From e0417b738fbfa6056a49d6e9cbf1dbfbe9a9e9cc Mon Sep 17 00:00:00 2001
From: mikiodehartj1 <113941652+mikiodehartj1@users.noreply.github.com>
Date: Wed, 13 Nov 2024 11:13:02 -0700
Subject: [PATCH] Removing the segmentation queries for now

---
 ...e-attck-lateral-movement-attack-paths.json | 36 -------------------
 1 file changed, 36 deletions(-)

diff --git a/rule-packs/mitre-attck-lateral-movement-attack-paths.json b/rule-packs/mitre-attck-lateral-movement-attack-paths.json
index 85f19e9..2dc7783 100644
--- a/rule-packs/mitre-attck-lateral-movement-attack-paths.json
+++ b/rule-packs/mitre-attck-lateral-movement-attack-paths.json
@@ -1,40 +1,4 @@
 [
-      {
-        "name": "lateral-movement-exploitation-of-remote-services-patch-vulnerabilities-aws",
-        "description": "M1048 - Application Isolation and Sandboxing - Make it difficult for adversaries to advance their operation through exploitation of undiscovered or unpatched vulnerabilities by using sandboxing in Google Cloud. Other types of virtualization and application microsegmentation may also mitigate the impact of some types of exploitation. Risks of additional exploits and weaknesses in these systems may still exist.",
-        "queries": [
-          {
-            "name": "query0",
-            "query": "FIND aws_instance THAT !HAS Finding",
-            "version": "v1"
-          }
-        ],
-        "alertLevel": "MEDIUM"
-      },  
-      {
-        "name": "lateral-movement-exploitation-of-remote-services-patch-vulnerabilities-gcp",
-        "description": "M1048 - Application Isolation and Sandboxing - Make it difficult for adversaries to advance their operation through exploitation of undiscovered or unpatched vulnerabilities by using sandboxing in Google Cloud. Other types of virtualization and application microsegmentation may also mitigate the impact of some types of exploitation. Risks of additional exploits and weaknesses in these systems may still exist.",
-        "queries": [
-          {
-            "name": "query0",
-            "query": "FIND google_compute_instance THAT !HAS Finding",
-            "version": "v1"
-          }
-        ],
-        "alertLevel": "MEDIUM"
-      },
-      {
-        "name": "lateral-movement-exploitation-of-remote-services-patch-vulnerabilities-azure",
-        "description": "M1048 - Application Isolation and Sandboxing - Make it difficult for adversaries to advance their operation through exploitation of undiscovered or unpatched vulnerabilities by using sandboxing in Azure. Other types of virtualization and application microsegmentation may also mitigate the impact of some types of exploitation. Risks of additional exploits and weaknesses in these systems may still exist.",
-        "queries": [
-          {
-            "name": "query0",
-            "query": "FIND azure_vm THAT !HAS Finding",
-            "version": "v1"
-          }
-        ],
-        "alertLevel": "MEDIUM"
-      },
       {
         "name": "lateral-movement-exploitation-of-remote-services-minimize-service-account-permissions",
         "description": "M1048 - Application Isolation and Sandboxing - Minimize permissions and access for service accounts to limit impact of exploitation.",