campaigns.yaml	47
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Quarantine/Group quarantine release.yaml	24
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Quarantine/High Confidence Phish Released.yaml	27
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Quarantine/Quarantine Release Email Details.yaml	27
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Quarantine/Quarantine release trend.yaml	22
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Remediation/AIR investigation actions insight.yaml	35
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Remediation/Email remediation action list.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Spoof and Impersonation/Display Name - Spoof and Impersonation.yaml	35
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Spoof and Impersonation/Referral phish emails.yaml	27
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Spoof and Impersonation/Spoof and impersonation detections by sender IP.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Spoof and Impersonation/Spoof and impersonation phish detections.yaml	22
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Spoof and Impersonation/User not covered under display name impersonation.yaml	28
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Submissions/Admin reported submissions.yaml	22
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Submissions/Status of submissions.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Submissions/Top submitters of admin submissions.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Submissions/Top submitters of user submissions.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Submissions/User reported submissions.yaml	22
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Top Attacks/Attacked more than x times average.yaml	24
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Top Attacks/Malicious mails by sender IPs.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Top Attacks/Top 10 URL domains attacking organization.yaml	27
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Top Attacks/Top 10 percent of most attacked users.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Top Attacks/Top external malicious senders.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/Top Attacks/Top targeted users.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/URL Click/End user malicious clicks.yaml	24
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/URL Click/URL click count by click action.yaml	22
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/URL Click/URL click on ZAP Email.yaml	23
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/URL Click/URL clicks actions by URL.yaml	22
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/URL Click/URLClick details based on malicious URL click alert.yaml	22
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/URL Click/User clicked through events.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/URL Click/User clicks on malicious inbound emails.yaml	28
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/URL Click/User clicks on phishing URLs in emails.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/URL/Phishing Email Url Redirector.yaml	6
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/URL/SafeLinks URL detections.yaml	23
Solutions/Microsoft Defender XDR/Hunting Queries/Email Queries/ZAP/Total ZAP count.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/EmailDelivered-ToInbox.yaml	36
Solutions/Microsoft Defender XDR/Hunting Queries/Execution/AnomalousPayloadDeliveredWithISOFile.yaml	37
Solutions/Microsoft Defender XDR/Hunting Queries/Execution/BitsadminActivity.yaml	42
Solutions/Microsoft Defender XDR/Hunting Queries/Execution/MaliciousUseOfMSIExec.yaml	26
Solutions/Microsoft Defender XDR/Hunting Queries/Execution/MaliciousUseOfMsiExecMimikatz.yaml	26
Solutions/Microsoft Defender XDR/Hunting Queries/Execution/OfficeAppsLaunchingWscript.yaml	24
Solutions/Microsoft Defender XDR/Hunting Queries/Execution/PotentialKerberoastActivities.yaml	36
Solutions/Microsoft Defender XDR/Hunting Queries/Execution/PowerShellDownloads.yaml	27
Solutions/Microsoft Defender XDR/Hunting Queries/Execution/SuspiciousAppExeutedByWebserver.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Execution/SuspiciousMshtaUsage.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/Exfiltration/FilesCopiedToUSBDrives.yaml	35
Solutions/Microsoft Defender XDR/Hunting Queries/Exploits/CVE-2022-26134-Confluence.yaml	26
Solutions/Microsoft Defender XDR/Hunting Queries/Exploits/MosaicLoader.yaml	18
Solutions/Microsoft Defender XDR/Hunting Queries/Exploits/Print Spooler RCE/SpoolsvSpawningRundll32.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Exploits/Print Spooler RCE/SuspiciousDLLInSpoolFolder.yaml	21
Solutions/Microsoft Defender XDR/Hunting Queries/Exploits/Print Spooler RCE/SuspiciousFilesInSpoolFolder.yaml	18
Solutions/Microsoft Defender XDR/Hunting Queries/Exploits/Print Spooler RCE/SuspiciousSpoolsvChildProcess.yaml	38
Solutions/Microsoft Defender XDR/Hunting Queries/Exploits/PrintNightmareUsageDetection-CVE-2021-1675.yaml	8
Solutions/Microsoft Defender XDR/Hunting Queries/Exploits/SuspiciousFileCreationByPrintSpoolerService.yaml	25
Solutions/Microsoft Defender XDR/Hunting Queries/General Queries/MITRESuspiciousEvents.yaml	72
Solutions/Microsoft Defender XDR/Hunting Queries/Impact/AnomalousVoulmeOfFileDeletion.yaml	76
Solutions/Microsoft Defender XDR/Hunting Queries/Initial Access/DetectMailSniper.yaml	60
Solutions/Microsoft Defender XDR/Hunting Queries/Lateral Movement/AccountBruteForce.yaml	26
Solutions/Microsoft Defender XDR/Hunting Queries/Lateral Movement/RemoteFileCreationWithPsExec.yaml	41
Solutions/Microsoft Defender XDR/Hunting Queries/Lateral Movement/ServiceAccountsPerformingRemotePS.yaml	58
Solutions/Microsoft Defender XDR/Hunting Queries/Persistence/AccountCreation.yaml	32
Solutions/Microsoft Defender XDR/Hunting Queries/Persistence/LocalAdminGroupChanges.yaml	50
Solutions/Microsoft Defender XDR/Hunting Queries/Persistence/RareProcessAsService.yaml	63
Solutions/Microsoft Defender XDR/Hunting Queries/Persistence/ScheduledTaskCreation.yaml	19
Solutions/Microsoft Defender XDR/Hunting Queries/Privilege Escalation/SAMNameChange_CVE-2021-42278.yaml	28
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/DEV-0270/DisableSecurityServiceViaRegistry.yaml	17
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/DEV-0270/DomainDiscoveryWMICwithDLLHostExe.yaml	17
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/DEV-0270/MDEExclusionUsingPowerShell.yaml	16
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/DataDeletionOnMulipleDrivesUsingCipherExe.yaml	24
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/DetectMultipleSignsOfRamsomwareActivity.yaml	90
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/IcedIdSuspiciousImageLoad.yaml	18
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/LaZagneCredTheft.yaml	18
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/LogDeletionUsingWevtutil.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/MultiProcessKillWithTaskKill.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/PotentialCobaltStrikeRansomwareActivity.yaml	44
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/QakbotDiscoveryActivities.yaml	26
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/ShadowCopyDeletion.yaml	46
Solutions/Microsoft Defender XDR/Hunting Queries/Ransomware/TurningOffServicesWithSCCommad.yaml	20
Solutions/Microsoft Defender XDR/Hunting Queries/TVM/Detect_CISA_Alert_AA22-117A2021_Top_Routinely_Exploited_Vulnerabilities.yaml	59
Solutions/Microsoft Defender for Cloud Apps/Analytic Rules/AdditionalFilesUploadedByActor.yaml	51
Solutions/Microsoft Defender for Cloud/Analytic Rules/CoreBackupDeletionwithSecurityAlert.yaml	69
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/BlockMalwareFileExtension/run.ps1	43
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/ConnectExchangeOnline/run.ps1	36
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/CreateAllowBlockList/run.ps1	55
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/CreateSpamPolicy/run.ps1	42
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/CreateSpamRule/run.ps1	67
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/DisconnectExchangeOnline/run.ps1	37
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/GetInboxRule/run.ps1	37
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/ListMalwarePolicy/run.ps1	43
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/ListSpamPolicy/run.ps1	43
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/RemoveAllowBlockListItems/run.ps1	42
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/RemoveInboxRule/run.ps1	38
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/TenantAllowBlockList/run.ps1	39
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/UpdateAllowBlockList/run.ps1	55
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/profile.ps1	19
Solutions/Microsoft Defender for Office 365/Playbooks/CustomConnector/O365_Defender_FunctionAppConnector/requirements.psd1	9
Solutions/Microsoft Entra ID Protection/Analytic Rules/CorrelateIPC_Unfamiliar-Atypical.yaml	122
Solutions/Microsoft Entra ID/Analytic Rules/ADFSDomainTrustMods.yaml	91
Solutions/Microsoft Entra ID/Analytic Rules/ADFSSignInLogsPasswordSpray.yaml	44
Solutions/Microsoft Entra ID/Analytic Rules/AccountCreatedDeletedByNonApprovedUser.yaml	61
Solutions/Microsoft Entra ID/Analytic Rules/AccountCreatedandDeletedinShortTimeframe.yaml	105
Solutions/Microsoft Entra ID/Analytic Rules/AdminPromoAfterRoleMgmtAppPermissionGrant.yaml	133
Solutions/Microsoft Entra ID/Analytic Rules/AnomalousUserAppSigninLocationIncrease-detection.yaml	38
Solutions/Microsoft Entra ID/Analytic Rules/AuthenticationMethodsChangedforPrivilegedAccount.yaml	81
Solutions/Microsoft Entra ID/Analytic Rules/AzureAADPowerShellAnomaly.yaml	60
Solutions/Microsoft Entra ID/Analytic Rules/AzureADRoleManagementPermissionGrant.yaml	58
Solutions/Microsoft Entra ID/Analytic Rules/AzurePortalSigninfromanotherAzureTenant.yaml	77
Solutions/Microsoft Entra ID/Analytic Rules/AzureRBAC.yaml	57
Solutions/Microsoft Entra ID/Analytic Rules/Brute Force Attack against GitHub Account.yaml	48
Solutions/Microsoft Entra ID/Analytic Rules/BruteForceCloudPC.yaml	70
Solutions/Microsoft Entra ID/Analytic Rules/BulkChangestoPrivilegedAccountPermissions.yaml	88
Solutions/Microsoft Entra ID/Analytic Rules/BypassCondAccessRule.yaml	77
Solutions/Microsoft Entra ID/Analytic Rules/CredentialAddedAfterAdminConsent.yaml	153
Solutions/Microsoft Entra ID/Analytic Rules/Cross-tenantAccessSettingsOrganizationAdded.yaml	69
Solutions/Microsoft Entra ID/Analytic Rules/Cross-tenantAccessSettingsOrganizationDeleted.yaml	66
Solutions/Microsoft Entra ID/Analytic Rules/Cross-tenantAccessSettingsOrganizationInboundCollaborationSettingsChanged.yaml	71
Solutions/Microsoft Entra ID/Analytic Rules/Cross-tenantAccessSettingsOrganizationInboundDirectSettingsChanged.yaml	71
Solutions/Microsoft Entra ID/Analytic Rules/Cross-tenantAccessSettingsOrganizationOutboundCollaborationSettingsChanged.yaml	71
Solutions/Microsoft Entra ID/Analytic Rules/Cross-tenantAccessSettingsOrganizationOutboundDirectSettingsChanged.yaml	71
Solutions/Microsoft Entra ID/Analytic Rules/DisabledAccountSigninsAcrossManyApplications.yaml	53
Solutions/Microsoft Entra ID/Analytic Rules/DistribPassCrackAttempt.yaml	60
Solutions/Microsoft Entra ID/Analytic Rules/ExchangeFullAccessGrantedToApp.yaml	96
Solutions/Microsoft Entra ID/Analytic Rules/ExplicitMFADeny.yaml	35
Solutions/Microsoft Entra ID/Analytic Rules/FailedLogonToAzurePortal.yaml	106
Solutions/Microsoft Entra ID/Analytic Rules/FirstAppOrServicePrincipalCredential.yaml	88
Solutions/Microsoft Entra ID/Analytic Rules/GuestAccountsAddedinAADGroupsOtherThanTheOnesSpecified.yaml	92
Solutions/Microsoft Entra ID/Analytic Rules/MFARejectedbyUser.yaml	85
Solutions/Microsoft Entra ID/Analytic Rules/MFASpammingfollowedbySuccessfullogin.yaml	46
Solutions/Microsoft Entra ID/Analytic Rules/MailPermissionsAddedToApplication.yaml	87
Solutions/Microsoft Entra ID/Analytic Rules/MaliciousOAuthApp_O365AttackToolkit.yaml	123
Solutions/Microsoft Entra ID/Analytic Rules/MaliciousOAuthApp_PwnAuth.yaml	116
Solutions/Microsoft Entra ID/Analytic Rules/MultipleAdmin_membership_removals_from_NewAdmin.yaml	109
Solutions/Microsoft Entra ID/Analytic Rules/NRT_ADFSDomainTrustMods.yaml	72
Solutions/Microsoft Entra ID/Analytic Rules/NRT_AuthenticationMethodsChangedforVIPUsers.yaml	66
Solutions/Microsoft Entra ID/Analytic Rules/NRT_NewAppOrServicePrincipalCredential.yaml	84
Solutions/Microsoft Entra ID/Analytic Rules/NRT_PIMElevationRequestRejected.yaml	71
Solutions/Microsoft Entra ID/Analytic Rules/NRT_PrivlegedRoleAssignedOutsidePIM.yaml	63
Solutions/Microsoft Entra ID/Analytic Rules/NRT_UseraddedtoPrivilgedGroups.yaml	53
Solutions/Microsoft Entra ID/Analytic Rules/NewAppOrServicePrincipalCredential.yaml	86
Solutions/Microsoft Entra ID/Analytic Rules/NewOnmicrosoftDomainAdded.yaml	69
Solutions/Microsoft Entra ID/Analytic Rules/PIMElevationRequestRejected.yaml	74
Solutions/Microsoft Entra ID/Analytic Rules/PossibleSignInfromAzureBackdoor.yaml	4
Solutions/Microsoft Entra ID/Analytic Rules/PrivilegedAccountsSigninFailureSpikes.yaml	87
Solutions/Microsoft Entra ID/Analytic Rules/PrivlegedRoleAssignedOutsidePIM.yaml	69
Solutions/Microsoft Entra ID/Analytic Rules/RareApplicationConsent.yaml	96
Solutions/Microsoft Entra ID/Analytic Rules/SeamlessSSOPasswordSpray.yaml	54
Solutions/Microsoft Entra ID/Analytic Rules/Sign-in Burst from Multiple Locations.yaml	47
Solutions/Microsoft Entra ID/Analytic Rules/SigninAttemptsByIPviaDisabledAccounts.yaml	87
Solutions/Microsoft Entra ID/Analytic Rules/SigninBruteForce-AzurePortal.yaml	101
Solutions/Microsoft Entra ID/Analytic Rules/SigninPasswordSpray.yaml	86
Solutions/Microsoft Entra ID/Analytic Rules/SuccessThenFail_DiffIP_SameUserandApp.yaml	107
Solutions/Microsoft Entra ID/Analytic Rules/SuspiciousAADJoinedDeviceUpdate.yaml	102
Solutions/Microsoft Entra ID/Analytic Rules/SuspiciousOAuthApp_OfflineAccess.yaml	112
Solutions/Microsoft Entra ID/Analytic Rules/SuspiciousServicePrincipalcreationactivity.yaml	97
Solutions/Microsoft Entra ID/Analytic Rules/SuspiciousSignInFollowedByMFAModification.yaml	85
Solutions/Microsoft Entra ID/Analytic Rules/UnusualGuestActivity.yaml	78
Solutions/Microsoft Entra ID/Analytic Rules/UserAccounts-CABlockedSigninSpikes.yaml	114
Solutions/Microsoft Entra ID/Analytic Rules/UserAssignedNewPrivilegedRole.yaml	85
Solutions/Microsoft Entra ID/Analytic Rules/UserAssignedPrivilegedRole.yaml	64
Solutions/Microsoft Entra ID/Analytic Rules/UseraddedtoPrivilgedGroups.yaml	57
Solutions/Microsoft Entra ID/Analytic Rules/nrt_FirstAppOrServicePrincipalCredential.yaml	90
Solutions/Microsoft Exchange Security - Exchange On-Premises/# - General Content/Solutions/ESICollector/OnlineDeployment/CollectExchSecIns.ps1	3543
Solutions/Microsoft Exchange Security - Exchange On-Premises/# - General Content/Solutions/ESICollector/OnlineDeployment/ExchangeOnlinePermSetup.ps1	36
Solutions/Microsoft Exchange Security - Exchange On-Premises/Analytic Rules/CriticalCmdletsUsageDetection.yaml	55
Solutions/Microsoft Exchange Security - Exchange On-Premises/Analytic Rules/ServerOrientedWithUserOrientedAdministration.yaml	77
Solutions/Microsoft Exchange Security - Exchange On-Premises/Parsers/ExchangeAdminAuditLogs.yaml	65
Solutions/Microsoft Exchange Security - Exchange On-Premises/Parsers/ExchangeConfiguration.yaml	82
Solutions/Microsoft Exchange Security - Exchange On-Premises/Parsers/ExchangeEnvironmentList.yaml	26
Solutions/Microsoft Exchange Security - Exchange On-Premises/Parsers/MESCheckVIP.yaml	29
Solutions/Microsoft Exchange Security - Exchange On-Premises/Parsers/MESCompareDataOnPMRA.yaml	183
Solutions/Microsoft Exchange Security - Exchange Online/# - General Content/Solutions/ESICollector/OnlineDeployment/CollectExchSecIns.ps1	3543
Solutions/Microsoft Exchange Security - Exchange Online/# - General Content/Solutions/ESICollector/OnlineDeployment/ExchangeOnlinePermSetup.ps1	36
Solutions/Microsoft Exchange Security - Exchange Online/Parsers/ExchangeConfiguration.yaml	330
Solutions/Microsoft Exchange Security - Exchange Online/Parsers/ExchangeEnvironmentList.yaml	26
Solutions/Microsoft Exchange Security - Exchange Online/Parsers/MESCheckOnlineVIP.yaml	25
Solutions/Microsoft Exchange Security - Exchange Online/Parsers/MESCompareDataMRA.yaml	187
Solutions/Microsoft Exchange Security - Exchange Online/Parsers/MESOfficeActivityLogs.yaml	62
Solutions/Microsoft Purview/Analytic Rules/MicrosoftPurviewSensitiveDataDiscovered.yaml	46
Solutions/Microsoft Purview/Analytic Rules/MicrosoftPurviewSensitiveDataDiscoveredCustom.yaml	48
Solutions/Microsoft Windows SQL Server Database Audit/Hunting Queries/SQL-Failed SQL Logons.yaml	44
Solutions/Microsoft Windows SQL Server Database Audit/Hunting Queries/SQL-MultipleFailedLogon_FromSameIP.yaml	50
Solutions/Microsoft Windows SQL Server Database Audit/Hunting Queries/SQL-MultipleFailedLogon_InShortSpan.yaml	50
Solutions/Microsoft Windows SQL Server Database Audit/Hunting Queries/SQL-New_UserCreated.yaml	48
Solutions/Microsoft Windows SQL Server Database Audit/Hunting Queries/SQL-UserAdded_to_SecurityAdmin.yaml	50
Solutions/Microsoft Windows SQL Server Database Audit/Hunting Queries/SQL-UserDeletedFromDatabase.yaml	52
Solutions/Microsoft Windows SQL Server Database Audit/Hunting Queries/SQL-UserRemovedFromSecurityAdmin.yaml	52
