Downloadable rule updates
editDownloadable rule updates
editThis section lists all updates to prebuilt detection rules, made available with the Prebuilt Security Detection Rules integration in Fleet.
To update your installed rules to the latest versions, follow the instructions in Update Elastic prebuilt rules.
For previous rule updates, please navigate to the last version.
Update version | Date | New rules | Updated rules | Notes |
---|---|---|---|---|
11 Nov 2024 |
21 |
116 |
This release includes new rules for Windows, Linux, AWS, and Azure integration. New rules for Windows include detection for initial access. New rules for Linux include detection for defense evasion, command and control, impact, discovery, execution and exfiltration. New rules for AWS include detection for privilege escalation, exfiltration, execution, discovery and persistence. New rules for Azure include detection for credential access. Additionally, significant rule tuning for Windows and AWS rules has been added for better rule efficacy and performance. |