Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

adding additional alert rules to gcp privesc pack #124

Merged
merged 2 commits into from
Jul 11, 2024
Merged

adding additional alert rules to gcp privesc pack #124

merged 2 commits into from
Jul 11, 2024

Conversation

mikiodehartj1
Copy link
Contributor

QA Checklist

Alerts Rule Packs

  • IF THIS CONTENT NEEDS TO BE RELEASED - is the package version in the package.json bumped?
  • Does a related alert already exist, and should it be tweaked or added to instead?
  • Test each query to make sure it works
  • Look for hardcoded variables/parameter values in the query
  • Consider Severity for Alerts
  • Spellcheck
  • Use all caps for J1QL keywords and relationship classes
  • Upload the alerts rule pack JSON into JupiterOne to validate

@mikiodehartj1 mikiodehartj1 requested a review from a team as a code owner July 11, 2024 17:47
@socket-security Socket Security
Copy link

socket-security bot commented Jul 11, 2024
edited
Loading

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package New capabilities Transitives Size Publisher
npm/@jupiterone/[email protected] Transitive: environment, filesystem, shell +31 3.31 MB
npm/@types/[email protected] None +1 2.16 MB types
npm/[email protected] Transitive: environment, filesystem, network, shell, unsafe +27 227 MB hirokiosame
npm/[email protected] None 0 21.9 MB typescript-bot

🚮 Removed packages: npm/@jupiterone/[email protected], npm/@types/[email protected], npm/[email protected], npm/[email protected]

View full report↗︎

@SeaBlooms SeaBlooms changed the title adding additional questions to gcp privesc adding additional alert rules to gcp privesc pack Jul 11, 2024
SeaBlooms
SeaBlooms requested changes Jul 11, 2024
View reviewed changes
Copy link
Contributor

@SeaBlooms SeaBlooms left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

couple typos and then should be ready for merge

rule-packs/gcp-privilege-escalation.json Outdated Show resolved Hide resolved
rule-packs/gcp-privilege-escalation.json Outdated Show resolved Hide resolved
rule-packs/gcp-privilege-escalation.json Outdated Show resolved Hide resolved
rule-packs/gcp-privilege-escalation.json Outdated Show resolved Hide resolved
@mikiodehartj1 mikiodehartj1 requested a review from SeaBlooms July 11, 2024 18:24
@SeaBlooms SeaBlooms merged commit 1d879fb into main Jul 11, 2024
10 checks passed
@SeaBlooms SeaBlooms deleted the KNO-406a branch July 11, 2024 19:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@erincrawford erincrawford erincrawford left review comments

@SeaBlooms SeaBlooms SeaBlooms approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@mikiodehartj1 @SeaBlooms @erincrawford