Solutions/Microsoft Windows SQL Server Database Audit/Hunting Queries/SQL-UserRemovedFromServerRole.yaml	51
Solutions/Microsoft Windows SQL Server Database Audit/Hunting Queries/SQL-UserRoleChanged.yaml	49
Solutions/MicrosoftDefenderForEndpoint/Analytic Rules/AquaBlizzardAVHits.yaml	58
Solutions/MicrosoftDefenderForEndpoint/Hunting Queries/MDE_Process-IOCs.yaml	55
Solutions/MicrosoftDefenderForEndpoint/Hunting Queries/MDE_Usage.yaml	58
Solutions/MicrosoftDefenderForEndpoint/Parsers/AssignedIPAddress.yaml	23
Solutions/MicrosoftDefenderForEndpoint/Parsers/Devicefromip.yaml	22
Solutions/MicrosoftPurviewInsiderRiskManagement/Analytic Rules/InsiderRiskHighUserAlertsCorrelation.yaml	101
Solutions/MicrosoftPurviewInsiderRiskManagement/Analytic Rules/InsiderRiskHighUserIncidentsCorrelation.yaml	96
Solutions/MicrosoftPurviewInsiderRiskManagement/Analytic Rules/InsiderRiskM365IRMAlertObserved.yaml	66
Solutions/MicrosoftPurviewInsiderRiskManagement/Analytic Rules/InsiderRiskSensitiveDataAccessOutsideOrgGeo.yaml	57
Solutions/MicrosoftPurviewInsiderRiskManagement/Analytic Rules/InsiderRiskyAccessByApplication.yaml	51
Solutions/MicrosoftPurviewInsiderRiskManagement/Hunting Queries/InsiderEntityAnomalyFollowedByIRMAlert.yaml	41
Solutions/MicrosoftPurviewInsiderRiskManagement/Hunting Queries/InsiderISPAnomalyCorrelatedToExfiltrationAlert.yaml	60
Solutions/MicrosoftPurviewInsiderRiskManagement/Hunting Queries/InsiderMultipleEntityAnomalies.yaml	46
Solutions/MicrosoftPurviewInsiderRiskManagement/Hunting Queries/InsiderPossibleSabotage.yaml	68
Solutions/MicrosoftPurviewInsiderRiskManagement/Hunting Queries/InsiderSignInRiskFollowedBySensitiveDataAccessyaml.yaml	43
Solutions/Mimecast/Analytic Rules/MimecastAudit/Mimecast_Audit.yaml	53
Solutions/Mimecast/Analytic Rules/MimecastSEG/MimecastCG_AV.yaml	45
Solutions/Mimecast/Analytic Rules/MimecastSEG/MimecastCG_Attachment.yaml	55
Solutions/Mimecast/Analytic Rules/MimecastSEG/MimecastCG_Impersonation.yaml	47
Solutions/Mimecast/Analytic Rules/MimecastSEG/MimecastCG_Internal_Mail_Protect.yaml	48
Solutions/Mimecast/Analytic Rules/MimecastSEG/MimecastCG_Spam_Event.yaml	45
Solutions/Mimecast/Analytic Rules/MimecastSEG/MimecastCG_Url_Protect.yaml	47
Solutions/Mimecast/Analytic Rules/MimecastSEG/MimecastCG_Virus.yaml	45
Solutions/Mimecast/Analytic Rules/MimecastSEG/MimecastDLP_Notifications.yaml	44
Solutions/Mimecast/Analytic Rules/MimecastSEG/MimecastDLP_hold.yaml	43
Solutions/Mimecast/Analytic Rules/MimecastTTP/Mimecast_TTP_Attachment.yaml	45
Solutions/Mimecast/Analytic Rules/MimecastTTP/Mimecast_TTP_Impersonation.yaml	48
Solutions/Mimecast/Analytic Rules/MimecastTTP/Mimecast_TTP_Url.yaml	53
Solutions/Mimecast/Data Connectors/MimecastAT/PerformanceDetails/__init__.py	15
Solutions/Mimecast/Data Connectors/MimecastAT/PerformanceDetails/mimecast_performance_details_to_sentinel.py	216
Solutions/Mimecast/Data Connectors/MimecastAT/SafeScoreDetails/__init__.py	15
Solutions/Mimecast/Data Connectors/MimecastAT/SafeScoreDetails/mimecast_safe_score_details_to_sentinel.py	213
Solutions/Mimecast/Data Connectors/MimecastAT/SharedCode/__init__.py	1
Solutions/Mimecast/Data Connectors/MimecastAT/SharedCode/consts.py	58
Solutions/Mimecast/Data Connectors/MimecastAT/SharedCode/logger.py	18
Solutions/Mimecast/Data Connectors/MimecastAT/SharedCode/mimecast_exception.py	6
Solutions/Mimecast/Data Connectors/MimecastAT/SharedCode/sentinel.py	249
Solutions/Mimecast/Data Connectors/MimecastAT/SharedCode/state_manager.py	30
Solutions/Mimecast/Data Connectors/MimecastAT/SharedCode/utils.py	751
Solutions/Mimecast/Data Connectors/MimecastAT/UserData/__init__.py	15
Solutions/Mimecast/Data Connectors/MimecastAT/UserData/mimecast_user_data_to_sentinel.py	233
Solutions/Mimecast/Data Connectors/MimecastAT/WatchlistDetails/__init__.py	15
Solutions/Mimecast/Data Connectors/MimecastAT/WatchlistDetails/mimecast_watchlist_details_to_sentinel.py	213
Solutions/Mimecast/Data Connectors/MimecastAudit/MimecastAudit/__init__.py	47
Solutions/Mimecast/Data Connectors/MimecastAudit/MimecastAudit/mimecast_audit_to_sentinel.py	474
Solutions/Mimecast/Data Connectors/MimecastAudit/SharedCode/__init__.py	1
Solutions/Mimecast/Data Connectors/MimecastAudit/SharedCode/consts.py	54
Solutions/Mimecast/Data Connectors/MimecastAudit/SharedCode/logger.py	18
Solutions/Mimecast/Data Connectors/MimecastAudit/SharedCode/mimecast_exception.py	6
Solutions/Mimecast/Data Connectors/MimecastAudit/SharedCode/sentinel.py	256
Solutions/Mimecast/Data Connectors/MimecastAudit/SharedCode/state_manager.py	30
Solutions/Mimecast/Data Connectors/MimecastAudit/SharedCode/utils.py	565
Solutions/Mimecast/Data Connectors/MimecastCloudIntegrated/MimecastCI/__init__.py	37
Solutions/Mimecast/Data Connectors/MimecastCloudIntegrated/MimecastCI/mimecast_ci_to_sentinel.py	553
Solutions/Mimecast/Data Connectors/MimecastCloudIntegrated/SharedCode/__init__.py	1
Solutions/Mimecast/Data Connectors/MimecastCloudIntegrated/SharedCode/consts.py	63
Solutions/Mimecast/Data Connectors/MimecastCloudIntegrated/SharedCode/logger.py	18
Solutions/Mimecast/Data Connectors/MimecastCloudIntegrated/SharedCode/mimecast_exception.py	6
Solutions/Mimecast/Data Connectors/MimecastCloudIntegrated/SharedCode/sentinel.py	318
Solutions/Mimecast/Data Connectors/MimecastCloudIntegrated/SharedCode/state_manager.py	30
Solutions/Mimecast/Data Connectors/MimecastCloudIntegrated/SharedCode/utils.py	628
Solutions/Mimecast/Data Connectors/MimecastSEG/MimecastCG/__init__.py	37
Solutions/Mimecast/Data Connectors/MimecastSEG/MimecastCG/mimecast_cg_to_sentinel.py	555
Solutions/Mimecast/Data Connectors/MimecastSEG/MimecastDLP/__init__.py	37
Solutions/Mimecast/Data Connectors/MimecastSEG/MimecastDLP/mimecast_dlp_to_sentinel.py	342
Solutions/Mimecast/Data Connectors/MimecastSEG/SharedCode/__init__.py	1
Solutions/Mimecast/Data Connectors/MimecastSEG/SharedCode/consts.py	69
Solutions/Mimecast/Data Connectors/MimecastSEG/SharedCode/logger.py	18
Solutions/Mimecast/Data Connectors/MimecastSEG/SharedCode/mimecast_exception.py	6
Solutions/Mimecast/Data Connectors/MimecastSEG/SharedCode/sentinel.py	386
Solutions/Mimecast/Data Connectors/MimecastSEG/SharedCode/state_manager.py	30
Solutions/Mimecast/Data Connectors/MimecastSEG/SharedCode/utils.py	625
Solutions/Mimecast/Data Connectors/MimecastTTP/MimecastTTPAttachment/__init__.py	38
Solutions/Mimecast/Data Connectors/MimecastTTP/MimecastTTPAttachment/mimecast_ttp_attachment.py	222
Solutions/Mimecast/Data Connectors/MimecastTTP/MimecastTTPImpersonation/__init__.py	38
Solutions/Mimecast/Data Connectors/MimecastTTP/MimecastTTPImpersonation/mimecast_ttp_impersonation.py	224
Solutions/Mimecast/Data Connectors/MimecastTTP/MimecastTTPUrl/__init__.py	38
Solutions/Mimecast/Data Connectors/MimecastTTP/MimecastTTPUrl/mimecast_ttp_url.py	219
Solutions/Mimecast/Data Connectors/MimecastTTP/SharedCode/__init__.py	1
Solutions/Mimecast/Data Connectors/MimecastTTP/SharedCode/consts.py	58
Solutions/Mimecast/Data Connectors/MimecastTTP/SharedCode/logger.py	18
Solutions/Mimecast/Data Connectors/MimecastTTP/SharedCode/mimecast_exception.py	6
Solutions/Mimecast/Data Connectors/MimecastTTP/SharedCode/sentinel.py	249
Solutions/Mimecast/Data Connectors/MimecastTTP/SharedCode/state_manager.py	30
Solutions/Mimecast/Data Connectors/MimecastTTP/SharedCode/utils.py	733
Solutions/Mimecast/Parsers/MimecastAT/Mimecast_AT_Performane_Detail.yaml	26
Solutions/Mimecast/Parsers/MimecastAT/Mimecast_AT_Safe_Score.yaml	27
Solutions/Mimecast/Parsers/MimecastAT/Mimecast_AT_User_Data.yaml	35
Solutions/Mimecast/Parsers/MimecastAT/Mimecast_AT_Watchlist.yaml	23
Solutions/Mimecast/Parsers/MimecastAudit/Mimecast_Audit.yaml	26
Solutions/Mimecast/Parsers/MimecastCI/Mimecast_Cloud_Integrated.yaml	79
Solutions/Mimecast/Parsers/MimecastSEG/Mimecast_SEG_CG.yaml	195
Solutions/Mimecast/Parsers/MimecastSEG/Mimecast_SEG_DLP.yaml	27
Solutions/Mimecast/Parsers/MimecastTTP/Mimecast_TTP_Attachment.yaml	35
Solutions/Mimecast/Parsers/MimecastTTP/Mimecast_TTP_Impersonation.yaml	37
Solutions/Mimecast/Parsers/MimecastTTP/Mimecast_TTP_Url.yaml	99
Solutions/MimecastAudit/Analytic Rules/MimecastAudit.yaml	51
Solutions/MimecastAudit/Data Connectors/GetAuditEvents/__init__.py	75
Solutions/MimecastAudit/Data Connectors/Helpers/azure_monitor_collector.py	38
Solutions/MimecastAudit/Data Connectors/Helpers/checkpoint_helper.py	43
Solutions/MimecastAudit/Data Connectors/Helpers/date_helper.py	20
Solutions/MimecastAudit/Data Connectors/Helpers/request_helper.py	121
Solutions/MimecastAudit/Data Connectors/Helpers/response_helper.py	54
Solutions/MimecastAudit/Data Connectors/Models/Enum/__init__.py	1
Solutions/MimecastAudit/Data Connectors/Models/Enum/mimecast_endpoints.py	3
Solutions/MimecastAudit/Data Connectors/Models/Enum/mimecast_response_codes.py	10
Solutions/MimecastAudit/Data Connectors/Models/Error/__init__.py	1
Solutions/MimecastAudit/Data Connectors/Models/Error/errors.py	14
Solutions/MimecastAudit/Data Connectors/Models/Request/__init__.py	1
Solutions/MimecastAudit/Data Connectors/Models/Request/get_audit_events.py	14
Solutions/MimecastAudit/Data Connectors/Models/Request/refresh_access_key.py	5
Solutions/MimecastAudit/Data Connectors/TransformData/audit_parser.py	27
Solutions/MimecastSEG/Analytic Rules/MimecastDLP.yaml	41
Solutions/MimecastSEG/Analytic Rules/MimecastDLP_Hold.yaml	40
Solutions/MimecastSEG/Analytic Rules/MimecastSIEM_AV.yaml	56
Solutions/MimecastSEG/Analytic Rules/MimecastSIEM_Attachment.yaml	54
Solutions/MimecastSEG/Analytic Rules/MimecastSIEM_Impersonation.yaml	60
Solutions/MimecastSEG/Analytic Rules/MimecastSIEM_Internal_Mail_Protect.yaml	52
Solutions/MimecastSEG/Analytic Rules/MimecastSIEM_Spam_Event.yaml	46
Solutions/MimecastSEG/Analytic Rules/MimecastSIEM_Url_Protect.yaml	52
Solutions/MimecastSEG/Analytic Rules/MimecastSIEM_Virus.yaml	54
Solutions/MimecastSEG/Data Connectors/GetDLPLogs/__init__.py	73
Solutions/MimecastSEG/Data Connectors/GetSIEMLogs/__init__.py	70
Solutions/MimecastSEG/Data Connectors/Helpers/azure_monitor_collector.py	40
Solutions/MimecastSEG/Data Connectors/Helpers/date_helper.py	20
Solutions/MimecastSEG/Data Connectors/Helpers/request_helper.py	106
Solutions/MimecastSEG/Data Connectors/Helpers/response_helper.py	49
Solutions/MimecastSEG/Data Connectors/Helpers/siem_response_helper.py	89
Solutions/MimecastSEG/Data Connectors/Models/Enum/__init__.py	1
Solutions/MimecastSEG/Data Connectors/Models/Enum/mimecast_endpoints.py	3
Solutions/MimecastSEG/Data Connectors/Models/Enum/mimecast_response_codes.py	10
Solutions/MimecastSEG/Data Connectors/Models/Enum/siem_types.py	11
Solutions/MimecastSEG/Data Connectors/Models/Error/__init__.py	1
Solutions/MimecastSEG/Data Connectors/Models/Error/errors.py	14
Solutions/MimecastSEG/Data Connectors/Models/Request/__init__.py	1
Solutions/MimecastSEG/Data Connectors/Models/Request/get_data_leak_protection_logs.py	18
Solutions/MimecastSEG/Data Connectors/Models/Request/get_siem_logs.py	13
Solutions/MimecastSEG/Data Connectors/Models/Request/refresh_access_key.py	5
Solutions/MimecastSEG/Data Connectors/TransformData/dlp_parser.py	11
Solutions/MimecastSEG/Data Connectors/TransformData/siem_parser.py	146
Solutions/MimecastTIRegional/Data Connectors/GetThreatIntelFeedRegional/__init__.py	38
Solutions/MimecastTIRegional/Data Connectors/Helpers/date_helper.py	25
Solutions/MimecastTIRegional/Data Connectors/Helpers/graph_api_collector.py	41
Solutions/MimecastTIRegional/Data Connectors/Helpers/property_mapper.py	28
Solutions/MimecastTIRegional/Data Connectors/Helpers/threat_intel_feed_request_helper.py	171
Solutions/MimecastTIRegional/Data Connectors/Helpers/threat_intel_feed_response_helper.py	104
Solutions/MimecastTIRegional/Data Connectors/Models/Enum/__init__.py	1
Solutions/MimecastTIRegional/Data Connectors/Models/Enum/mimecast_endpoints.py	2
Solutions/MimecastTIRegional/Data Connectors/Models/Enum/mimecast_response_codes.py	10
Solutions/MimecastTIRegional/Data Connectors/Models/Error/__init__.py	1
Solutions/MimecastTIRegional/Data Connectors/Models/Error/errors.py	14
Solutions/MimecastTIRegional/Data Connectors/Models/Request/__init__.py	6
Solutions/MimecastTIRegional/Data Connectors/Models/Request/get_threat_intel_feed.py	7
Solutions/MimecastTTP/Analytic Rules/MimecastTTPAttachment.yaml	47
Solutions/MimecastTTP/Analytic Rules/MimecastTTPImpersonation.yaml	43
Solutions/MimecastTTP/Analytic Rules/MimecastTTPUrl.yaml	50
Solutions/MimecastTTP/Data Connectors/GetTTPAttachment/__init__.py	78
Solutions/MimecastTTP/Data Connectors/GetTTPImpersonation/__init__.py	78
Solutions/MimecastTTP/Data Connectors/GetTTPUrl/__init__.py	74
Solutions/MimecastTTP/Data Connectors/Helpers/azure_monitor_collector.py	44
Solutions/MimecastTTP/Data Connectors/Helpers/date_helper.py	25
Solutions/MimecastTTP/Data Connectors/Helpers/request_helper.py	117
Solutions/MimecastTTP/Data Connectors/Helpers/response_helper.py	51
Solutions/MimecastTTP/Data Connectors/Models/Enum/__init__.py	1
Solutions/MimecastTTP/Data Connectors/Models/Enum/mimecast_endpoints.py	5
Solutions/MimecastTTP/Data Connectors/Models/Enum/mimecast_response_codes.py	10
Solutions/MimecastTTP/Data Connectors/Models/Error/__init__.py	1
Solutions/MimecastTTP/Data Connectors/Models/Error/errors.py	14
Solutions/MimecastTTP/Data Connectors/Models/Request/__init__.py	6
Solutions/MimecastTTP/Data Connectors/Models/Request/get_ttp_attachment_logs.py	8
Solutions/MimecastTTP/Data Connectors/Models/Request/get_ttp_impersonation_logs.py	8
Solutions/MimecastTTP/Data Connectors/Models/Request/get_ttp_url_logs.py	8
Solutions/MimecastTTP/Data Connectors/Models/Request/refresh_access_key.py	5
Solutions/MimecastTTP/Data Connectors/TransformData/ttp_attachment_parser.py	13
Solutions/MimecastTTP/Data Connectors/TransformData/ttp_impersonation_parser.py	13
Solutions/MimecastTTP/Data Connectors/TransformData/ttp_url_parser.py	13
Solutions/MongoDBAudit/Parsers/MongoDBAudit.yaml	31
Solutions/Morphisec/Parsers/Morphisec.yaml	27
Solutions/Mulesoft/Data Connectors/MuleSoftCloudhubSentinelConnector/__init__.py	109
Solutions/Mulesoft/Data Connectors/MuleSoftCloudhubSentinelConnector/rest_api.py	43
Solutions/Mulesoft/Data Connectors/MuleSoftCloudhubSentinelConnector/state_manager.py	18
Solutions/Mulesoft/Parsers/MuleSoftCloudhub.yaml	40
Solutions/Multi Cloud Attack Coverage Essentials - Resource Abuse/Analytic Rules/BrutforceAttemptOnAzurePortalAndAWSConsolAtSameTime.yaml	104
Solutions/Multi Cloud Attack Coverage Essentials - Resource Abuse/Analytic Rules/Cross-CloudSuspiciousComputeResourcecreationinGCP.yaml	179
Solutions/Multi Cloud Attack Coverage Essentials - Resource Abuse/Analytic Rules/CrossCloudSuspiciousUserActivityObservedInGCPEnvourment.yaml	151
Solutions/Multi Cloud Attack Coverage Essentials - Resource Abuse/Analytic Rules/CrossCloudUnauthorizedCredentialsAccessDetection.yaml	147
Solutions/Multi Cloud Attack Coverage Essentials - Resource Abuse/Analytic Rules/SuccessfulAWSConsoleLoginfromIPAddressObservedConductingPasswordSpray.yaml	125
Solutions/Multi Cloud Attack Coverage Essentials - Resource Abuse/Analytic Rules/SuspiciousAWSConsolLoginByCredentialAceessAlerts.yaml	130
Solutions/Multi Cloud Attack Coverage Essentials - Resource Abuse/Analytic Rules/Unauthorized_user_access_across_AWS_and_Azure.yaml	145
Solutions/Multi Cloud Attack Coverage Essentials - Resource Abuse/Analytic Rules/UserImpersonateByAAID.yaml	28
Solutions/Multi Cloud Attack Coverage Essentials - Resource Abuse/Analytic Rules/UserImpersonateByRiskyUser.yaml	72
Solutions/NGINX HTTP Server/Analytic Rules/NGINXCommandsInRequest.yaml	31
Solutions/NGINX HTTP Server/Analytic Rules/NGINXCoreDump.yaml	30
Solutions/NGINX HTTP Server/Analytic Rules/NGINXDifferentUAsFromSingleIP.yaml	33
Solutions/NGINX HTTP Server/Analytic Rules/NGINXMultipleClientErrorsFromSingleIP.yaml	33
Solutions/NGINX HTTP Server/Analytic Rules/NGINXMultipleServerErrorsFromSingleIP.yaml	35
Solutions/NGINX HTTP Server/Analytic Rules/NGINXPrivateIPinUrl.yaml	30
Solutions/NGINX HTTP Server/Analytic Rules/NGINXPutAndGetFileFromSameIP.yaml	44
Solutions/NGINX HTTP Server/Analytic Rules/NGINXRequestToSensitiveFiles.yaml	35
Solutions/NGINX HTTP Server/Analytic Rules/NGINXSqlPattern.yaml	34
Solutions/NGINX HTTP Server/Hunting Queries/NGINXAbnormalRequestSize.yaml	32
Solutions/NGINX HTTP Server/Hunting Queries/NGINXRareFilesRequested.yaml	27
Solutions/NGINX HTTP Server/Hunting Queries/NGINXRareURLsRequested.yaml	25
Solutions/NGINX HTTP Server/Hunting Queries/NGINXRequestsFromBotsCrawlers.yaml	23
Solutions/NGINX HTTP Server/Hunting Queries/NGINXRequestsToUnexistingFiles.yaml	26
Solutions/NGINX HTTP Server/Hunting Queries/NGINXTopFilesRequested.yaml	27
Solutions/NGINX HTTP Server/Hunting Queries/NGINXTopFilesWithErrorRequests.yaml	28
Solutions/NGINX HTTP Server/Hunting Queries/NGINXTopURLsClientErrors.yaml	28
Solutions/NGINX HTTP Server/Hunting Queries/NGINXTopURLsServerErrors.yaml	28
Solutions/NGINX HTTP Server/Hunting Queries/NGINXUncommonUAsString.yaml	25
Solutions/NGINX HTTP Server/Parsers/NGINXHTTPServer.yaml	60
Solutions/NXLogAixAudit/Parsers/NXLog_parsed_AIX_Audit_view.yaml	33
Solutions/NXLogDnsLogs/Parsers/ASimDnsMicrosoftNXLog.yaml	11
Solutions/Nasuni/Analytic Rules/RansomwareAttackDetected.yaml	50
Solutions/Nasuni/Analytic Rules/RansomwareClientBlocked.yaml	47
Solutions/Nasuni/Hunting Queries/FileDeleteEvents.yaml	71
Solutions/NetClean ProActive/Analytic Rules/NetClean_Sentinel_analytic_rule.yaml	45
Solutions/Netskope/Data Connectors/Netskope/AzureFunctionNetskope/run.ps1	388
Solutions/Netskope/Data Connectors/Netskope/profile.ps1	18
Solutions/Netskope/Data Connectors/Netskope/requirements.psd1	7
