Skip to content

cmcclenny/protections-artifacts

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ATT&CK navigator coverage

Protections Artifacts

Elastic Security prevents ransomware and malware, detects advanced threats, and arms responders with vital context. It’s free and open, ready for every endpoint.

Protections-Artifacts is the home of our detection logic (rules, yara, etc) for Elastic Security for endpoint. At Elastic, we believe that being open and transparent is critical for the success of us and our users. Check out our blog post if you are interested in additional background.

Directory

Below you will find the artifacts we have opened in this repository:

Folder Description
behavior/ EQL based malicious behavior rules
yara/ Yara rules for malware protection
ransomware/ Elastic ransomware protection artifact

Questions? Problems? Suggestions?

If you would like you to provide feedback or contribute to this repository, please familiarize yourself with the applicable artifact’s readme and open an issue using one of the provided templates. We cannot accept pull requests at this time because this repository is automatically generated.

You can also reach us in our Slack Workspace or in the Security Discuss forum.

License

Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one or more contributor license agreements. Licensed under the Elastic License 2.0; you may not use these artifacts except in compliance with the Elastic License 2.0

Contributors must sign a Contributor License Agreement before contributing code to any Elastic repositories.

About

Elastic Security detection content for Endpoint

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • YARA 88.1%
  • Lua 11.6%
  • Other 0.3%