Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[guardduty] set dedup, title, and dedup period #45

Merged
merged 1 commit into from
Apr 14, 2020
Merged

[guardduty] set dedup, title, and dedup period #45

merged 1 commit into from
Apr 14, 2020

Conversation

jacknagz
Copy link
Contributor

Background

Add deduplication and title to GuardDuty rules

Changes

  • Set dedup to the GuardDuty finding ID
  • Set the title to the GuardDuty generated title
  • Set the DedupPeriodMinutes per the severity (8 hours for low, 1 hour for med/high)

Testing

  • CI

@jacknagz jacknagz requested a review from nhakmiller April 14, 2020 21:16
@jacknagz jacknagz merged commit f7377cf into master Apr 14, 2020
@jacknagz jacknagz deleted the jacknaglieri-tune-guardduty branch April 14, 2020 23:02
lindsey-w pushed a commit that referenced this pull request Sep 24, 2020
@wey-chiang
#37 - Display Name Validation (#45)
1181664 
* Added imports for And, Regex from schemas -- Added Regex match for
DisplayName, GlobalID, PolicyID, and RuleID

* Added '(' and ')' to the allowable characters

* Hotfix: Rule Schema DisplayName improper definition

* Update panther_analysis_tool/schemas.py

Removed character escaping for readability

Co-authored-by: Austin Byers <austin.byers@runpanther.io>

* Added unit tests

* Removed unnecessary &

Co-authored-by: Austin Byers <austin.byers@runpanther.io>
egibs pushed a commit that referenced this pull request Jan 23, 2024
Address CVEs; move to Wolfi-based Dockerfile (#45)
246b50d
egibs pushed a commit that referenced this pull request Jan 23, 2024
[sync] Address CVEs; move to Wolfi-based Dockerfile (#45) (#1066)
df57b3d
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@rleighton rleighton rleighton approved these changes

@austinbyers austinbyers austinbyers approved these changes

@nhakmiller nhakmiller Awaiting requested review from nhakmiller

@kostaspap kostaspap Awaiting requested review from kostaspap

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jacknagz @austinbyers @rleighton