Solutions/Netskope/Parsers/Netskope.yaml	288
Solutions/Netskopev2/Analytic Rules/NetskopeWebTxErrors.yaml	38
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/NetskopeToAzureStorage/__init__.py	15
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/NetskopeToAzureStorage/netskope_api_async.py	164
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/NetskopeToAzureStorage/netskope_to_azure_storage.py	699
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/SharedCode/__init__.py	1
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/SharedCode/consts.py	25
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/SharedCode/logger.py	21
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/SharedCode/netskope_exception.py	3
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/SharedCode/state_manager.py	49
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/SharedCode/utils.py	20
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/SharedCode/validate_params.py	53
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/StorageToSentinel/__init__.py	43
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/StorageToSentinel/netskope_azure_storage_to_sentinel.py	320
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/StorageToSentinel/remove_duplicates_in_azure_storage.py	411
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/StorageToSentinel/sentinel.py	93
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/WebTxMetrics/__init__.py	10
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/WebTxMetrics/ingest_message.py	125
Solutions/Netskopev2/Data Connectors/NetskopeDataConnector/WebTxMetrics/sentinel.py	93
Solutions/Netskopev2/Parsers/AlertsCompromisedCredential.yaml	102
Solutions/Netskopev2/Parsers/AlertsCtep.yaml	153
Solutions/Netskopev2/Parsers/AlertsDLP.yaml	319
Solutions/Netskopev2/Parsers/AlertsMalsite.yaml	261
Solutions/Netskopev2/Parsers/AlertsMalware.yaml	289
Solutions/Netskopev2/Parsers/AlertsPolicy.yaml	447
Solutions/Netskopev2/Parsers/AlertsQuarantine.yaml	157
Solutions/Netskopev2/Parsers/AlertsRemediation.yaml	205
Solutions/Netskopev2/Parsers/AlertsSecurityAssessment.yaml	129
Solutions/Netskopev2/Parsers/AlertsUba.yaml	326
Solutions/Netskopev2/Parsers/EventIncident.yaml	134
Solutions/Netskopev2/Parsers/EventsApplication.yaml	323
Solutions/Netskopev2/Parsers/EventsAudit.yaml	63
Solutions/Netskopev2/Parsers/EventsConnection.yaml	131
Solutions/Netskopev2/Parsers/EventsNetwork.yaml	165
Solutions/Netskopev2/Parsers/EventsPage.yaml	203
Solutions/Netskopev2/Parsers/NetskopeWebTransactions.yaml	333
Solutions/Network Session Essentials/Analytic Rules/Anomaly in SMB Traffic(ASIM Network Session schema).yaml	53
Solutions/Network Session Essentials/Analytic Rules/AnomalyFoundInNetworkSessionTraffic.yaml	192
Solutions/Network Session Essentials/Analytic Rules/DetectPortMisuseByAnomalyBasedDetection.yaml	192
Solutions/Network Session Essentials/Analytic Rules/DetectPortMisuseByStaticThreshold.yaml	151
Solutions/Network Session Essentials/Analytic Rules/ExcessiveHTTPFailuresFromSource.yaml	94
Solutions/Network Session Essentials/Analytic Rules/NetworkPortSweepFromExternalNetwork.yaml	91
Solutions/Network Session Essentials/Analytic Rules/PortScan.yaml	95
Solutions/Network Session Essentials/Analytic Rules/PossibleBeaconingActivity.yaml	107
Solutions/Network Session Essentials/Analytic Rules/Remote Desktop Network Brute force (ASIM Network Session schema).yaml	39
Solutions/Network Session Essentials/Hunting Queries/Detect Outbound LDAP Traffic(ASIM Network Session schema).yaml	26
Solutions/Network Session Essentials/Hunting Queries/DetectPortMisuseByAnomalyHunting.yaml	173
Solutions/Network Session Essentials/Hunting Queries/DetectPortMisuseByStaticThresholdHunting.yaml	131
Solutions/Network Session Essentials/Hunting Queries/DetectsSeveralUsersWithTheSameMACAddress.yaml	72
Solutions/Network Session Essentials/Hunting Queries/MismatchBetweenDestinationAppNameAndDestinationPort.yaml	86
Solutions/Network Session Essentials/Hunting Queries/Protocols passing authentication in cleartext (ASIM Network Session schema).yaml	35
Solutions/Network Session Essentials/Hunting Queries/Remote Desktop Network Traffic(ASIM Network Session schema).yaml	30
Solutions/Network Threat Protection Essentials/Analytic Rules/NetworkEndpointCorrelation.yaml	49
Solutions/Network Threat Protection Essentials/Analytic Rules/NewUserAgentLast24h.yaml	84
Solutions/Network Threat Protection Essentials/Hunting Queries/B64IPInURL.yaml	73
Solutions/Network Threat Protection Essentials/Hunting Queries/RiskyCommandB64EncodedInUrl.yaml	73
Solutions/Netwrix Auditor/Parsers/NetwrixAuditor.yaml	34
Solutions/Neustar IP GeoPoint/Playbooks/NeustarIPGeoPoint_FunctionAppConnector/GetIPGeoInfo/__init__.py	71
Solutions/NozomiNetworks/Parsers/NozomiNetworksEvents.yaml	42
Solutions/OSSEC/Parsers/OSSECEvent.yaml	58
Solutions/Okta Single Sign-On/Analytic Rules/DeviceRegistrationMaliciousIP.yaml	50
Solutions/Okta Single Sign-On/Analytic Rules/FailedLoginsFromUnknownOrInvalidUser.yaml	44
Solutions/Okta Single Sign-On/Analytic Rules/HighRiskAdminActivity.yaml	51
Solutions/Okta Single Sign-On/Analytic Rules/LoginfromUsersfromDifferentCountrieswithin3hours.yaml	37
Solutions/Okta Single Sign-On/Analytic Rules/MFAFatigue.yaml	49
Solutions/Okta Single Sign-On/Analytic Rules/NewDeviceLocationCriticalOperation.yaml	61
Solutions/Okta Single Sign-On/Analytic Rules/PasswordSpray.yaml	40
Solutions/Okta Single Sign-On/Analytic Rules/PhishingDetection.yaml	47
Solutions/Okta Single Sign-On/Analytic Rules/UserSessionImpersonation.yaml	46
Solutions/Okta Single Sign-On/Data Connectors/OktaSingleSign-On/AzureFunctionOktaSSO_V2/AzureFunctionOktaSSO/run.ps1	167
Solutions/Okta Single Sign-On/Data Connectors/OktaSingleSign-On/AzureFunctionOktaSSO_V2/profile.ps1	18
Solutions/Okta Single Sign-On/Data Connectors/OktaSingleSign-On/AzureFunctionOktaSSO_V2/requirements.psd1	8
Solutions/Okta Single Sign-On/Hunting Queries/AdminPrivilegeGrant.yaml	37
Solutions/Okta Single Sign-On/Hunting Queries/CreateAPIToken.yaml	26
Solutions/Okta Single Sign-On/Hunting Queries/ImpersonationSession.yaml	31
Solutions/Okta Single Sign-On/Hunting Queries/LegacyAuthentication.yaml	37
Solutions/Okta Single Sign-On/Hunting Queries/LoginFromMultipleLocations.yaml	68
Solutions/Okta Single Sign-On/Hunting Queries/LoginNordVPN.yaml	41
Solutions/Okta Single Sign-On/Hunting Queries/LoginsVPSProvider.yaml	41
Solutions/Okta Single Sign-On/Hunting Queries/NewDeviceRegistration.yaml	51
Solutions/Okta Single Sign-On/Hunting Queries/RareMFAOperation.yaml	42
Solutions/Okta Single Sign-On/Hunting Queries/UserPasswordReset.yaml	30
Solutions/Okta Single Sign-On/Parsers/OktaSSO.yaml	157
Solutions/OneIdentity/Parsers/OneIdentity_Safeguard.yaml	45
Solutions/OneLoginIAM/Data Connectors/OneLoginWebhooksTrigger/__init__.py	80
Solutions/OneLoginIAM/Parsers/OneLogin.yaml	589
Solutions/OpenVPN/Parsers/OpenVpnEvent.yaml	34
Solutions/Oracle Cloud Infrastructure/Analytic Rules/OCIDiscoveryActivity.yaml	32
Solutions/Oracle Cloud Infrastructure/Analytic Rules/OCIEventRuleDeleted.yaml	29
Solutions/Oracle Cloud Infrastructure/Analytic Rules/OCIInboundSSHConnection.yaml	33
Solutions/Oracle Cloud Infrastructure/Analytic Rules/OCIInsecureMetadataEndpoint.yaml	30
Solutions/Oracle Cloud Infrastructure/Analytic Rules/OCIMetadataEndpointIpAccess.yaml	31
Solutions/Oracle Cloud Infrastructure/Analytic Rules/OCIMultipleInstancesLaunched.yaml	32
Solutions/Oracle Cloud Infrastructure/Analytic Rules/OCIMultipleInstancesTerminated.yaml	32
Solutions/Oracle Cloud Infrastructure/Analytic Rules/OCIMultipleRejects.yaml	47
Solutions/Oracle Cloud Infrastructure/Analytic Rules/OCISSHScan.yaml	36
Solutions/Oracle Cloud Infrastructure/Analytic Rules/OCIUnexpectedUserAgent.yaml	30
Solutions/Oracle Cloud Infrastructure/Data Connectors/AzureFunctionOCILogs/main.py	163
Solutions/Oracle Cloud Infrastructure/Data Connectors/AzureFunctionOCILogs/sentinel_connector.py	100
Solutions/Oracle Cloud Infrastructure/Hunting Queries/OCIDestinationsIn.yaml	27
Solutions/Oracle Cloud Infrastructure/Hunting Queries/OCIDestinationsOut.yaml	27
Solutions/Oracle Cloud Infrastructure/Hunting Queries/OCILaunchedInstances.yaml	23
Solutions/Oracle Cloud Infrastructure/Hunting Queries/OCIUpdateActivities.yaml	24
Solutions/Oracle Cloud Infrastructure/Hunting Queries/OCIUserDeleteActions.yaml	23
Solutions/Oracle Cloud Infrastructure/Hunting Queries/OCIUserDeletedUsers.yaml	23
Solutions/Oracle Cloud Infrastructure/Hunting Queries/OCIUserNewUsers.yaml	24
Solutions/Oracle Cloud Infrastructure/Hunting Queries/OCIUserSources.yaml	24
Solutions/Oracle Cloud Infrastructure/Hunting Queries/OCIUserTerminatedInstances.yaml	23
Solutions/Oracle Cloud Infrastructure/Hunting Queries/OCIUserUpdatedInstances.yaml	23
Solutions/Oracle Cloud Infrastructure/Parsers/OCILogs.yaml	29
Solutions/OracleDatabaseAudit/Analytic Rules/OracleDBAuditConnectFromExternalIp.yaml	43
Solutions/OracleDatabaseAudit/Analytic Rules/OracleDBAuditDropManyTables.yaml	36
Solutions/OracleDatabaseAudit/Analytic Rules/OracleDBAuditForbiddenSrcIpAddr.yaml	38
Solutions/OracleDatabaseAudit/Analytic Rules/OracleDBAuditNewIpForUser.yaml	46
Solutions/OracleDatabaseAudit/Analytic Rules/OracleDBAuditNewUserDetected.yaml	40
Solutions/OracleDatabaseAudit/Analytic Rules/OracleDBAuditQueryOnSensitiveTable.yaml	35
Solutions/OracleDatabaseAudit/Analytic Rules/OracleDBAuditRareUserActivity.yaml	47
Solutions/OracleDatabaseAudit/Analytic Rules/OracleDBAuditSQLInjectionPatterns.yaml	36
Solutions/OracleDatabaseAudit/Analytic Rules/OracleDBAuditSelectOnManyTables.yaml	36
Solutions/OracleDatabaseAudit/Analytic Rules/OracleDBAuditShutdownServer.yaml	36
Solutions/OracleDatabaseAudit/Hunting Queries/OracleDBAuditActionsByIp.yaml	35
Solutions/OracleDatabaseAudit/Hunting Queries/OracleDBAuditActionsByUser.yaml	35
Solutions/OracleDatabaseAudit/Hunting Queries/OracleDBAuditActiveUsers.yaml	25
Solutions/OracleDatabaseAudit/Hunting Queries/OracleDBAuditDbConnectNonOperationalTime.yaml	39
Solutions/OracleDatabaseAudit/Hunting Queries/OracleDBAuditDroppedTables.yaml	27
Solutions/OracleDatabaseAudit/Hunting Queries/OracleDBAuditInactiveUsers.yaml	38
Solutions/OracleDatabaseAudit/Hunting Queries/OracleDBAuditLargeQueries.yaml	34
Solutions/OracleDatabaseAudit/Hunting Queries/OracleDBAuditListOfTablesQueried.yaml	29
Solutions/OracleDatabaseAudit/Hunting Queries/OracleDBAuditUsersNewPrivilegesAdded.yaml	33
Solutions/OracleDatabaseAudit/Hunting Queries/OracleDBAuditUsersPrivilegesReview.yaml	26
Solutions/OracleDatabaseAudit/Parsers/OracleDatabaseAuditEvent.yaml	221
Solutions/OracleWebLogicServer/Analytic Rules/OracleWebLogicCommandInURI.yaml	30
Solutions/OracleWebLogicServer/Analytic Rules/OracleWebLogicDifferentUAsFromSingleIP.yaml	33
Solutions/OracleWebLogicServer/Analytic Rules/OracleWebLogicExploitCVE-2021-2109.yaml	30
Solutions/OracleWebLogicServer/Analytic Rules/OracleWebLogicMultipleClientErrorsFromSingleIP.yaml	33
Solutions/OracleWebLogicServer/Analytic Rules/OracleWebLogicMultipleServerErrorsRequestsFromSingleIP.yaml	35
Solutions/OracleWebLogicServer/Analytic Rules/OracleWebLogicPrivateIpInUrl.yaml	35
Solutions/OracleWebLogicServer/Analytic Rules/OracleWebLogicPutAndGetFileFromSameIP.yaml	44
Solutions/OracleWebLogicServer/Analytic Rules/OracleWebLogicPutSuspiciousFiles.yaml	43
Solutions/OracleWebLogicServer/Analytic Rules/OracleWebLogicRequestToSensitiveFiles.yaml	36
Solutions/OracleWebLogicServer/Hunting Queries/OracleWebLogic403RequestsFiles.yaml	25
Solutions/OracleWebLogicServer/Hunting Queries/OracleWebLogicAbnormalRequestSize.yaml	32
Solutions/OracleWebLogicServer/Hunting Queries/OracleWebLogicCriticalEventSeverity.yaml	29
Solutions/OracleWebLogicServer/Hunting Queries/OracleWebLogicErrors.yaml	22
Solutions/OracleWebLogicServer/Hunting Queries/OracleWebLogicFilesErrorRequests.yaml	28
Solutions/OracleWebLogicServer/Hunting Queries/OracleWebLogicRareUAWithClientErrors.yaml	27
Solutions/OracleWebLogicServer/Hunting Queries/OracleWebLogicRareURLsRequested.yaml	25
Solutions/OracleWebLogicServer/Hunting Queries/OracleWebLogicUncommonUserAgents.yaml	26
Solutions/OracleWebLogicServer/Hunting Queries/OracleWebLogicUrlClienterrors.yaml	28
Solutions/OracleWebLogicServer/Hunting Queries/OracleWebLogicUrlServerErrors.yaml	28
Solutions/OracleWebLogicServer/Parsers/OracleWebLogicServerEvent.yaml	79
Solutions/PDNS Block Data Connector/DataConnectors/block-data-connector/__init__.py	101
Solutions/PDNS Block Data Connector/DataConnectors/block-data-connector/fetch_data.py	75
Solutions/PDNS Block Data Connector/DataConnectors/block-data-connector/state_manager.py	16
Solutions/Palo Alto - XDR (Cortex)/Detection Queries/Preventive Alerts.yaml	52
Solutions/Palo Alto - XDR (Cortex)/Detection Queries/WildFire Malware Detection.yaml	36
Solutions/PaloAlto-PAN-OS/Analytic Rules/FileHashEntity_Covid19_CommonSecurityLog.yaml	70
Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-NetworkBeaconing.yaml	65
Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-PortScanning.yaml	65
Solutions/PaloAlto-PAN-OS/Analytic Rules/PaloAlto-UnusualThreatSignatures.yaml	57
Solutions/PaloAlto-PAN-OS/Hunting Queries/Palo Alto - potential beaconing detected.yaml	61
Solutions/PaloAlto-PAN-OS/Hunting Queries/PaloAlto-HighRiskPorts.yaml	112
Solutions/PaloAltoCDL/Analytic Rules/PaloAltoCDLConflictingMacAddress.yaml	39
Solutions/PaloAltoCDL/Analytic Rules/PaloAltoCDLDroppingSessionWithSentTraffic.yaml	40
Solutions/PaloAltoCDL/Analytic Rules/PaloAltoCDLFileTypeWasChanged.yaml	36
Solutions/PaloAltoCDL/Analytic Rules/PaloAltoCDLInboundRiskPorts.yaml	33
Solutions/PaloAltoCDL/Analytic Rules/PaloAltoCDLPossibleAttackWithoutResponse.yaml	39
Solutions/PaloAltoCDL/Analytic Rules/PaloAltoCDLPossibleFlooding.yaml	36
Solutions/PaloAltoCDL/Analytic Rules/PaloAltoCDLPossiblePortScan.yaml	33
Solutions/PaloAltoCDL/Analytic Rules/PaloAltoCDLPrivilegesWasChanged.yaml	38
Solutions/PaloAltoCDL/Analytic Rules/PaloAltoCDLPutMethodInHighRiskFileType.yaml	34
Solutions/PaloAltoCDL/Analytic Rules/PaloAltoCDLUnexpectedCountries.yaml	37
Solutions/PaloAltoCDL/Hunting Queries/PaloAltoCDLCriticalEventResult.yaml	28
Solutions/PaloAltoCDL/Hunting Queries/PaloAltoCDLFilePermissionWithPutRequest.yaml	26
Solutions/PaloAltoCDL/Hunting Queries/PaloAltoCDLIPsByPorts.yaml	25
Solutions/PaloAltoCDL/Hunting Queries/PaloAltoCDLIncompleteApplicationProtocol.yaml	28
Solutions/PaloAltoCDL/Hunting Queries/PaloAltoCDLMultiDenyResultbyUser.yaml	27
Solutions/PaloAltoCDL/Hunting Queries/PaloAltoCDLOutdatedAgentVersions.yaml	27
Solutions/PaloAltoCDL/Hunting Queries/PaloAltoCDLOutdatedConfigVersions.yaml	27
Solutions/PaloAltoCDL/Hunting Queries/PaloAltoCDLRareApplicationLayerProtocol.yaml	26
Solutions/PaloAltoCDL/Hunting Queries/PaloAltoCDLRareFileRequests.yaml	26
Solutions/PaloAltoCDL/Hunting Queries/PaloAltoCDLRarePortsbyUser.yaml	30
Solutions/PaloAltoPrismaCloud/Analytic Rules/PaloAltoPrismaCloudAclAccessKeysNotRotated.yaml	31
Solutions/PaloAltoPrismaCloud/Analytic Rules/PaloAltoPrismaCloudAclAllowAllOut.yaml	31
Solutions/PaloAltoPrismaCloud/Analytic Rules/PaloAltoPrismaCloudAclAllowInToAdminPort.yaml	31
Solutions/PaloAltoPrismaCloud/Analytic Rules/PaloAltoPrismaCloudAclInAllowAll.yaml	31
Solutions/PaloAltoPrismaCloud/Analytic Rules/PaloAltoPrismaCloudAnomalousApiKeyActivity.yaml	34
Solutions/PaloAltoPrismaCloud/Analytic Rules/PaloAltoPrismaCloudHighRiskScoreAlert.yaml	33
Solutions/PaloAltoPrismaCloud/Analytic Rules/PaloAltoPrismaCloudHighSeverityAlertOpenedForXDays.yaml	40
Solutions/PaloAltoPrismaCloud/Analytic Rules/PaloAltoPrismaCloudIamAdminGroup.yaml	31
Solutions/PaloAltoPrismaCloud/Analytic Rules/PaloAltoPrismaCloudInactiveUser.yaml	30
Solutions/PaloAltoPrismaCloud/Analytic Rules/PaloAltoPrismaCloudMaxRiskScoreAlert.yaml	31
Solutions/PaloAltoPrismaCloud/Analytic Rules/PaloAltoPrismaCloudMultipleFailedLoginsUser.yaml	34
Solutions/PaloAltoPrismaCloud/Data Connectors/AzureFunctionPrismaCloud/main.py	193
Solutions/PaloAltoPrismaCloud/Data Connectors/AzureFunctionPrismaCloud/sentinel_connector_async.py	101
Solutions/PaloAltoPrismaCloud/Data Connectors/AzureFunctionPrismaCloud/state_manager_async.py	34
Solutions/PaloAltoPrismaCloud/Hunting Queries/PaloAltoPrismaCloudAccessKeysUsed.yaml	30
Solutions/PaloAltoPrismaCloud/Hunting Queries/PaloAltoPrismaCloudFailedLoginsSources.yaml	26
Solutions/PaloAltoPrismaCloud/Hunting Queries/PaloAltoPrismaCloudFailedLoginsUsers.yaml	26
Solutions/PaloAltoPrismaCloud/Hunting Queries/PaloAltoPrismaCloudHighRiskScoreOpenedAlerts.yaml	27
Solutions/PaloAltoPrismaCloud/Hunting Queries/PaloAltoPrismaCloudHighSeverityAlerts.yaml	24
Solutions/PaloAltoPrismaCloud/Hunting Queries/PaloAltoPrismaCloudNewUsers.yaml	31
Solutions/PaloAltoPrismaCloud/Hunting Queries/PaloAltoPrismaCloudOpenedAlerts.yaml	24
Solutions/PaloAltoPrismaCloud/Hunting Queries/PaloAltoPrismaCloudTopResources.yaml	25
Solutions/PaloAltoPrismaCloud/Hunting Queries/PaloAltoPrismaCloudUpdatedResources.yaml	23
Solutions/PaloAltoPrismaCloud/Parsers/PaloAltoPrismaCloud.yaml	168
Solutions/PingFederate/Analytic Rules/PingFederateAbnormalPasswordResetsAttempts.yaml	32
Solutions/PingFederate/Analytic Rules/PingFederateAuthFromNewSource.yaml	42
Solutions/PingFederate/Analytic Rules/PingFederateForbiddenCountry.yaml	36
Solutions/PingFederate/Analytic Rules/PingFederateMultiplePasswordResetsForUser.yaml	36
Solutions/PingFederate/Analytic Rules/PingFederateNewUserSSO.yaml	38
Solutions/PingFederate/Analytic Rules/PingFederateOauthOld.yaml	38
Solutions/PingFederate/Analytic Rules/PingFederatePasswordRstReqUnexpectedSource.yaml	41
Solutions/PingFederate/Analytic Rules/PingFederateSamlOld.yaml	38
Solutions/PingFederate/Analytic Rules/PingFederateUnexpectedAuthUrl.yaml	44
Solutions/PingFederate/Analytic Rules/PingFederateUnexpectedUserCountry.yaml	40
Solutions/PingFederate/Analytic Rules/PingFederateUnusualMailDomain.yaml	44
Solutions/PingFederate/Hunting Queries/PingFederateAuthUrls.yaml	25
Solutions/PingFederate/Hunting Queries/PingFederateFailedAuthentications.yaml	25
Solutions/PingFederate/Hunting Queries/PingFederateNewUsers.yaml	29
Solutions/PingFederate/Hunting Queries/PingFederatePasswordResetRequests.yaml	30
Solutions/PingFederate/Hunting Queries/PingFederateRareSources.yaml	25
Solutions/PingFederate/Hunting Queries/PingFederateSAMLSubjects.yaml	25
Solutions/PingFederate/Hunting Queries/PingFederateTopSources.yaml	24
Solutions/PingFederate/Hunting Queries/PingFederateUnusualCountry.yaml	34
Solutions/PingFederate/Hunting Queries/PingFederateUnusualSources.yaml	29
Solutions/PingFederate/Hunting Queries/PingFederateUsersPaswordsReset.yaml	25
Solutions/PingFederate/Parsers/PingFederateEvent.yaml	53
Solutions/PostgreSQL/Parsers/PostgreSQLEvent.yaml	20
Solutions/Prancer PenSuiteAI Integration/Analytic Rules/Disks_High_Severity.yaml	52
Solutions/Prancer PenSuiteAI Integration/Analytic Rules/Flow_Logs_High_Severity.yaml	52
Solutions/Prancer PenSuiteAI Integration/Analytic Rules/Network_Security_Groups_High_Severity.yaml	52
Solutions/Prancer PenSuiteAI Integration/Analytic Rules/PAC_High_Severity.yaml	60
Solutions/Prancer PenSuiteAI Integration/Analytic Rules/Registries_High_Severity.yaml	52
Solutions/Prancer PenSuiteAI Integration/Analytic Rules/Sites_High_Severity.yaml	52
Solutions/Prancer PenSuiteAI Integration/Analytic Rules/Storage_Accounts_High_Severity.yaml	52
Solutions/Prancer PenSuiteAI Integration/Analytic Rules/Subnets_High_Severity.yaml	52
Solutions/Prancer PenSuiteAI Integration/Analytic Rules/VM_High_Severity.yaml	52
Solutions/Prancer PenSuiteAI Integration/Analytic Rules/Vaults_High_Severity.yaml	52
Solutions/Prancer PenSuiteAI Integration/Analytic Rules/Virtual_Networks_High_Severity.yaml	52
Solutions/Prancer PenSuiteAI Integration/Hunting Queries/CSPM_query.yaml	36
Solutions/Prancer PenSuiteAI Integration/Hunting Queries/PAC_high_severity_query.yaml	39
Solutions/ProofPointTap/Analytic Rules/MalwareAttachmentDelivered.yaml	52
Solutions/ProofPointTap/Analytic Rules/MalwareLinkClicked.yaml	52
Solutions/ProofPointTap/Data Connectors/AzureFunctionProofpointTAP/run.ps1	155
Solutions/ProofPointTap/Data Connectors/profile.ps1	18
Solutions/ProofPointTap/Data Connectors/requirements.psd1	7
Solutions/ProofPointTap/Parsers/ProofpointTAPEvent.yaml	42
Solutions/Proofpoint On demand(POD) Email Security/Analytic Rules/ProofpointPODBinaryInAttachment.yaml	39
Solutions/Proofpoint On demand(POD) Email Security/Analytic Rules/ProofpointPODDataExfiltrationToPrivateEmail.yaml	40
Solutions/Proofpoint On demand(POD) Email Security/Analytic Rules/ProofpointPODEmailSenderIPinTIList.yaml	60
Solutions/Proofpoint On demand(POD) Email Security/Analytic Rules/ProofpointPODEmailSenderInTIList.yaml	52
Solutions/Proofpoint On demand(POD) Email Security/Analytic Rules/ProofpointPODHighRiskNotDiscarded.yaml	35
Solutions/Proofpoint On demand(POD) Email Security/Analytic Rules/ProofpointPODMultipleArchivedAttachmentsToSameRecipient.yaml	38
Solutions/Proofpoint On demand(POD) Email Security/Analytic Rules/ProofpointPODMultipleLargeEmailsToSameRecipient.yaml	37
Solutions/Proofpoint On demand(POD) Email Security/Analytic Rules/ProofpointPODMultipleProtectedEmailsToUnknownRecipient.yaml	49
Solutions/Proofpoint On demand(POD) Email Security/Analytic Rules/ProofpointPODSuspiciousAttachment.yaml	36
Solutions/Proofpoint On demand(POD) Email Security/Analytic Rules/ProofpointPODWeakCiphers.yaml	32
Solutions/Proofpoint On demand(POD) Email Security/Data Connectors/ProofpointSentinelConnector/__init__.py	165
Solutions/Proofpoint On demand(POD) Email Security/Data Connectors/ProofpointSentinelConnector/sentinel_connector.py	100
Solutions/Proofpoint On demand(POD) Email Security/Hunting Queries/ProofpointPODHighScoreAdultValue.yaml	16
Solutions/Proofpoint On demand(POD) Email Security/Hunting Queries/ProofpointPODHighScoreMalwareValue.yaml	16
Solutions/Proofpoint On demand(POD) Email Security/Hunting Queries/ProofpointPODHighScorePhishValue.yaml	16
Solutions/Proofpoint On demand(POD) Email Security/Hunting Queries/ProofpointPODHighScoreSpamValue.yaml	16
Solutions/Proofpoint On demand(POD) Email Security/Hunting Queries/ProofpointPODHighScoreSuspectValue.yaml	16
Solutions/Proofpoint On demand(POD) Email Security/Hunting Queries/ProofpointPODLargeOutboundEmails.yaml	29
Solutions/Proofpoint On demand(POD) Email Security/Hunting Queries/ProofpointPODRecipientsHighNumberDiscardReject.yaml	19
Solutions/Proofpoint On demand(POD) Email Security/Hunting Queries/ProofpointPODRecipientsLargeNumberOfCorruptedEmails.yaml	19
Solutions/Proofpoint On demand(POD) Email Security/Hunting Queries/ProofpointPODSendersLargeNumberOfCorruptedEmails.yaml	19
Solutions/Proofpoint On demand(POD) Email Security/Hunting Queries/ProofpointPODSuspiciousFileTypesInAttachments.yaml	17
Solutions/Proofpoint On demand(POD) Email Security/Parsers/ProofpointPOD.yaml	317
Solutions/Pulse Connect Secure/Analytic Rules/PulseConnectSecureVPN-BruteForce.yaml	35
Solutions/Pulse Connect Secure/Analytic Rules/PulseConnectSecureVPN-DistinctFailedUserLogin.yaml	31
Solutions/Pulse Connect Secure/Parsers/PulseConnectSecure.yaml	36
Solutions/Pure Storage/Analytic Rules/FB-FabricModuleUnhealthy.yaml	44
Solutions/Pure Storage/Analytic Rules/PureControllerFailed.yaml	43
Solutions/Pure Storage/Analytic Rules/PureFailedLogin.yaml	52
Solutions/Pure Storage/Parsers/PureStorageFlashArrayParser.yaml	20
Solutions/Pure Storage/Parsers/PureStorageFlashBladeParser.yaml	23
Solutions/Qualys VM Knowledgebase/Data Connectors/AzureFunctionQualysKB/run.ps1	262
Solutions/Qualys VM Knowledgebase/Data Connectors/profile.ps1	19
Solutions/Qualys VM Knowledgebase/Data Connectors/requirements.psd1	7
Solutions/Qualys VM Knowledgebase/Parsers/QualysKB.yaml	32
Solutions/QualysVM/Analytic Rules/HighNumberofVulnDetectedV2.yaml	35
Solutions/QualysVM/Analytic Rules/NewHighSeverityVulnDetectedAcrossMulitpleHostsV2.yaml	28
Solutions/QualysVM/Data Connectors/AzureFunctionQualysVM_V2/run.ps1	285
Solutions/QualysVM/Data Connectors/profile.ps1	18
Solutions/QualysVM/Data Connectors/requirements.psd1	7
Solutions/QualysVM/Parsers/QualysHostDetection.yaml	88
Solutions/Radiflow/Analytic Rules/RadiflowExploitDetected.yaml	44
Solutions/Radiflow/Analytic Rules/RadiflowNetworkScanningDetected.yaml	42
Solutions/Radiflow/Analytic Rules/RadiflowNewActivityDetected.yaml	37
Solutions/Radiflow/Analytic Rules/RadiflowPlatformAlert.yaml	84
Solutions/Radiflow/Analytic Rules/RadiflowPolicyViolationDetected.yaml	32
Solutions/Radiflow/Analytic Rules/RadiflowSuspiciousMaliciousActivityDetected.yaml	37
Solutions/Radiflow/Analytic Rules/RadiflowUnauthorizedCommandinOperationalDevice.yaml	33
Solutions/Radiflow/Analytic Rules/RadiflowUnauthorizedInternetAccess.yaml	23
Solutions/Radiflow/Parsers/RadiflowEvent.yaml	78
Solutions/Rapid7InsightVM/Data Connectors/InsightVMCloudAPISentinelConnector/__init__.py	218
Solutions/Rapid7InsightVM/Data Connectors/InsightVMCloudAPISentinelConnector/sentinel_connector_async.py	80
Solutions/Rapid7InsightVM/Data Connectors/InsightVMCloudAPISentinelConnector/state_manager_async.py	58
Solutions/Rapid7InsightVM/Parsers/InsightVMAssets.yaml	48
Solutions/Rapid7InsightVM/Parsers/InsightVMVulnerabilities.yaml	67
Solutions/Recorded Future/Analytic Rules/RecordedFutureDomainMalwareC2inDNSEvents.yaml	59
Solutions/Recorded Future/Analytic Rules/RecordedFutureDomainMalwareC2inSyslogEvents.yaml	49
Solutions/Recorded Future/Analytic Rules/RecordedFutureHashObservedInUndergroundinCommonSecurityLog.yaml	46
Solutions/Recorded Future/Analytic Rules/RecordedFutureIPMalwareC2inAzureActivityEvents.yaml	24
Solutions/Recorded Future/Analytic Rules/RecordedFutureIPMalwareC2inDNSEvents.yaml	44
Solutions/Recorded Future/Analytic Rules/RecordedFutureUrlReportedbyInsiktGroupinSyslogEvents.yaml	60
Solutions/Recorded Future/Analytic Rules/ThreatHunting/RecordedFutureThreatHuntingDomainAllActors.yaml	65
Solutions/Recorded Future/Analytic Rules/ThreatHunting/RecordedFutureThreatHuntingHashAllActors.yaml	69
Solutions/Recorded Future/Analytic Rules/ThreatHunting/RecordedFutureThreatHuntingIPAllActors.yaml	63
Solutions/Recorded Future/Analytic Rules/ThreatHunting/RecordedFutureThreatHuntingUrlAllActors.yaml	64
Solutions/Recorded Future/Hunting Queries/RecordedFutureDomainThreatActorHunt.yaml	35
Solutions/Recorded Future/Hunting Queries/RecordedFutureHashThreatActorHunt.yaml	35
Solutions/Recorded Future/Hunting Queries/RecordedFutureIPThreatActorHunt.yaml	29
Solutions/Recorded Future/Hunting Queries/RecordedFutureUrlThreatActorHunt.yaml	30
Solutions/Red Canary/Analytic Rules/RedCanaryThreatDetection.yaml	132
Solutions/RidgeSecurity/Analytic Rules/RidgeSecurity_Risks.yaml	42
Solutions/RidgeSecurity/Analytic Rules/RidgeSecurity_Vulnerabilities.yaml	42
Solutions/RubrikSecurityCloud/Data Connectors/RubrikWebhookEvents/RubrikActivity/__init__.py	34
Solutions/RubrikSecurityCloud/Data Connectors/RubrikWebhookEvents/RubrikActivity/rubrik.py	70
Solutions/RubrikSecurityCloud/Data Connectors/RubrikWebhookEvents/RubrikActivity/sentinel.py	99
Solutions/RubrikSecurityCloud/Data Connectors/RubrikWebhookEvents/RubrikAnomalyOrchestrator/__init__.py	14
Solutions/RubrikSecurityCloud/Data Connectors/RubrikWebhookEvents/RubrikEventsOrchestrator/__init__.py	14
Solutions/RubrikSecurityCloud/Data Connectors/RubrikWebhookEvents/RubrikHttpStarter/__init__.py	55
Solutions/RubrikSecurityCloud/Data Connectors/RubrikWebhookEvents/RubrikRansomwareOrchestrator/__init__.py	16
Solutions/RubrikSecurityCloud/Data Connectors/RubrikWebhookEvents/RubrikThreathuntOrchestrator/__init__.py	16
Solutions/RubrikSecurityCloud/Data Connectors/RubrikWebhookEvents/shared_code/consts.py	10
Solutions/RubrikSecurityCloud/Data Connectors/RubrikWebhookEvents/shared_code/logger.py	12
Solutions/RubrikSecurityCloud/Data Connectors/RubrikWebhookEvents/shared_code/rubrik_exception.py	3
Solutions/SAP BTP/Analytic Rules/BTP - Failed access attempts across multiple BAS subaccounts.yaml	47
Solutions/SAP BTP/Analytic Rules/BTP - Malware detected in BAS dev space.yaml	69
Solutions/SAP BTP/Analytic Rules/BTP - Mass user deletion in a sub account.yaml	55
Solutions/SAP BTP/Analytic Rules/BTP - Trust and authorization Identity Provider monitor.yaml	74
Solutions/SAP BTP/Analytic Rules/BTP - User added to sensitive privileged role collection.yaml	45
Solutions/SAP ETD Cloud/Analytic Rules/SAPETD-LoginFromUnexpectedNetwork.yaml	65
Solutions/SAP ETD Cloud/Analytic Rules/SAPETD-SynchAlerts.yaml	59
Solutions/SAP/template/loggingconfig_DEV.yaml	195
Solutions/SAP/template/loggingconfig_PRD.yaml	195
Solutions/SINEC Security Guard/Analytic Rules/SSG_Azure_Sentinel_analytic_rule.yaml	21
Solutions/SailPointIdentityNow/Analytic Rules/SailPointIdentityNowAlertsForTriggers.yaml	32
Solutions/SailPointIdentityNow/Analytic Rules/SailPointIdentityNowEventType.yaml	32
Solutions/SailPointIdentityNow/Analytic Rules/SailPointIdentityNowEventTypeTechnicalName.yaml	33
Solutions/SailPointIdentityNow/Analytic Rules/SailPointIdentityNowFailedEvents.yaml	30
Solutions/SailPointIdentityNow/Analytic Rules/SailPointIdentityNowFailedEventsBasedOnTime.yaml	32
Solutions/SailPointIdentityNow/Analytic Rules/SailPointIdentityNowUserWithFailedEvents.yaml	34
Solutions/SailPointIdentityNow/Data Connectors/SearchEvent/__init__.py	179
Solutions/Salesforce Service Cloud/Analytic Rules/Salesforce-BruteForce.yaml	52
Solutions/Salesforce Service Cloud/Analytic Rules/Salesforce-PasswordSpray.yaml	34
Solutions/Salesforce Service Cloud/Analytic Rules/Salesforce-SigninsMultipleCountries.yaml	41
Solutions/Salesforce Service Cloud/Data Connectors/SalesforceSentinelConnector/__init__.py	239
Solutions/Salesforce Service Cloud/Parsers/SalesforceServiceCloud.yaml	227
Solutions/Samsung Knox Asset Intelligence/Analytic Rules/SamsungKnoxApplicationPrivilegeEscalationOrChange.yaml	30
Solutions/Samsung Knox Asset Intelligence/Analytic Rules/SamsungKnoxKeyguardDisabledFeatureSet.yaml	30
Solutions/Samsung Knox Asset Intelligence/Analytic Rules/SamsungKnoxMobileDeviceBootCompromise.yaml	30
Solutions/Samsung Knox Asset Intelligence/Analytic Rules/SamsungKnoxPasswordLockout.yaml	31
Solutions/Samsung Knox Asset Intelligence/Analytic Rules/SamsungKnoxPeripheralAccessDetectionWithCamera.yaml	28
Solutions/Samsung Knox Asset Intelligence/Analytic Rules/SamsungKnoxPeripheralAccessDetectionWithMic.yaml	34
Solutions/Samsung Knox Asset Intelligence/Analytic Rules/SamsungKnoxSecurityLogFull.yaml	28
Solutions/Samsung Knox Asset Intelligence/Analytic Rules/SamsungKnoxSuspiciousURLs.yaml	36
Solutions/SecurityBridge App/Analytical Rules/CriticalEventTriggered.yaml	36
Solutions/SecurityBridge App/Parsers/SecurityBridgeLogs.yaml	33
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardFactor/SecurityScorecardFactorSentinelConnector/__init__.py	202
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardFactor/SecurityScorecardFactorSentinelConnector/scorecard.py	82
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardFactor/SecurityScorecardFactorSentinelConnector/scorecard_exceptions.py	10
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardFactor/SecurityScorecardFactorSentinelConnector/state_manager.py	26
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardFactor/SecurityScorecardFactorSentinelConnector/utils.py	19
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardFactor/SecurityScorecardFactorSentinelConnector/writers.py	188
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardIssue/SecurityScorecardIssueSentinelConnector/__init__.py	184
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardIssue/SecurityScorecardIssueSentinelConnector/scorecard.py	89
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardIssue/SecurityScorecardIssueSentinelConnector/scorecard_exceptions.py	10
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardIssue/SecurityScorecardIssueSentinelConnector/state_manager.py	26
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardIssue/SecurityScorecardIssueSentinelConnector/utils.py	18
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardIssue/SecurityScorecardIssueSentinelConnector/writers.py	177
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardRatings/SecurityScorecardRatingsSentinelConnector/__init__.py	202
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardRatings/SecurityScorecardRatingsSentinelConnector/scorecard.py	62
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardRatings/SecurityScorecardRatingsSentinelConnector/scorecard_exceptions.py	10
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardRatings/SecurityScorecardRatingsSentinelConnector/state_manager.py	26
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardRatings/SecurityScorecardRatingsSentinelConnector/utils.py	13
Solutions/SecurityScorecard Cybersecurity Ratings/Data Connectors/SecurityScorecardRatings/SecurityScorecardRatingsSentinelConnector/writers.py	190
Solutions/SecurityThreatEssentialSolution/Analytic Rules/PossibleAiTMPhishingAttemptAgainstAAD.yaml	65
Solutions/SecurityThreatEssentialSolution/Analytic Rules/Threat_Essentials_Mail_redirect_via_ExO_transport_rule.yaml	63
Solutions/SecurityThreatEssentialSolution/Analytic Rules/Threat_Essentials_MultipleAdmin_membership_removals_from_NewAdmin.yaml	72
Solutions/SecurityThreatEssentialSolution/Analytic Rules/Threat_Essentials_NRT_UseraddedtoPrivilgedGroups.yaml	58
Solutions/SecurityThreatEssentialSolution/Analytic Rules/Threat_Essentials_TimeSeriesAnomaly-MultiVendor_DataExfiltration.yaml	121
Solutions/SecurityThreatEssentialSolution/Analytic Rules/Threat_Essentials_TimeSeriesAnomaly_Mass_Cloud_Resource_Deletions.yaml	59
Solutions/SecurityThreatEssentialSolution/Analytic Rules/Threat_Essentials_UserAssignedPrivilegedRole.yaml	53
Solutions/SecurityThreatEssentialSolution/Hunting Queries/Signins-From-VPS-Providers.yaml	43
Solutions/SecurityThreatEssentialSolution/Hunting Queries/Signins-from-NordVPN-Providers.yaml	38
Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_EvidenceOfMimikatzDCShadowAttack.yaml	23
Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_KerberoskrbtgtAccount.yaml	32
Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_RecentsIDHistoryChangesOnADObjects.yaml	33
Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_WellKnownPrivilegedSIDsInsIDHistory.yaml	33
Solutions/Semperis Directory Services Protector/Analytic Rules/SemperisDSP_ZerologonVulnerability.yaml	32
Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Failed_Logons.yaml	53
Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_Operations_Critical_Notifications_.yaml	55
Solutions/Semperis Directory Services Protector/Analytic Rules/Semperis_DSP_RBAC_Changes.yaml	61
Solutions/Semperis Directory Services Protector/Parsers/dsp_parser.yaml	44
Solutions/SenservaPro/Analytic Rules/AdminMFA.yaml	41
Solutions/SenservaPro/Analytic Rules/AppsNoClientCredentials.yaml	41
Solutions/SenservaPro/Analytic Rules/BlockLegacyAuthentication.yaml	44
Solutions/SenservaPro/Analytic Rules/GlobaAdminRoleOverlap.yaml	41
Solutions/SenservaPro/Analytic Rules/MFARegistration.yaml	40
Solutions/SenservaPro/Analytic Rules/NonAdminGuest.yaml	40
Solutions/SenservaPro/Analytic Rules/NotUsingClientCredentials.yaml	41
Solutions/SenservaPro/Analytic Rules/OneGlobalAdmin.yaml	40
Solutions/SenservaPro/Analytic Rules/PasswordAgePolicyNew.yaml	24
Solutions/SenservaPro/Analytic Rules/SearchStaleLastPasswordChange.yaml	40
Solutions/SenservaPro/Analytic Rules/SelfServicePasswordReset.yaml	41
Solutions/SenservaPro/Analytic Rules/SignInRiskPolicy.yaml	41
Solutions/SenservaPro/Analytic Rules/ThirdPartyIntegratedApps.yaml	43
Solutions/SenservaPro/Analytic Rules/UserAccountDisabled.yaml	40
Solutions/SenservaPro/Analytic Rules/UserRiskPolicy.yaml	41
Solutions/SenservaPro/Hunting Queries/ApplicationNotUsingClientCredentials.yaml	18
Solutions/SenservaPro/Hunting Queries/AzureSecureScoreAdminMFAV2.yaml	19
Solutions/SenservaPro/Hunting Queries/AzureSecureScoreBlockLegacyAuthentication.yaml	20
Solutions/SenservaPro/Hunting Queries/AzureSecureScoreIntegratedApps.yaml	18
Solutions/SenservaPro/Hunting Queries/AzureSecureScoreMFARegistrationV2.yaml	19
Solutions/SenservaPro/Hunting Queries/AzureSecureScoreOneAdmin.yaml	19
Solutions/SenservaPro/Hunting Queries/AzureSecureScorePWAgePolicyNew.yaml	20
Solutions/SenservaPro/Hunting Queries/AzureSecureScoreRoleOverlap.yaml	18
Solutions/SenservaPro/Hunting Queries/AzureSecureScoreSelfServicePasswordReset.yaml	18
Solutions/SenservaPro/Hunting Queries/AzureSecureScoreSigninRiskPolicy.yaml	18
Solutions/SenservaPro/Hunting Queries/AzureSecureScoreUserRiskPolicy.yaml	18
Solutions/SenservaPro/Hunting Queries/NonAdminGuest.yaml	17
Solutions/SenservaPro/Hunting Queries/ServicePrincipalNotUsingClientCredentials.yaml	19
Solutions/SenservaPro/Hunting Queries/StaleLastPasswordChange.yaml	17
Solutions/SenservaPro/Hunting Queries/UserAccountDisabled.yaml	17
Solutions/SentinelOne/Analytic Rules/SentinelOneAdminLoginNewIP.yaml	47
Solutions/SentinelOne/Analytic Rules/SentinelOneAgentUninstalled.yaml	30
Solutions/SentinelOne/Analytic Rules/SentinelOneAlertFromCustomRule.yaml	31
Solutions/SentinelOne/Analytic Rules/SentinelOneBlacklistHashDeleted.yaml	36
Solutions/SentinelOne/Analytic Rules/SentinelOneExclusionAdded.yaml	30
Solutions/SentinelOne/Analytic Rules/SentinelOneMultipleAlertsOnHost.yaml	33
Solutions/SentinelOne/Analytic Rules/SentinelOneNewAdmin.yaml	29
Solutions/SentinelOne/Analytic Rules/SentinelOneRuleDeleted.yaml	30
Solutions/SentinelOne/Analytic Rules/SentinelOneRuleDisabled.yaml	30
Solutions/SentinelOne/Analytic Rules/SentinelOneSameCustomRuleHitOnDiffHosts.yaml	35
Solutions/SentinelOne/Analytic Rules/SentinelOneViewAgentPassphrase.yaml	33
Solutions/SentinelOne/Data Connectors/SentinelOneSentinelConnector/__init__.py	173
Solutions/SentinelOne/Data Connectors/SentinelOneSentinelConnector/state_manager.py	18
Solutions/SentinelOne/Hunting Queries/SentinelOneAgentNotUpdated.yaml	26
Solutions/SentinelOne/Hunting Queries/SentinelOneAgentStatus.yaml	25
Solutions/SentinelOne/Hunting Queries/SentinelOneAlertTriggers.yaml	25
Solutions/SentinelOne/Hunting Queries/SentinelOneHostNotScanned.yaml	29
Solutions/SentinelOne/Hunting Queries/SentinelOneNewRules.yaml	25
Solutions/SentinelOne/Hunting Queries/SentinelOneRulesDeleted.yaml	25
Solutions/SentinelOne/Hunting Queries/SentinelOneScannedHosts.yaml	25
Solutions/SentinelOne/Hunting Queries/SentinelOneSourcesByAlertCount.yaml	25
Solutions/SentinelOne/Hunting Queries/SentinelOneUninstalledAgents.yaml	23
Solutions/SentinelOne/Hunting Queries/SentinelOneUsersByAlertCount.yaml	29
Solutions/SentinelOne/Parsers/SentinelOne.yaml	651
Solutions/Silverfort/Analytic Rules/Certifried.yaml	31
Solutions/Silverfort/Analytic Rules/Log4Shell.yaml	31
Solutions/Silverfort/Analytic Rules/NoPac_Breach.yaml	32
Solutions/Silverfort/Analytic Rules/User_Brute_Force.yaml	31
Solutions/SlackAudit/Analytic Rules/SlackAuditEmptyUA.yaml	29
Solutions/SlackAudit/Analytic Rules/SlackAuditMultipleArchivedFilesUploadedInShortTimePeriod.yaml	34
Solutions/SlackAudit/Analytic Rules/SlackAuditMultipleFailedLoginsForUser.yaml	32
Solutions/SlackAudit/Analytic Rules/SlackAuditSensitiveFile.yaml	35
Solutions/SlackAudit/Analytic Rules/SlackAuditSuspiciousFileDownloaded.yaml	39
Solutions/SlackAudit/Analytic Rules/SlackAuditUnknownUA.yaml	34
Solutions/SlackAudit/Analytic Rules/SlackAuditUserChangedToAdminOrOwner.yaml	31
Solutions/SlackAudit/Analytic Rules/SlackAuditUserEmailChanged.yaml	39
Solutions/SlackAudit/Analytic Rules/SlackAuditUserLoginAfterDeactivated.yaml	44
Solutions/SlackAudit/Data Connectors/SlackAuditAPISentinelConnector/__init__.py	278
Solutions/SlackAudit/Data Connectors/SlackAuditAPISentinelConnector/state_manager.py	18
Solutions/SlackAudit/Hunting Queries/SlackAuditApplicationsInstalled.yaml	24
Solutions/SlackAudit/Hunting Queries/SlackAuditDeactivatedUsers.yaml	24
Solutions/SlackAudit/Hunting Queries/SlackAuditDownloadedFilesByUser.yaml	27
Solutions/SlackAudit/Hunting Queries/SlackAuditFailedLoginsUnknownUsername.yaml	38
Solutions/SlackAudit/Hunting Queries/SlackAuditNewUsers.yaml	28
Solutions/SlackAudit/Hunting Queries/SlackAuditSuspiciousFilesDownloaded.yaml	32
Solutions/SlackAudit/Hunting Queries/SlackAuditUploadedFilesByUser.yaml	26
Solutions/SlackAudit/Hunting Queries/SlackAuditUserLoginsByIP.yaml	25
Solutions/SlackAudit/Hunting Queries/SlackAuditUserPermissionsChanged.yaml	23
Solutions/SlackAudit/Hunting Queries/SlackAuditUsersJoinedChannelsWithoutInvites.yaml	25
Solutions/SlackAudit/Parsers/SlackAudit.yaml	170
Solutions/Snowflake/Analytic Rules/SnowflakeDiscoveryActivity.yaml	33
Solutions/Snowflake/Analytic Rules/SnowflakeLongQueryProcessTime.yaml	30
Solutions/Snowflake/Analytic Rules/SnowflakeMultipleFailedQueries.yaml	33
Solutions/Snowflake/Analytic Rules/SnowflakeMultipleLoginFailure.yaml	33
Solutions/Snowflake/Analytic Rules/SnowflakeMultipleLoginFailureFromIP.yaml	33
Solutions/Snowflake/Analytic Rules/SnowflakePossibleDataDestruction.yaml	33
Solutions/Snowflake/Analytic Rules/SnowflakePrivilegesDiscovery.yaml	30
Solutions/Snowflake/Analytic Rules/SnowflakeQueryOnSensitiveTable.yaml	33
Solutions/Snowflake/Analytic Rules/SnowflakeUnusualQuery.yaml	31
Solutions/Snowflake/Analytic Rules/SnowflakeUserAddAdminPrivileges.yaml	34
Solutions/Snowflake/Data Connectors/AzureFunctionSnowflake/main.py	187
Solutions/Snowflake/Data Connectors/AzureFunctionSnowflake/sentinel_connector.py	103
Solutions/Snowflake/Data Connectors/AzureFunctionSnowflake/state_manager.py	21
Solutions/Snowflake/Hunting Queries/SnowflakeAdminSources.yaml	34
Solutions/Snowflake/Hunting Queries/SnowflakeDeletedDatabases.yaml	25
Solutions/Snowflake/Hunting Queries/SnowflakeDeletedTables.yaml	25
Solutions/Snowflake/Hunting Queries/SnowflakeDormantUser.yaml	26
Solutions/Snowflake/Hunting Queries/SnowflakeFailedLogins.yaml	25
Solutions/Snowflake/Hunting Queries/SnowflakeHighCreditConsumingQueries.yaml	26
Solutions/Snowflake/Hunting Queries/SnowflakeTimeConsumingQueries.yaml	26
Solutions/Snowflake/Hunting Queries/SnowflakeUnknownQueryType.yaml	24
Solutions/Snowflake/Hunting Queries/SnowflakeUnusedAdmins.yaml	31
Solutions/Snowflake/Hunting Queries/SnowflakeUserSources.yaml	29
Solutions/Snowflake/Parsers/Snowflake.yaml	20
Solutions/SonicWall Firewall/Analytic Rules/AllowedInboundSSHTelnetRDPConnections.yaml	66
Solutions/SonicWall Firewall/Analytic Rules/CaptureATPMaliciousFileDetection.yaml	60
Solutions/SonicWall Firewall/Hunting Queries/OutboundSSHConnections.yaml	34
Solutions/SonraiSecurity/Analytic Rules/SonraiNewTicket.yaml	64
Solutions/SonraiSecurity/Analytic Rules/SonraiTicketAssigned.yaml	66
Solutions/SonraiSecurity/Analytic Rules/SonraiTicketClosed.yaml	65
Solutions/SonraiSecurity/Analytic Rules/SonraiTicketCommentAdded.yaml	65
Solutions/SonraiSecurity/Analytic Rules/SonraiTicketEscalationExecuted.yaml	65
Solutions/SonraiSecurity/Analytic Rules/SonraiTicketReopened.yaml	66
Solutions/SonraiSecurity/Analytic Rules/SonraiTicketRiskAccepted.yaml	5
Solutions/SonraiSecurity/Analytic Rules/SonraiTicketSnoozed.yaml	65
Solutions/SonraiSecurity/Analytic Rules/SonraiTicketUpdated.yaml	65
Solutions/Sophos Endpoint Protection/Data Connectors/AzureFunctionSophos/main.py	140
Solutions/Sophos Endpoint Protection/Data Connectors/AzureFunctionSophos/sentinel_connector.py	90
Solutions/Sophos Endpoint Protection/Data Connectors/AzureFunctionSophos/state_manager.py	18
Solutions/Sophos Endpoint Protection/Parsers/SophosEPEvent.yaml	71
Solutions/Sophos XG Firewall/Analytic Rules/ExcessiveAmountofDeniedConnectionsfromASingleSource.yaml	31
Solutions/Sophos XG Firewall/Analytic Rules/PortScanDetected.yaml	32
Solutions/Sophos XG Firewall/Parsers/SophosXGFirewall.yaml	77
Solutions/SpyCloud Enterprise Protection/Analytic Rules/SpyCloudEnterpriseProtectionBreachRule.yaml	53
Solutions/SpyCloud Enterprise Protection/Analytic Rules/SpyCloudEnterpriseProtectionMalwareRule.yaml	68
Solutions/SquidProxy/Parsers/SquidProxy.yaml	22
Solutions/Symantec Endpoint Protection/Analytic Rules/ExcessiveBlockedTrafficGeneratedbyUser.yaml	54
Solutions/Symantec Endpoint Protection/Analytic Rules/MalwareDetected.yaml	39
Solutions/Symantec Endpoint Protection/Parsers/SymantecEndpointProtection.yaml	186
Solutions/Symantec VIP/Analytic Rules/ClientDeniedAccess.yaml	42
Solutions/Symantec VIP/Analytic Rules/ExcessiveFailedAuthenticationsfromInvalidInputs.yaml	36
Solutions/Symantec VIP/Parsers/SymantecVIP.yaml	37
Solutions/SymantecProxySG/Analytic Rules/ExcessiveDeniedProxyTraffic.yaml	37
Solutions/SymantecProxySG/Analytic Rules/UserAccessedSuspiciousURLCategories.yaml	40
Solutions/SymantecProxySG/Parsers/SymantecProxySG.yaml	22
Solutions/Synack/Integrations/AzureFunctionSynack/azure-service.js	173
Solutions/Synack/Integrations/AzureFunctionSynack/index.js	7
Solutions/Synack/Integrations/AzureFunctionSynack/synack-service.js	111
Solutions/Synack/Integrations/AzureFunctionSynack/sync-service.js	220
Solutions/Syslog/Analytic Rules/FailedLogonAttempts_UnknownUser.yaml	57
Solutions/Syslog/Analytic Rules/NRT_squid_events_for_mining_pools.yaml	57
Solutions/Syslog/Analytic Rules/sftp_file_transfer_above_threshold.yaml	74
Solutions/Syslog/Analytic Rules/sftp_file_transfer_folders_above_threshold.yaml	75
Solutions/Syslog/Analytic Rules/squid_cryptomining_pools.yaml	66
Solutions/Syslog/Analytic Rules/squid_tor_proxies.yaml	62
Solutions/Syslog/Analytic Rules/ssh_potentialBruteForce.yaml	36
Solutions/Syslog/Hunting Queries/CryptoCurrencyMiners.yaml	38
Solutions/Syslog/Hunting Queries/CryptoThreatActivity.yaml	40
Solutions/Syslog/Hunting Queries/RareProcess_ForLxHost.yaml	40
Solutions/Syslog/Hunting Queries/SCXExecuteRunAsProviders.yaml	67
Solutions/Syslog/Hunting Queries/SchedTaskAggregation.yaml	9
Solutions/Syslog/Hunting Queries/SchedTaskEditViaCrontab.yaml	36
Solutions/Syslog/Hunting Queries/squid_abused_tlds.yaml	37
Solutions/Syslog/Hunting Queries/squid_malformed_requests.yaml	38
Solutions/Syslog/Hunting Queries/squid_volume_anomalies.yaml	46
Solutions/Syslog/Workspace Functions/SyslogConnectorsEventVolumebyDeviceProduct.yaml	56
Solutions/Syslog/Workspace Functions/SyslogConnectorsOverallStatus.yaml	61
Solutions/Tanium/Analytic Rules/TaniumThreatResponseAlerts.yaml	36
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/AccountUsageDataCollector/__init__.py	17
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/AccountUsageDataCollector/account_usage_data.py	31
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/DomainDataCollector/__init__.py	12
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/DomainDataCollector/domain_collector.py	87
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/IPDataCollector/__init__.py	12
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/IPDataCollector/ip_collector.py	252
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/SharedCode/__init__.py	1
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/SharedCode/checkpoint_manager.py	32
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/SharedCode/consts.py	48
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/SharedCode/get_logs_data.py	52
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/SharedCode/logger.py	12
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/SharedCode/sentinel.py	197
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/SharedCode/state_manager.py	18
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/SharedCode/teamcymruscout_client.py	173
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/SharedCode/teamcymruscout_exception.py	9
Solutions/Team Cymru Scout/Data Connectors/TeamCymruScout/SharedCode/utils.py	147
Solutions/Team Cymru Scout/Parsers/CymruScoutAccountUsage.yaml	16
Solutions/Team Cymru Scout/Parsers/CymruScoutCorrelate.yaml	70
Solutions/Team Cymru Scout/Parsers/CymruScoutDomain.yaml	43
Solutions/Team Cymru Scout/Parsers/CymruScoutDomainData.yaml	26
Solutions/Team Cymru Scout/Parsers/CymruScoutIP.yaml	92
Solutions/Team Cymru Scout/Parsers/CymruScoutIdentity.yaml	28
Solutions/Team Cymru Scout/Parsers/CymruScoutProtoByIP.yaml	34
Solutions/Team Cymru Scout/Parsers/CymruScoutSummary.yaml	56
Solutions/Team Cymru Scout/Parsers/CymruScoutSummaryTopCerts.yaml	48
Solutions/Team Cymru Scout/Parsers/CymruScoutSummaryTopFingerprints.yaml	32
Solutions/Team Cymru Scout/Parsers/CymruScoutSummaryTopOpenPorts.yaml	34
Solutions/Team Cymru Scout/Parsers/CymruScoutSummaryTopPdns.yaml	28
Solutions/Team Cymru Scout/Parsers/CymruScoutTopAsnsByIP.yaml	32
Solutions/Team Cymru Scout/Parsers/CymruScoutTopCountryCodesByIP.yaml	32
Solutions/Team Cymru Scout/Parsers/CymruScoutTopServicesByIP.yaml	32
Solutions/Team Cymru Scout/Parsers/CymruScoutTopTagsByIP.yaml	32
Solutions/Team Cymru Scout/Parsers/CymruScoutWhois.yaml	110
Solutions/Tenable App/Analytic Rules/TIEADAttacksPathways.yaml	42
Solutions/Tenable App/Analytic Rules/TIEDCShadow.yaml	33
Solutions/Tenable App/Analytic Rules/TIEDCSync.yaml	33
Solutions/Tenable App/Analytic Rules/TIEGoldenTicket.yaml	33
Solutions/Tenable App/Analytic Rules/TIEIndicatorsOfAttack.yaml	41
Solutions/Tenable App/Analytic Rules/TIEIndicatorsOfExposures.yaml	41
Solutions/Tenable App/Analytic Rules/TIELSASSMemory.yaml	33
Solutions/Tenable App/Analytic Rules/TIEPasswordGuessing.yaml	33
Solutions/Tenable App/Analytic Rules/TIEPasswordIssues.yaml	42
Solutions/Tenable App/Analytic Rules/TIEPasswordSpraying.yaml	33
Solutions/Tenable App/Analytic Rules/TIEPrivilegedAccountIssues.yaml	42
Solutions/Tenable App/Analytic Rules/TIEUserAccountIssues.yaml	42
Solutions/Tenable App/Data Connectors/TenableVM/TenableAssetExportOrchestrator/__init__.py	71
Solutions/Tenable App/Data Connectors/TenableVM/TenableAssetExportStatusAndSendChunks/__init__.py	75
Solutions/Tenable App/Data Connectors/TenableVM/TenableCleanTables/__init__.py	41
Solutions/Tenable App/Data Connectors/TenableVM/TenableCleanUpOrchestrator/__init__.py	13
Solutions/Tenable App/Data Connectors/TenableVM/TenableComplianceExportOrchestrator/__init__.py	87
Solutions/Tenable App/Data Connectors/TenableVM/TenableComplianceExportStatusAndSendChunks/__init__.py	90
Solutions/Tenable App/Data Connectors/TenableVM/TenableExportStarter/__init__.py	134
Solutions/Tenable App/Data Connectors/TenableVM/TenableExportsOrchestrator/__init__.py	176
Solutions/Tenable App/Data Connectors/TenableVM/TenableGenerateJobStats/__init__.py	142
Solutions/Tenable App/Data Connectors/TenableVM/TenableProcessAssetChunkFromQueue/__init__.py	82
Solutions/Tenable App/Data Connectors/TenableVM/TenableProcessComplianceChunkFromQueue/__init__.py	125
Solutions/Tenable App/Data Connectors/TenableVM/TenableProcessFailedAssetChunkFromQueue/__init__.py	35
Solutions/Tenable App/Data Connectors/TenableVM/TenableProcessFailedComplianceChunkFromQueue/__init__.py	45
Solutions/Tenable App/Data Connectors/TenableVM/TenableProcessFailedVulnChunkFromQueue/__init__.py	35
Solutions/Tenable App/Data Connectors/TenableVM/TenableProcessVulnChunkFromQueue/__init__.py	87
Solutions/Tenable App/Data Connectors/TenableVM/TenableStartAssetExportJob/__init__.py	11
Solutions/Tenable App/Data Connectors/TenableVM/TenableStartComplianceExportJob/__init__.py	20
Solutions/Tenable App/Data Connectors/TenableVM/TenableStartVulnExportJob/__init__.py	36
Solutions/Tenable App/Data Connectors/TenableVM/TenableVulnExportOrchestrator/__init__.py	72
Solutions/Tenable App/Data Connectors/TenableVM/TenableVulnExportStatusAndSendChunks/__init__.py	79
Solutions/Tenable App/Data Connectors/TenableVM/azure_sentinel.py	58
Solutions/Tenable App/Data Connectors/TenableVM/exports_queue.py	30
Solutions/Tenable App/Data Connectors/TenableVM/exports_store.py	138
Solutions/Tenable App/Data Connectors/TenableVM/tenable_helper.py	84
Solutions/Tenable App/Parsers/TenableVMAssets.yaml	129
Solutions/Tenable App/Parsers/TenableVMVulnerabilities.yaml	220
Solutions/Tenable App/Parsers/afad_parser.yaml	117
Solutions/TenableAD/Analytic Rules/TenableAdADAttacksPathways.yaml	42
Solutions/TenableAD/Analytic Rules/TenableAdDCShadow.yaml	33
Solutions/TenableAD/Analytic Rules/TenableAdDCSync.yaml	33
Solutions/TenableAD/Analytic Rules/TenableAdGoldenTicket.yaml	33
Solutions/TenableAD/Analytic Rules/TenableAdIndicatorsOfAttack.yaml	41
Solutions/TenableAD/Analytic Rules/TenableAdIndicatorsOfExposures.yaml	41
Solutions/TenableAD/Analytic Rules/TenableAdLSASSMemory.yaml	33
Solutions/TenableAD/Analytic Rules/TenableAdPasswordGuessing.yaml	33
Solutions/TenableAD/Analytic Rules/TenableAdPasswordIssues.yaml	42
Solutions/TenableAD/Analytic Rules/TenableAdPasswordSpraying.yaml	33
Solutions/TenableAD/Analytic Rules/TenableAdPrivilegedAccountIssues.yaml	42
Solutions/TenableAD/Analytic Rules/TenableAdUserAccountIssues.yaml	42
Solutions/TenableAD/Parsers/afad_parser.yaml	117
Solutions/TenableIO/Data Connectors/TenableAssetExportOrchestrator/__init__.py	69
Solutions/TenableIO/Data Connectors/TenableAssetExportStatusAndSendChunks/__init__.py	66
Solutions/TenableIO/Data Connectors/TenableCleanTables/__init__.py	35
Solutions/TenableIO/Data Connectors/TenableCleanUpOrchestrator/__init__.py	14
Solutions/TenableIO/Data Connectors/TenableExportStarter/__init__.py	117
Solutions/TenableIO/Data Connectors/TenableExportsOrchestrator/__init__.py	109
Solutions/TenableIO/Data Connectors/TenableGenerateJobStats/__init__.py	136
Solutions/TenableIO/Data Connectors/TenableProcessAssetChunkFromQueue/__init__.py	68
Solutions/TenableIO/Data Connectors/TenableProcessFailedAssetChunkFromQueue/__init__.py	35
Solutions/TenableIO/Data Connectors/TenableProcessFailedVulnChunkFromQueue/__init__.py	35
Solutions/TenableIO/Data Connectors/TenableProcessVulnChunkFromQueue/__init__.py	71
Solutions/TenableIO/Data Connectors/TenableStartAssetExportJob/__init__.py	11
Solutions/TenableIO/Data Connectors/TenableStartVulnExportJob/__init__.py	11
Solutions/TenableIO/Data Connectors/TenableVulnExportOrchestrator/__init__.py	69
Solutions/TenableIO/Data Connectors/TenableVulnExportStatusAndSendChunks/__init__.py	68
Solutions/TenableIO/Data Connectors/azure_sentinel.py	58
Solutions/TenableIO/Data Connectors/exports_queue.py	28
Solutions/TenableIO/Data Connectors/exports_store.py	136
Solutions/TenableIO/Data Connectors/tenable_helper.py	87
Solutions/TenableIO/Parsers/TenableIOAssets.yaml	129
Solutions/TenableIO/Parsers/TenableIOVulnerabilities.yaml	220
Solutions/TheHive/Data Connectors/TheHiveWebhooksTrigger/__init__.py	80
Solutions/TheHive/Parsers/TheHive.yaml	84
Solutions/Theom/Analytic Rules/TRIS0001_Dev_secrets_unencrypted.yaml	37
Solutions/Theom/Analytic Rules/TRIS0002_National_IDs_unencrypted.yaml	38
Solutions/Theom/Analytic Rules/TRIS0003_Financial_data_unencrypted.yaml	38
Solutions/Theom/Analytic Rules/TRIS0004_Healthcare_data_unencrypted.yaml	38
Solutions/Theom/Analytic Rules/TRIS0005_Unencrypted_public_data_stores.yaml	38
Solutions/Theom/Analytic Rules/TRIS0007-10_TRIS0014_Critical_data_in_API_headers_or_body.yaml	39
Solutions/Theom/Analytic Rules/TRIS0012_Dev_secrets_exposed.yaml	38
Solutions/Theom/Analytic Rules/TRIS0015_Healthcare_data_exposed.yaml	38
Solutions/Theom/Analytic Rules/TRIS0018_National_IDs_exposed.yaml	38
Solutions/Theom/Analytic Rules/TRIS0026_Financial_data_exposed.yaml	38
Solutions/Theom/Analytic Rules/TRIS0032_Dark_Data_with_large_fin_value.yaml	38
Solutions/Theom/Analytic Rules/TRIS0033_Least_priv_large_value_shadow_DB.yaml	38
Solutions/Theom/Analytic Rules/TRIS0034_Overprovisioned_Roles_Shadow_DB.yaml	40
Solutions/Theom/Analytic Rules/TRIS0035_Shadow_DB_large_datastore_value.yaml	38
Solutions/Theom/Analytic Rules/TRIS0036_Shadow_DB_with_atypical_accesses.yaml	40
Solutions/Theom/Analytic Rules/TheomRisksCritical.yaml	58
Solutions/Theom/Analytic Rules/TheomRisksHigh.yaml	58
Solutions/Theom/Analytic Rules/TheomRisksInsights.yaml	58
Solutions/Theom/Analytic Rules/TheomRisksLow.yaml	58
Solutions/Theom/Analytic Rules/TheomRisksMedium.yaml	58
Solutions/Threat Intelligence (NEW)/Analytic Rules/DomainEntity_CloudAppEvents_Updated.yaml	72
Solutions/Threat Intelligence (NEW)/Analytic Rules/DomainEntity_CommonSecurityLog.yaml	50
Solutions/Threat Intelligence (NEW)/Analytic Rules/DomainEntity_DeviceNetworkEvents_Updated.yaml	55
Solutions/Threat Intelligence (NEW)/Analytic Rules/DomainEntity_DnsEvents.yaml	74
Solutions/Threat Intelligence (NEW)/Analytic Rules/DomainEntity_EmailEvents_Updated.yaml	52
Solutions/Threat Intelligence (NEW)/Analytic Rules/DomainEntity_EmailUrlInfo_Updated.yaml	66
Solutions/Threat Intelligence (NEW)/Analytic Rules/DomainEntity_PaloAlto.yaml	108
Solutions/Threat Intelligence (NEW)/Analytic Rules/DomainEntity_SecurityAlert.yaml	67
Solutions/Threat Intelligence (NEW)/Analytic Rules/DomainEntity_Syslog.yaml	73
Solutions/Threat Intelligence (NEW)/Analytic Rules/DomainEntity_imWebSession.yaml	57
Solutions/Threat Intelligence (NEW)/Analytic Rules/EmailEntity_AzureActivity.yaml	55
Solutions/Threat Intelligence (NEW)/Analytic Rules/EmailEntity_CloudAppEvents_Updated.yaml	45
Solutions/Threat Intelligence (NEW)/Analytic Rules/EmailEntity_EmailEvents_Updated.yaml	50
Solutions/Threat Intelligence (NEW)/Analytic Rules/EmailEntity_OfficeActivity.yaml	58
Solutions/Threat Intelligence (NEW)/Analytic Rules/EmailEntity_PaloAlto.yaml	57
Solutions/Threat Intelligence (NEW)/Analytic Rules/EmailEntity_SecurityAlert.yaml	65
Solutions/Threat Intelligence (NEW)/Analytic Rules/EmailEntity_SecurityEvent.yaml	75
Solutions/Threat Intelligence (NEW)/Analytic Rules/EmailEntity_SigninLogs.yaml	66
Solutions/Threat Intelligence (NEW)/Analytic Rules/FileHashEntity_CommonSecurityLog.yaml	63
Solutions/Threat Intelligence (NEW)/Analytic Rules/FileHashEntity_DeviceFileEvents_Updated.yaml	38
Solutions/Threat Intelligence (NEW)/Analytic Rules/FileHashEntity_SecurityEvent.yaml	71
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_AWSCloudTrail.yaml	64
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_AppServiceHTTPLogs.yaml	69
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_AzureActivity.yaml	67
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_AzureFirewall.yaml	69
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_AzureKeyVault.yaml	61
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_AzureNetworkAnalytics.yaml	62
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_AzureSQL.yaml	66
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_CloudAppEvents_Updated.yaml	4
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_CustomSecurityLog.yaml	42
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_DeviceNetworkEvents_Updated.yaml	50
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_DnsEvents.yaml	63
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_DuoSecurity.yaml	57
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_OfficeActivity.yaml	64
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_SigninLogs_Updated.yaml	64
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_VMConnection.yaml	61
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_W3CIISLog.yaml	63
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_Workday_Updated.yaml	53
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_imNetworkSession.yaml	106
Solutions/Threat Intelligence (NEW)/Analytic Rules/IPEntity_imWebSession.yaml	47
Solutions/Threat Intelligence (NEW)/Analytic Rules/Threat Intel Matches to GitHub Audit Logs.yaml	50
Solutions/Threat Intelligence (NEW)/Analytic Rules/URLEntity_AuditLogs.yaml	61
Solutions/Threat Intelligence (NEW)/Analytic Rules/URLEntity_CloudAppEvents_Updated.yaml	4
Solutions/Threat Intelligence (NEW)/Analytic Rules/URLEntity_DeviceNetworkEvents_Updated.yaml	58
Solutions/Threat Intelligence (NEW)/Analytic Rules/URLEntity_EmailUrlInfo_Updated.yaml	62
Solutions/Threat Intelligence (NEW)/Analytic Rules/URLEntity_PaloAlto.yaml	79
Solutions/Threat Intelligence (NEW)/Analytic Rules/URLEntity_SecurityAlerts.yaml	67
Solutions/Threat Intelligence (NEW)/Analytic Rules/URLEntity_Syslog.yaml	31
Solutions/Threat Intelligence (NEW)/Analytic Rules/URLEntity_UrlClickEvents_Updated.yaml	62
Solutions/Threat Intelligence (NEW)/Analytic Rules/imDns_DomainEntity_DnsEvents.yaml	83
Solutions/Threat Intelligence (NEW)/Analytic Rules/imDns_IPEntity_DnsEvents.yaml	80
Solutions/Threat Intelligence (NEW)/Hunting Queries/FileEntity_OfficeActivity.yaml	47
Solutions/Threat Intelligence (NEW)/Hunting Queries/FileEntity_SecurityEvent.yaml	49
Solutions/Threat Intelligence (NEW)/Hunting Queries/FileEntity_Syslog.yaml	48
Solutions/Threat Intelligence (NEW)/Hunting Queries/FileEntity_VMConnection.yaml	48
Solutions/Threat Intelligence (NEW)/Hunting Queries/FileEntity_WireData.yaml	40
Solutions/Threat Intelligence (NEW)/Parsers/ThreatIntelIndicatorsv2.yaml	51
Solutions/Threat Intelligence/Analytic Rules/DomainEntity_CloudAppEvents.yaml	48
Solutions/Threat Intelligence/Analytic Rules/DomainEntity_CommonSecurityLog.yaml	40
Solutions/Threat Intelligence/Analytic Rules/DomainEntity_DeviceNetworkEvents.yaml	74
Solutions/Threat Intelligence/Analytic Rules/DomainEntity_DnsEvents.yaml	89
Solutions/Threat Intelligence/Analytic Rules/DomainEntity_EmailEvents.yaml	59
Solutions/Threat Intelligence/Analytic Rules/DomainEntity_EmailUrlInfo.yaml	74
Solutions/Threat Intelligence/Analytic Rules/DomainEntity_PaloAlto.yaml	65
Solutions/Threat Intelligence/Analytic Rules/DomainEntity_SecurityAlert.yaml	79
Solutions/Threat Intelligence/Analytic Rules/DomainEntity_Syslog.yaml	91
Solutions/Threat Intelligence/Analytic Rules/DomainEntity_imWebSession.yaml	50
Solutions/Threat Intelligence/Analytic Rules/EmailEntity_AzureActivity.yaml	70
Solutions/Threat Intelligence/Analytic Rules/EmailEntity_CloudAppEvents.yaml	38
Solutions/Threat Intelligence/Analytic Rules/EmailEntity_EmailEvents.yaml	58
Solutions/Threat Intelligence/Analytic Rules/EmailEntity_OfficeActivity.yaml	70
Solutions/Threat Intelligence/Analytic Rules/EmailEntity_PaloAlto.yaml	67
Solutions/Threat Intelligence/Analytic Rules/EmailEntity_SecurityAlert.yaml	75
Solutions/Threat Intelligence/Analytic Rules/EmailEntity_SecurityEvent.yaml	91
Solutions/Threat Intelligence/Analytic Rules/EmailEntity_SigninLogs.yaml	77
Solutions/Threat Intelligence/Analytic Rules/FileHashEntity_CommonSecurityLog.yaml	85
Solutions/Threat Intelligence/Analytic Rules/FileHashEntity_DeviceFileEvents.yaml	66
Solutions/Threat Intelligence/Analytic Rules/FileHashEntity_SecurityEvent.yaml	91
Solutions/Threat Intelligence/Analytic Rules/IPEntity_AWSCloudTrail.yaml	76
Solutions/Threat Intelligence/Analytic Rules/IPEntity_AppServiceHTTPLogs.yaml	92
Solutions/Threat Intelligence/Analytic Rules/IPEntity_AzureActivity.yaml	86
Solutions/Threat Intelligence/Analytic Rules/IPEntity_AzureFirewall.yaml	78
Solutions/Threat Intelligence/Analytic Rules/IPEntity_AzureKeyVault.yaml	70
Solutions/Threat Intelligence/Analytic Rules/IPEntity_AzureNetworkAnalytics.yaml	79
Solutions/Threat Intelligence/Analytic Rules/IPEntity_AzureSQL.yaml	70
Solutions/Threat Intelligence/Analytic Rules/IPEntity_CloudAppEvents.yaml	4
Solutions/Threat Intelligence/Analytic Rules/IPEntity_CustomSecurityLog.yaml	69
Solutions/Threat Intelligence/Analytic Rules/IPEntity_DeviceNetworkEvents.yaml	69
Solutions/Threat Intelligence/Analytic Rules/IPEntity_DnsEvents.yaml	77
Solutions/Threat Intelligence/Analytic Rules/IPEntity_DuoSecurity.yaml	54
Solutions/Threat Intelligence/Analytic Rules/IPEntity_OfficeActivity.yaml	75
Solutions/Threat Intelligence/Analytic Rules/IPEntity_SigninLogs.yaml	75
Solutions/Threat Intelligence/Analytic Rules/IPEntity_VMConnection.yaml	73
Solutions/Threat Intelligence/Analytic Rules/IPEntity_W3CIISLog.yaml	77
Solutions/Threat Intelligence/Analytic Rules/IPEntity_Workday.yaml	80
Solutions/Threat Intelligence/Analytic Rules/IPEntity_imNetworkSession.yaml	122
Solutions/Threat Intelligence/Analytic Rules/IPEntity_imWebSession.yaml	39
Solutions/Threat Intelligence/Analytic Rules/Threat Intel Matches to GitHub Audit Logs.yaml	28
Solutions/Threat Intelligence/Analytic Rules/URLEntity_AuditLogs.yaml	77
Solutions/Threat Intelligence/Analytic Rules/URLEntity_CloudAppEvents.yaml	4
Solutions/Threat Intelligence/Analytic Rules/URLEntity_DeviceNetworkEvents.yaml	73
Solutions/Threat Intelligence/Analytic Rules/URLEntity_EmailUrlInfo.yaml	69
Solutions/Threat Intelligence/Analytic Rules/URLEntity_OfficeActivity.yaml	53
Solutions/Threat Intelligence/Analytic Rules/URLEntity_PaloAlto.yaml	49
Solutions/Threat Intelligence/Analytic Rules/URLEntity_SecurityAlerts.yaml	71
Solutions/Threat Intelligence/Analytic Rules/URLEntity_Syslog.yaml	31
Solutions/Threat Intelligence/Analytic Rules/URLEntity_UrlClickEvents.yaml	72
Solutions/Threat Intelligence/Analytic Rules/imDns_DomainEntity_DnsEvents.yaml	109
Solutions/Threat Intelligence/Analytic Rules/imDns_IPEntity_DnsEvents.yaml	103
Solutions/Threat Intelligence/Hunting Queries/FileEntity_OfficeActivity.yaml	63
Solutions/Threat Intelligence/Hunting Queries/FileEntity_SecurityEvent.yaml	74
Solutions/Threat Intelligence/Hunting Queries/FileEntity_Syslog.yaml	65
Solutions/Threat Intelligence/Hunting Queries/FileEntity_VMConnection.yaml	70
Solutions/Threat Intelligence/Hunting Queries/FileEntity_WireData.yaml	69
Solutions/ThreatConnect/Analytic Rules/ThreatConnect_DomainEntity_DnsEvents.yaml	92
Solutions/ThreatConnect/Analytic Rules/ThreatConnect_EmailEntity_OfficeActivity.yaml	68
Solutions/ThreatConnect/Analytic Rules/ThreatConnect_EmailEntity_SigninLogs.yaml	83
Solutions/ThreatConnect/Analytic Rules/ThreatConnect_IPEntity_NetworkSessions.yaml	80
Solutions/ThreatConnect/Analytic Rules/ThreatConnect_URLEntity_OfficeActivity.yaml	54
Solutions/Tomcat/Analytic Rules/TomcatCommandsinRequest.yaml	31
Solutions/Tomcat/Analytic Rules/TomcatMultipleClientErrorsFromSingleIP.yaml	33
Solutions/Tomcat/Analytic Rules/TomcatMultipleEmptyRequestsFromSameIP.yaml	35
Solutions/Tomcat/Analytic Rules/TomcatMultipleServerErrorsFromSingleIP.yaml	35
Solutions/Tomcat/Analytic Rules/TomcatPutAndGetFileFromSameIP.yaml	44
Solutions/Tomcat/Analytic Rules/TomcatRequestFromLocalhostIP.yaml	35
Solutions/Tomcat/Analytic Rules/TomcatRequestSensitiveFiles.yaml	35
Solutions/Tomcat/Analytic Rules/TomcatSQLiPattern.yaml	30
Solutions/Tomcat/Analytic Rules/TomcatServerErrorsAfterMultipleRequestsFromSameIP.yaml	46
Solutions/Tomcat/Hunting Queries/Tomcat403RequestsFiles.yaml	25
Solutions/Tomcat/Hunting Queries/TomcatAbnormalRequestSize.yaml	36
Solutions/Tomcat/Hunting Queries/TomcatERRORs.yaml	24
Solutions/Tomcat/Hunting Queries/TomcatRareFilesRequested.yaml	27
Solutions/Tomcat/Hunting Queries/TomcatRareURLsRequested.yaml	25
Solutions/Tomcat/Hunting Queries/TomcatTopFilesWithErrorRequests.yaml	28
Solutions/Tomcat/Hunting Queries/TomcatTopURLsClientErrors.yaml	28
Solutions/Tomcat/Hunting Queries/TomcatTopURLsServerErrors.yaml	28
Solutions/Tomcat/Hunting Queries/TomcatUncommonUAs.yaml	25
Solutions/Tomcat/Hunting Queries/TomcatUncommonUAsWithClientErrors.yaml	27
Solutions/Tomcat/Hunting Queries/TomcatUncommonUAsWithServerErrors.yaml	27
Solutions/Tomcat/Parsers/TomcatEvent.yaml	67
Solutions/Training/Azure-Sentinel-Training-Lab/Artifacts/Scripts/IngestCSV.ps1	181
Solutions/TransmitSecurity/Data Connectors/TransmitSecurityConnector/__init__.py	126
Solutions/Trend Micro Apex One/Analytic Rules/TMApexOneAttackDiscoveryDetectionRisks.yaml	33
Solutions/Trend Micro Apex One/Analytic Rules/TMApexOneCommandLineSuspiciousRequests.yaml	34
Solutions/Trend Micro Apex One/Analytic Rules/TMApexOneDvcAccessPermissionWasChanged.yaml	46
Solutions/Trend Micro Apex One/Analytic Rules/TMApexOneInboundRemoteAccess.yaml	35
Solutions/Trend Micro Apex One/Analytic Rules/TMApexOneMultipleDenyOrTerminateActionOnSingleIp.yaml	33
Solutions/Trend Micro Apex One/Analytic Rules/TMApexOnePossibleExploitOrExecuteOperation.yaml	36
Solutions/Trend Micro Apex One/Analytic Rules/TMApexOneRiskCnCEvents.yaml	33
Solutions/Trend Micro Apex One/Analytic Rules/TMApexOneSpywareWithFailedResponse.yaml	34
Solutions/Trend Micro Apex One/Analytic Rules/TMApexOneSuspiciousConnections.yaml	35
Solutions/Trend Micro Apex One/Hunting Queries/TMApexOneBehaviorMonitoringTranslatedAction.yaml	45
Solutions/Trend Micro Apex One/Hunting Queries/TMApexOneBehaviorMonitoringTranslatedOperation.yaml	46
Solutions/Trend Micro Apex One/Hunting Queries/TMApexOneBehaviorMonitoringTriggeredPolicy.yaml	46
Solutions/Trend Micro Apex One/Hunting Queries/TMApexOneBehaviorMonitoringTypesOfEvent.yaml	38
Solutions/Trend Micro Apex One/Hunting Queries/TMApexOneChannelType.yaml	75
Solutions/Trend Micro Apex One/Hunting Queries/TMApexOneDataLossPreventionAction.yaml	69
Solutions/Trend Micro Apex One/Hunting Queries/TMApexOneRareAppProtocolByIP.yaml	148
Solutions/Trend Micro Apex One/Hunting Queries/TMApexOneSpywareDetection.yaml	27
Solutions/Trend Micro Apex One/Hunting Queries/TMApexOneSuspiciousFiles.yaml	27
Solutions/Trend Micro Apex One/Hunting Queries/TMApexOneTopSources.yaml	39
Solutions/Trend Micro Apex One/Parsers/TMApexOneEvent.yaml	79
Solutions/Trend Micro Cloud App Security/Analytic Rules/TrendMicroCASDLPViolation.yaml	29
Solutions/Trend Micro Cloud App Security/Analytic Rules/TrendMicroCASPossiblePhishingMail.yaml	34
Solutions/Trend Micro Cloud App Security/Analytic Rules/TrendMicroCASRansomwareOnHost.yaml	33
Solutions/Trend Micro Cloud App Security/Analytic Rules/TrendMicroCASRansomwareOutbreak.yaml	31
Solutions/Trend Micro Cloud App Security/Analytic Rules/TrendMicroCASSuspiciousFilename.yaml	30
Solutions/Trend Micro Cloud App Security/Analytic Rules/TrendMicroCASThreatNotBlocked.yaml	30
Solutions/Trend Micro Cloud App Security/Analytic Rules/TrendMicroCASUnexpectedFileInMail.yaml	33
Solutions/Trend Micro Cloud App Security/Analytic Rules/TrendMicroCASUnexpectedFileOnFileShare.yaml	33
Solutions/Trend Micro Cloud App Security/Analytic Rules/TrendMicroCASVAInfectedUser.yaml	34
Solutions/Trend Micro Cloud App Security/Analytic Rules/TrendMicroCASVAOutbreak.yaml	36
Solutions/Trend Micro Cloud App Security/Data Connectors/TrendMicroCASSentinelConnector/__init__.py	183
Solutions/Trend Micro Cloud App Security/Data Connectors/TrendMicroCASSentinelConnector/state_manager.py	18
Solutions/Trend Micro Cloud App Security/Hunting Queries/TrendMicroCASFilesOnShares.yaml	29
Solutions/Trend Micro Cloud App Security/Hunting Queries/TrendMicroCASInfectedFilesInEmails.yaml	26
Solutions/Trend Micro Cloud App Security/Hunting Queries/TrendMicroCASRansomwareThreats.yaml	24
Solutions/Trend Micro Cloud App Security/Hunting Queries/TrendMicroCASRareFilesRecievedViaEmail.yaml	26
Solutions/Trend Micro Cloud App Security/Hunting Queries/TrendMicroCASRiskyUsers.yaml	24
Solutions/Trend Micro Cloud App Security/Hunting Queries/TrendMicroCASScanDiscoveredThreats.yaml	29
Solutions/Trend Micro Cloud App Security/Hunting Queries/TrendMicroCASSuspiciousFilesSharepoint.yaml	25
Solutions/Trend Micro Cloud App Security/Hunting Queries/TrendMicroCASTopFilesRecievedViaEmail.yaml	25
Solutions/Trend Micro Cloud App Security/Hunting Queries/TrendMicroCASUserDLPViolations.yaml	24
Solutions/Trend Micro Cloud App Security/Hunting Queries/TrendMicroCASVAThreats.yaml	25
Solutions/Trend Micro Cloud App Security/Parsers/TrendMicroCAS.yaml	78
Solutions/Trend Micro Deep Security/Parsers/TrendMicroDeepSecurity.yaml	38
Solutions/Trend Micro TippingPoint/Parsers/TrendMicroTippingPoint.yaml	24
Solutions/Trend Micro Vision One/Analytic Rules/Create Incident for XDR Alerts.yaml	89
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/oat_pipeline_file_poison_qt/__init__.py	10
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/oat_pipeline_file_qt/__init__.py	42
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/oat_pipeline_task_poison_qt/__init__.py	10
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/oat_pipeline_task_qt/__init__.py	70
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/queue_trigger_oat_poison/__init__.py	10
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/queue_trigger_rca/__init__.py	63
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/queue_trigger_wb/__init__.py	113
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/queue_trigger_wb_poison/__init__.py	12
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/__init__.py	1
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/configurations.py	117
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/customized_logger/__init__.py	1
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/customized_logger/customized_json_logger.py	38
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/data_collector.py	80
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/decorators/__init__.py	1
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/decorators/timer.py	18
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/exceptions.py	2
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/models/__init__.py	1
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/models/oat.py	411
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/models/rca.py	1
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/models/workbench.py	36
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/services/__init__.py	1
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/services/oat_service.py	284
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/services/workbench_service.py	219
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/trace_utils/__init__.py	1
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/trace_utils/trace/__init__.py	1
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/trace_utils/trace/trace_manager.py	22
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/transform_utils.py	293
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/shared_code/utils.py	71
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/timer_trigger/__init__.py	104
Solutions/Trend Micro Vision One/Data Connectors/AzureFunctionTrendMicroXDR/timer_trigger_oat/__init__.py	105
Solutions/UEBA Essentials/Hunting Queries/Anomalous AAD Account Manipulation.yaml	26
Solutions/UEBA Essentials/Hunting Queries/Anomalous Account Creation.yaml	50
Solutions/UEBA Essentials/Hunting Queries/Anomalous Activity Role Assignment.yaml	36
Solutions/UEBA Essentials/Hunting Queries/Anomalous Code Execution.yaml	34
Solutions/UEBA Essentials/Hunting Queries/Anomalous Data Access.yaml	34
Solutions/UEBA Essentials/Hunting Queries/Anomalous Defensive Mechanism Modification.yaml	34
Solutions/UEBA Essentials/Hunting Queries/Anomalous Failed Logon.yaml	46
Solutions/UEBA Essentials/Hunting Queries/Anomalous Geo Location Logon.yaml	46
Solutions/UEBA Essentials/Hunting Queries/Anomalous Login to Devices.yaml	36
Solutions/UEBA Essentials/Hunting Queries/Anomalous Password Reset.yaml	49
Solutions/UEBA Essentials/Hunting Queries/Anomalous RDP Activity.yaml	35
Solutions/UEBA Essentials/Hunting Queries/Anomalous Resource Access.yaml	34
Solutions/UEBA Essentials/Hunting Queries/Anomalous Role Assignment.yaml	52
Solutions/UEBA Essentials/Hunting Queries/Anomalous Sign-in Activity.yaml	8
Solutions/UEBA Essentials/Hunting Queries/anomaliesOnVIPUsers.yaml	20
Solutions/UEBA Essentials/Hunting Queries/anomalousActionInTenant.yaml	22
Solutions/UEBA Essentials/Hunting Queries/dormantAccountActivityFromUncommonCountry.yaml	24
Solutions/UEBA Essentials/Hunting Queries/firstConnectionFromGroup.yaml	31
Solutions/UEBA Essentials/Hunting Queries/loginActivityFromBotnet.yaml	25
Solutions/UEBA Essentials/Hunting Queries/newAccountAddedToAdminGroup.yaml	22
Solutions/UEBA Essentials/Hunting Queries/terminatedEmployeeAccessHVA.yaml	27
Solutions/UEBA Essentials/Hunting Queries/terminatedEmployeeActivity.yaml	25
Solutions/UEBA Essentials/Hunting Queries/updateKeyVaultActivity.yaml	26
Solutions/Ubiquiti UniFi/Analytic Rules/UbiquitiCryptominer.yaml	34
Solutions/Ubiquiti UniFi/Analytic Rules/UbiquitiDestinationInTiList.yaml	40
Solutions/Ubiquiti UniFi/Analytic Rules/UbiquitiL2RFTP.yaml	36
Solutions/Ubiquiti UniFi/Analytic Rules/UbiquitiL2RLargeIcmp.yaml	43
Solutions/Ubiquiti UniFi/Analytic Rules/UbiquitiNonCorpDns.yaml	33
Solutions/Ubiquiti UniFi/Analytic Rules/UbiquitiR2LDns.yaml	36
Solutions/Ubiquiti UniFi/Analytic Rules/UbiquitiR2LRDP.yaml	32
Solutions/Ubiquiti UniFi/Analytic Rules/UbiquitiR2LSSH.yaml	32
Solutions/Ubiquiti UniFi/Analytic Rules/UbiquitiUnknownMacJoined.yaml	37
Solutions/Ubiquiti UniFi/Analytic Rules/UbiquitiUnusualTraffic.yaml	31
Solutions/Ubiquiti UniFi/Hunting Queries/UbiquitiDnsTimeOut.yaml	27
Solutions/Ubiquiti UniFi/Hunting Queries/UbiquitiInternalDnsServer.yaml	29
Solutions/Ubiquiti UniFi/Hunting Queries/UbiquitiRareInternalPorts.yaml	28
Solutions/Ubiquiti UniFi/Hunting Queries/UbiquitiTopBlockedDst.yaml	28
Solutions/Ubiquiti UniFi/Hunting Queries/UbiquitiTopBlockedExternalServices.yaml	47
Solutions/Ubiquiti UniFi/Hunting Queries/UbiquitiTopBlockedInternalServices.yaml	49
Solutions/Ubiquiti UniFi/Hunting Queries/UbiquitiTopBlockedSrc.yaml	29
Solutions/Ubiquiti UniFi/Hunting Queries/UbiquitiTopFirewallRules.yaml	22
Solutions/Ubiquiti UniFi/Hunting Queries/UbiquitiUnusualSubdomains.yaml	29
Solutions/Ubiquiti UniFi/Hunting Queries/UbiquitiVulnerableDevices.yaml	24
Solutions/Ubiquiti UniFi/Parsers/UbiquitiAuditEvent.yaml	183
Solutions/VMWareESXi/Analytic Rules/ESXiDormantVMStarted.yaml	57
Solutions/VMWareESXi/Analytic Rules/ESXiLowPatchDiskSpace.yaml	33
Solutions/VMWareESXi/Analytic Rules/ESXiLowTempDirSpace.yaml	33
Solutions/VMWareESXi/Analytic Rules/ESXiMultipleNewVM.yaml	46
Solutions/VMWareESXi/Analytic Rules/ESXiMultipleVMStopped.yaml	43
Solutions/VMWareESXi/Analytic Rules/ESXiNewVM.yaml	39
Solutions/VMWareESXi/Analytic Rules/ESXiRootImpersonation.yaml	30
Solutions/VMWareESXi/Analytic Rules/ESXiRootLogin.yaml	40
Solutions/VMWareESXi/Analytic Rules/ESXiSharedOrStolenRootAccount.yaml	33
Solutions/VMWareESXi/Analytic Rules/ESXiUnexpectedDiskImage.yaml	39
Solutions/VMWareESXi/Analytic Rules/ESXiVMStopped.yaml	35
Solutions/VMWareESXi/Hunting Queries/ESXiDormantUsers.yaml	25
Solutions/VMWareESXi/Hunting Queries/ESXiDownloadErrors.yaml	23
Solutions/VMWareESXi/Hunting Queries/ESXiNFCDownloadActivities.yaml	27
Solutions/VMWareESXi/Hunting Queries/ESXiRootLoginFailure.yaml	25
Solutions/VMWareESXi/Hunting Queries/ESXiRootLogins.yaml	25
Solutions/VMWareESXi/Hunting Queries/ESXiUnusedVMs.yaml	57
Solutions/VMWareESXi/Hunting Queries/ESXiVMHighLoad.yaml	28
Solutions/VMWareESXi/Hunting Queries/ESXiVMPoweredOff.yaml	26
Solutions/VMWareESXi/Hunting Queries/ESXiVMPoweredOn.yaml	26
Solutions/VMWareESXi/Hunting Queries/ESXiVirtualImagesList.yaml	26
Solutions/VMWareESXi/Parsers/VMwareESXi.yaml	23
Solutions/VMware Carbon Black Cloud/Analytic Rules/CriticalThreatDetected.yaml	36
Solutions/VMware Carbon Black Cloud/Analytic Rules/KnownMalwareDetected.yaml	38
Solutions/VMware Carbon Black Cloud/Data Connectors/AzureFunctionVMwareCarbonBlack/AlertsApiTimer/run.ps1	307
Solutions/VMware Carbon Black Cloud/Data Connectors/AzureFunctionVMwareCarbonBlack/AuditEventsAlertsTimer/run.ps1	375
Solutions/VMware Carbon Black Cloud/Data Connectors/profile.ps1	18
Solutions/VMware Carbon Black Cloud/Data Connectors/requirements.psd1	9
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sase-cws-policy-publish.yaml	39
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sase-cws-policychange.yaml	45
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sase-cws-policyviolation.yaml	48
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sase-cwsdlp-violation.yaml	51
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sdwan-device-congestion.yaml	39
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sdwan-idps-alert-api.yaml	51
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sdwan-idps-alert-syslog.yaml	86
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sdwan-idps-update-success.yaml	43
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sdwan-idps-updatefailed.yaml	45
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sdwan-ipfrag-attempt.yaml	67
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sdwan-lanside-devicedetect.yaml	51
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sdwan-nsd-cssdown.yaml	38
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sdwan-orchestrator-config-change.yaml	45
Solutions/VMware SD-WAN and SASE/Analytic Rules/vmw-sdwan-rpfcheck.yaml	66
Solutions/VMware SD-WAN and SASE/Data Connectors/Function App Connector/vmw_sdwan_sase_funcapp/cws_dlplogs/__init__.py	283
Solutions/VMware SD-WAN and SASE/Data Connectors/Function App Connector/vmw_sdwan_sase_funcapp/cws_healthcheck/__init__.py	179
Solutions/VMware SD-WAN and SASE/Data Connectors/Function App Connector/vmw_sdwan_sase_funcapp/cws_weblogs/__init__.py	248
Solutions/VMware SD-WAN and SASE/Data Connectors/Function App Connector/vmw_sdwan_sase_funcapp/sdwan_auditlogs/__init__.py	291
Solutions/VMware SD-WAN and SASE/Data Connectors/Function App Connector/vmw_sdwan_sase_funcapp/sdwan_efslogs/__init__.py	547
Solutions/VMware SD-WAN and SASE/Hunting Queries/VECOfrequentFailedLogins.yaml	27
Solutions/VMware vCenter/Analytic Rules/vCenter-Root impersonation.yaml	29
Solutions/VMware vCenter/Analytic Rules/vCenterRootLogin.yaml	37
Solutions/VMware vCenter/Parsers/vCenter.yaml	31
Solutions/Valence Security/Analytic Rules/ValenceAlerts.yaml	34
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Constants.cs	13
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/DatAlert/DatAlertClient.cs	143
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/DatAlert/DatAlertClientFake.cs	57
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/DatAlert/DatAlertParams.cs	13
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/DatAlert/IDatAlertClient.cs	10
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/FetchDataFunction.cs	72
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Helpers/AlertExtensions.cs	24
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Helpers/BaseMapper.cs	13
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Helpers/CustomParser.cs	25
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Helpers/ParametersToValuesConverter.cs	38
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Helpers/SearchAlertObjectMapper.cs	104
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Helpers/SearchConverter.cs	29
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/LogAnalytics/ILogAnalyticsStorage.cs	8
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/LogAnalytics/LogAnalyticsCollector.cs	25
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/LogAnalytics/LogAnalyticsFake.cs	22
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/LogAnalytics/LogAnalyticsMonitor.cs	12
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/AlertSearchQueryBuilder.cs	158
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/AlertAttributes.cs	86
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/AlertItem.cs	39
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/EmOperator.cs	25
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/Filter.cs	13
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/FilterGroup.cs	12
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/FilterOperator.cs	8
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/RowDataRequest.cs	9
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/Rule.cs	8
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/SearchQuery.cs	9
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/SearchRequest.cs	11
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/SearchResponseLink.cs	11
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/SearchResultType.cs	16
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/Model/SearchRowsResponse.cs	8
Solutions/VaronisSaaS/Data Connectors/VaronisSaaSFunction/Varonis.Sentinel.Functions/Search/SearchRequestBuilder.cs	46
Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-Account-Detections.yaml	94
Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-Account-by-Severity.yaml	37
Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-HighSeverityDetection-by-Tactics.yaml	114
Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-Host-Detections.yaml	87
Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-Host-by-Severity.yaml	87
Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-NewCampaign.yaml	62
Solutions/Vectra AI Detect/Analytic Rules/VectraDetect-Suspected-Behavior-by-Tactics.yaml	100
Solutions/Vectra AI Stream/Parsers/VectraStream_function.yaml	460
Solutions/Vectra AI Stream/Parsers/vectra_beacon.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_dcerpc.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_dhcp.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_dns.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_http.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_isession.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_kerberos.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_ldap.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_match.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_ntlm.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_radius.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_rdp.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_smbfiles.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_smbmapping.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_smtp.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_ssh.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_ssl.yaml	17
Solutions/Vectra AI Stream/Parsers/vectra_stream.yaml	13
Solutions/Vectra AI Stream/Parsers/vectra_x509.yaml	17
Solutions/Vectra XDR/Analytic Rules/Create_Incident_Based_On_Tag_For_Account_Entity.yaml	53
Solutions/Vectra XDR/Analytic Rules/Create_Incident_Based_On_Tag_For_Host_Entity.yaml	56
Solutions/Vectra XDR/Analytic Rules/Detection_Account.yaml	61
Solutions/Vectra XDR/Analytic Rules/Detection_Host.yaml	61
Solutions/Vectra XDR/Analytic Rules/Priority_Account.yaml	52
Solutions/Vectra XDR/Analytic Rules/Priority_Host.yaml	52
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/AccountEntities/__init__.py	57
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/AccountEntities/account_entity_collector.py	47
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/Audits/__init__.py	74
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/Audits/audits_collector.py	17
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/Detections/__init__.py	75
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/Detections/detections_collector.py	19
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/EntityScoring/__init__.py	79
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/EntityScoring/entity_scoring_collector.py	48
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/Health/__init__.py	74
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/Health/health_collector.py	20
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/HostEntities/__init__.py	57
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/HostEntities/host_entity_collector.py	46
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/Lockdown/__init__.py	76
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/Lockdown/lockdown_collector.py	20
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/SharedCode/__init__.py	1
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/SharedCode/azure_sentinel.py	83
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/SharedCode/collector.py	1099
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/SharedCode/consts.py	65
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/SharedCode/keyvault_secrets_management.py	32
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/SharedCode/logger.py	12
Solutions/Vectra XDR/Data Connectors/VectraDataConnector/SharedCode/state_manager.py	22
Solutions/Vectra XDR/Parsers/VectraAudits.yaml	48
Solutions/Vectra XDR/Parsers/VectraDetections.yaml	71
Solutions/Vectra XDR/Parsers/VectraEntityScoring.yaml	59
Solutions/Vectra XDR/Parsers/VectraHealth.yaml	51
Solutions/Vectra XDR/Parsers/VectraLockdown.yaml	36
Solutions/Veritas NetBackup/Analytic Rules/NetBackup_many_Anomalies.yaml	38
Solutions/Veritas NetBackup/Analytic Rules/NetBackup_many_login_fail.yaml	38
Solutions/Votiro/Analytic Rules/VotiroFileBlockedFromConnector.yaml	52
Solutions/Votiro/Analytic Rules/VotiroFileBlockedInEmail.yaml	51
Solutions/Watchguard Firebox/Parsers/WatchGuardFirebox.yaml	45
Solutions/Web Session Essentials/Analytic Rules/CommandInURL.yaml	81
Solutions/Web Session Essentials/Analytic Rules/DataExfiltrationTimeSeriesAnomaly.yaml	245
Solutions/Web Session Essentials/Analytic Rules/DiscordCDNRiskyFileDownload.yaml	90
Solutions/Web Session Essentials/Analytic Rules/KnownMaliciousUserAgents.yaml	84
Solutions/Web Session Essentials/Analytic Rules/LocalFileInclusion-LFI.yaml	80
Solutions/Web Session Essentials/Analytic Rules/MultipleClientErrorsWithinShortTime.yaml	67
Solutions/Web Session Essentials/Analytic Rules/MultipleServerErrorsWithinShortTime.yaml	70
Solutions/Web Session Essentials/Analytic Rules/MultipleUAsFromSingleIP.yaml	62
Solutions/Web Session Essentials/Analytic Rules/PossibleMaliciousDoubleExtension.yaml	88
Solutions/Web Session Essentials/Analytic Rules/PotentionalFileEnumeration.yaml	75
Solutions/Web Session Essentials/Analytic Rules/PrivateIPInURL.yaml	110
Solutions/Web Session Essentials/Analytic Rules/RareUserAgentDetected.yaml	149
Solutions/Web Session Essentials/Analytic Rules/RarelyRequestedResources.yaml	101
Solutions/Web Session Essentials/Analytic Rules/RequestToPotentiallyHarmfulFileTypes.yaml	112
Solutions/Web Session Essentials/Analytic Rules/ThreatInfoFoundInWebRequests.yaml	90
Solutions/Web Session Essentials/Hunting Queries/EmptyUserAgent.yaml	65
Solutions/Web Session Essentials/Hunting Queries/ExcessiveForbiddenRequestsDetected.yaml	50
Solutions/Web Session Essentials/Hunting Queries/IPAddressInURL.yaml	55
Solutions/Web Session Essentials/Hunting Queries/KaliLinuxUserAgentDetected.yaml	20
Solutions/Web Session Essentials/Hunting Queries/PotentialBeaconingDetected_LimitedDomainBased.yaml	54
Solutions/Web Session Essentials/Hunting Queries/PotentialBeaconingDetected_SimilarSrcBytes.yaml	53
Solutions/Web Session Essentials/Hunting Queries/PotentialBeaconingDetected_TimeDelta.yaml	58
Solutions/Web Session Essentials/Hunting Queries/RequestFromBotsAndCrawlers.yaml	42
Solutions/Web Session Essentials/Hunting Queries/ThreatInfoFoundInWebRequests.yaml	51
Solutions/Web Shells Threat Protection/Analytic Rules/MaliciousAlertLinkedWebRequests.yaml	85
Solutions/Web Shells Threat Protection/Analytic Rules/PotentialMercury_Webshell.yaml	64
Solutions/Web Shells Threat Protection/Analytic Rules/Supernovawebshell.yaml	63
Solutions/Web Shells Threat Protection/Hunting Queries/Possible webshell drop.yaml	32
Solutions/Web Shells Threat Protection/Hunting Queries/PotentialWebshell.yaml	30
Solutions/Web Shells Threat Protection/Hunting Queries/SpringshellWebshellUsage.yaml	35
Solutions/Web Shells Threat Protection/Hunting Queries/WebShellActivity.yaml	62
Solutions/Web Shells Threat Protection/Hunting Queries/exchange-iis-worker-dropping-webshell.yaml	33
Solutions/Web Shells Threat Protection/Hunting Queries/umworkerprocess-creating-webshell.yaml	30
Solutions/Windows Forwarded Events/Analytic Rules/CaramelTsunami_IOC_WindowsEvent.yaml	45
Solutions/Windows Forwarded Events/Analytic Rules/ChiaCryptoMining_WindowsEvent.yaml	38
Solutions/Windows Forwarded Events/Analytic Rules/moveit_file_transfer_above_threshold.yaml	62
Solutions/Windows Forwarded Events/Analytic Rules/moveit_file_transfer_folders_above_threshold.yaml	62
Solutions/Windows Security Events/Analytic Rules/ADFSDBNamedPipeConnection.yaml	77
Solutions/Windows Security Events/Analytic Rules/ADFSRemoteAuthSyncConnection.yaml	89
Solutions/Windows Security Events/Analytic Rules/ADFSRemoteHTTPNetworkConnection.yaml	76
Solutions/Windows Security Events/Analytic Rules/ExcessiveLogonFailures.yaml	91
Solutions/Windows Security Events/Analytic Rules/ExchangeOABVirtualDirectoryAttributeContainingPotentialWebshell.yaml	47
Solutions/Windows Security Events/Analytic Rules/GainCodeExecutionADFSViaSMB.yaml	65
Solutions/Windows Security Events/Analytic Rules/LocalDeviceJoinInfoAndTransportKeyRegKeysAccess.yaml	106
Solutions/Windows Security Events/Analytic Rules/MultipleFailedFollowedBySuccess.yaml	74
Solutions/Windows Security Events/Analytic Rules/NRT_SecurityEventLogCleared.yaml	25
Solutions/Windows Security Events/Analytic Rules/NRT_base64_encoded_pefile.yaml	45
Solutions/Windows Security Events/Analytic Rules/NRT_execute_base64_decodedpayload.yaml	52
Solutions/Windows Security Events/Analytic Rules/NewEXEdeployedviaDefaultDomainorDefaultDomainControllerPolicies.yaml	53
Solutions/Windows Security Events/Analytic Rules/NonDCActiveDirectoryReplication.yaml	70
Solutions/Windows Security Events/Analytic Rules/PotentialFodhelperUACBypass.yaml	37
Solutions/Windows Security Events/Analytic Rules/Potentialre-namedsdeleteusage.yaml	33
Solutions/Windows Security Events/Analytic Rules/ScheduleTaskHide.yaml	39
Solutions/Windows Security Events/Analytic Rules/SdeletedeployedviaGPOandrunrecursively.yaml	41
Solutions/Windows Security Events/Analytic Rules/StartStopHealthService.yaml	45
Solutions/Windows Security Events/Analytic Rules/TimeSeriesAnomaly-ProcessExecutions.yaml	57
Solutions/Windows Security Events/Analytic Rules/password_not_set.yaml	74
Solutions/Windows Security Events/Hunting Queries/ADAccountLockouts.yaml	20
Solutions/Windows Security Events/Hunting Queries/CommandsexecutedbyWMIonnewhosts-potentialImpacket.yaml	55
Solutions/Windows Security Events/Hunting Queries/Crashdumpdisabledonhost.yaml	44
Solutions/Windows Security Events/Hunting Queries/CreateDCInstallationMedia.yaml	50
Solutions/Windows Security Events/Hunting Queries/CustomUserList_FailedLogons.yaml	95
Solutions/Windows Security Events/Hunting Queries/DecoyUserAccountAuthenticationAttempt.yaml	41
Solutions/Windows Security Events/Hunting Queries/Discorddownloadinvokedfromcmdline.yaml	45
Solutions/Windows Security Events/Hunting Queries/ExchangePowerShellSnapin.yaml	43
Solutions/Windows Security Events/Hunting Queries/FailedUserLogons.yaml	37
Solutions/Windows Security Events/Hunting Queries/GroupAddedToPrivlegeGroup.yaml	70
Solutions/Windows Security Events/Hunting Queries/HostExportingMailboxAndRemovingExport.yaml	57
Solutions/Windows Security Events/Hunting Queries/HostsWithNewLogons.yaml	66
Solutions/Windows Security Events/Hunting Queries/InternalProxies.yaml	51
Solutions/Windows Security Events/Hunting Queries/Invoke-PowerShellTcpOneLine.yaml	46
Solutions/Windows Security Events/Hunting Queries/KrbRelayUpServiceCreation.yaml	37
Solutions/Windows Security Events/Hunting Queries/Least_Common_Parent_Child_Process.yaml	35
Solutions/Windows Security Events/Hunting Queries/Least_Common_Process_Command_Lines.yaml	32
Solutions/Windows Security Events/Hunting Queries/Least_Common_Process_With_Depth.yaml	30
Solutions/Windows Security Events/Hunting Queries/MSRPRN_Printer_Bug_Exploitation.yaml	45
Solutions/Windows Security Events/Hunting Queries/MultipleExplicitCredentialUsage4648Events.yaml	76
Solutions/Windows Security Events/Hunting Queries/NewChildProcessOfW3WP.yaml	48
Solutions/Windows Security Events/Hunting Queries/NishangReverseTCPShellBase64.yaml	44
Solutions/Windows Security Events/Hunting Queries/PowerCatDownload.yaml	30
Solutions/Windows Security Events/Hunting Queries/ProcessEntropy.yaml	150
Solutions/Windows Security Events/Hunting Queries/RareProcbyServiceAccount.yaml	84
Solutions/Windows Security Events/Hunting Queries/RareProcessPath.yaml	88
Solutions/Windows Security Events/Hunting Queries/RareProcessWithCmdLine.yaml	51
Solutions/Windows Security Events/Hunting Queries/RareProcess_forWinHost.yaml	49
Solutions/Windows Security Events/Hunting Queries/RemoteScheduledTaskCreationUpdateviaSchtasks.yaml	22
Solutions/Windows Security Events/Hunting Queries/ServiceInstallationFromUsersWritableDirectory.yaml	38
Solutions/Windows Security Events/Hunting Queries/SuspectedLSASSDump.yaml	33
Solutions/Windows Security Events/Hunting Queries/SuspiciousCommandlineTokenLolbas.yaml	40
Solutions/Windows Security Events/Hunting Queries/Suspicious_Windows_Login_outside_normal_hours.yaml	123
Solutions/Windows Security Events/Hunting Queries/Suspicious_enumeration_using_adfind.yaml	65
Solutions/Windows Security Events/Hunting Queries/User Logons By Logon Type.yaml	23
Solutions/Windows Security Events/Hunting Queries/UserAccountAddedToPrivlegeGroup.yaml	51
Solutions/Windows Security Events/Hunting Queries/UserAccountCreatedDeleted.yaml	58
Solutions/Windows Security Events/Hunting Queries/UserAdd_RemToGroupByUnauthorizedUser.yaml	46
Solutions/Windows Security Events/Hunting Queries/UserCreatedByUnauthorizedUser.yaml	47
Solutions/Windows Security Events/Hunting Queries/VIPAccountFailedLogons.yaml	37
Solutions/Windows Security Events/Hunting Queries/WindowsSystemShutdownReboot.yaml	39
Solutions/Windows Security Events/Hunting Queries/WindowsSystemTimeChange.yaml	42
Solutions/Windows Security Events/Hunting Queries/cscript_summary.yaml	38
Solutions/Windows Security Events/Hunting Queries/enumeration_user_and_group.yaml	46
Solutions/Windows Security Events/Hunting Queries/masquerading_files.yaml	47
Solutions/Windows Security Events/Hunting Queries/new_processes.yaml	47
Solutions/Windows Security Events/Hunting Queries/persistence_create_account.yaml	39
Solutions/Windows Security Events/Hunting Queries/powershell_downloads.yaml	48
Solutions/Windows Security Events/Hunting Queries/powershell_newencodedscipts.yaml	64
Solutions/Windows Security Events/Hunting Queries/uncommon_processes.yaml	57
Solutions/Windows Server DNS/Analytic Rules/DNS_HighNXDomainCount_detection.yaml	39
Solutions/Windows Server DNS/Analytic Rules/DNS_HighReverseDNSCount_detection.yaml	31
Solutions/Windows Server DNS/Analytic Rules/DNS_Miners.yaml	47
Solutions/Windows Server DNS/Analytic Rules/DNS_TorProxies.yaml	42
Solutions/Windows Server DNS/Analytic Rules/NRT_DNS_Related_To_Mining_Pools.yaml	43
Solutions/Windows Server DNS/Hunting Queries/DNS_CommonlyAbusedTLDs.yaml	7
Solutions/Windows Server DNS/Hunting Queries/DNS_DomainAnomalousLookupIncrease.yaml	73
Solutions/Windows Server DNS/Hunting Queries/DNS_FullNameAnomalousLookupIncrease.yaml	69
Solutions/Windows Server DNS/Hunting Queries/DNS_HighPercentNXDomainCount.yaml	100
Solutions/Windows Server DNS/Hunting Queries/DNS_HighReverseDNSCount.yaml	24
Solutions/Windows Server DNS/Hunting Queries/DNS_LongURILookup.yaml	57
Solutions/Windows Server DNS/Hunting Queries/DNS_WannaCry.yaml	45
Solutions/Windows Server DNS/Hunting Queries/Solorigate-DNS-Pattern.yaml	45
Solutions/Windows Server DNS/Hunting Queries/Solorigate-Encoded-Domain-URL.yaml	44
Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/__init__.py	1
Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/function_app.py	80
Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib/__init__.py	1
Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib/azure_storage_table.py	47
Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib/events_formatter.py	113
Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib/log_ingestion_api.py	17
Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib/message_factory.py	526
Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib/withsecure_client.py	146
Solutions/WithSecureElementsViaFunction/Data Connectors/WithSecureElementsAzureFunction/lib/ws_connector.py	25
Solutions/Workplace from Facebook/Data Connectors/WorkplaceFacebook/WorkplaceWebhooksTrigger/__init__.py	92
Solutions/Workplace from Facebook/Parsers/Workplace_Facebook.yaml	23
Solutions/ZeroFox/Analytic Rules/ZF_Alerts_HighSeverityRule.yaml	33
Solutions/ZeroFox/Analytic Rules/ZF_Alerts_InformationalSeverityRule.yaml	33
Solutions/ZeroFox/Analytic Rules/ZF_Alerts_LowSeverityRule.yaml	33
Solutions/ZeroFox/Analytic Rules/ZF_Alerts_MediumSeverityRule.yaml	33
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/advanced_dark_web_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/botnet_compromised_credentials_connector/__init__.py	56
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/botnet_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/breaches_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/c2_domains_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/compromised_credentials_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/connections/__init__.py	1
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/connections/exceptions.py	12
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/connections/sentinel.py	136
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/connections/zerofox.py	79
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/credit_cards_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/dark_web_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/discord_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/disruption_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/email_addresses_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/exploits_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/irc_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/malware_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/national_ids_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/phishing_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/phone_numbers_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/ransomware_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/telegram_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/threat_actors_connector/__init__.py	54
Solutions/ZeroFox/Data Connectors/CTI/AzureFunctionZeroFoxCTI/vulnerabilities_connector/__init__.py	54
Solutions/ZeroNetworks/Analytic Rules/ZNSegmentMachineRemovedfromProtection.yaml	35
Solutions/ZeroNetworks/Analytic Rules/ZNSegmentNewAPIToken.yaml	31
Solutions/ZeroNetworks/Analytic Rules/ZNSegmentRareJITRuleCreation.yaml	51
Solutions/ZeroNetworks/Data Connectors/SegmentFunctionConnector/AzureFunction_ZeroNetworks_Segment_Audit/ZeroNetworks_Segment_Audit_TimeTrigger/run.ps1	129
Solutions/ZeroNetworks/Data Connectors/SegmentFunctionConnector/AzureFunction_ZeroNetworks_Segment_Audit/profile.ps1	18
Solutions/ZeroNetworks/Data Connectors/SegmentFunctionConnector/AzureFunction_ZeroNetworks_Segment_Audit/requirements.psd1	7
Solutions/ZeroNetworks/Hunting Queries/ZNSegmentExcessiveAccessbyUser.yaml	39
Solutions/ZeroNetworks/Hunting Queries/ZNSegmentExcessiveAccesstoBuiltinGroupbyUser.yaml	39
Solutions/ZeroNetworks/Hunting Queries/ZNSegmentInboundBlockRulesDeleted.yaml	34
Solutions/ZeroNetworks/Hunting Queries/ZNSegmentOutboundBlockRulesDeleted.yaml	34
Solutions/ZeroNetworks/Parsers/ZNSegmentAudit.yaml	208
Solutions/ZeroNetworks/Playbooks/ZeroNetworksConnector/ZeroNetworks-swagger.yaml	379
Solutions/ZeroTrust(TIC3.0)/Analytic Rules/Zero_Trust_TIC3.0_ControlAssessmentPostureChange.yaml	48
Solutions/Zinc Open Source/Analytic Rules/ZincOctober2022_AVHits_IOC.yaml	49
Solutions/Zinc Open Source/Analytic Rules/ZincOctober2022_Filename_Commandline_IOC.yaml	76
Solutions/Zinc Open Source/Analytic Rules/ZincOctober2022_IP_Domain_Hash_IOC.yaml	195
Solutions/ZoomReports/Data Connectors/ZoomSentinelConnector/__init__.py	299
Solutions/ZoomReports/Data Connectors/ZoomSentinelConnector/state_manager.py	18
Solutions/ZoomReports/Parsers/Zoom.yaml	109
Solutions/Zscaler Internet Access/Analytic Rules/DiscordCDNRiskyDownload.yaml	50
Solutions/Zscaler Internet Access/Analytic Rules/Zscaler-LowVolumeDomainRequests.yaml	53
Solutions/Zscaler Internet Access/Parsers/ZScalerFW_Parser.csl	27
Solutions/Zscaler Internet Access/Parsers/ZScalerFW_Parser.yaml	22
Solutions/Zscaler Internet Access/Parsers/ZScalerWeb_Parser.csl	34
Solutions/Zscaler Internet Access/Parsers/ZScalerWeb_Parser.yaml	29
Solutions/Zscaler Private Access (ZPA)/Analytic Rules/ZscalerSharedZPASession.yaml	54
Solutions/Zscaler Private Access (ZPA)/Analytic Rules/ZscalerUnexpectedCountEventResult.yaml	33
Solutions/Zscaler Private Access (ZPA)/Analytic Rules/ZscalerUnexpectedCountries.yaml	36
Solutions/Zscaler Private Access (ZPA)/Analytic Rules/ZscalerUnexpectedUpdateOperation.yaml	37
Solutions/Zscaler Private Access (ZPA)/Analytic Rules/ZscalerZPAConnectionsByDormantUser.yaml	38
Solutions/Zscaler Private Access (ZPA)/Analytic Rules/ZscalerZPAConnectionsByNewUser.yaml	37
Solutions/Zscaler Private Access (ZPA)/Analytic Rules/ZscalerZPAConnectionsFromNewCountry.yaml	39
Solutions/Zscaler Private Access (ZPA)/Analytic Rules/ZscalerZPAConnectionsFromNewIP.yaml	43
Solutions/Zscaler Private Access (ZPA)/Analytic Rules/ZscalerZPAConnectionsOutsideOperationalHours.yaml	33
Solutions/Zscaler Private Access (ZPA)/Analytic Rules/ZscalerZPAUnexpectedSessionDuration.yaml	52
Solutions/Zscaler Private Access (ZPA)/Hunting Queries/ZscalerAbnormalTotalBytesSize.yaml	26
Solutions/Zscaler Private Access (ZPA)/Hunting Queries/ZscalerApplicationByUsers.yaml	24
Solutions/Zscaler Private Access (ZPA)/Hunting Queries/ZscalerConnectionCloseReason.yaml	31
Solutions/Zscaler Private Access (ZPA)/Hunting Queries/ZscalerIPsByPorts.yaml	24
Solutions/Zscaler Private Access (ZPA)/Hunting Queries/ZscalerSourceLocation.yaml	24
Solutions/Zscaler Private Access (ZPA)/Hunting Queries/ZscalerTopConnectors.yaml	26
Solutions/Zscaler Private Access (ZPA)/Hunting Queries/ZscalerTopSourceIP.yaml	25
Solutions/Zscaler Private Access (ZPA)/Hunting Queries/ZscalerUrlhostname.yaml	25
Solutions/Zscaler Private Access (ZPA)/Hunting Queries/ZscalerUserAccessGroups.yaml	23
Solutions/Zscaler Private Access (ZPA)/Hunting Queries/ZscalerUserServerErrors.yaml	25
Solutions/iboss/Parsers/ibossUrlEvent.yaml	42
Solutions/vArmour Application Controller/Analytic Rules/vArmourApplicationControllerSMBRealmTraversal.yaml	43