Pulsar Security Rules offer a robust set of rules designed to be used with Pulsar Rule Engine module to enforce effective security policies for most common use cases.
Rules are organized into folders based on the MITRE ATT&CK framework, allowing users to easily identify and select rules based on their specific security requirements.
Each security rule within the Pulsar Security Rules comprises the following key elements:
- Title: A concise description providing a quick overview of the rule
- Category: Classification of the rule based on the MITRE ATT&CK framework, ensuring a standardized approach to rule organization
- Severity: An indication of the rule's severity level, allowing users to prioritize and address security concerns accordingly
- Description:A comprehensive and detailed explanation of the rule, offering insights into its purpose and implications
- MITRE ATT&CK Tactic: Alignment with the MITRE ATT&CK framework's tactics, highlighting the broader strategic context of the rule
- MITRE ATT&CK Technique: Association with specific MITRE ATT&CK techniques, providing users with additional context and reference points
We welcome contributions from the community to enhance the Pulsar Security Rules. If you have identified new security patterns, want to improve existing rules, or have suggestions for additional features, please consider contributing to the project.
The Pulsar Security Rules are built upon the foundation of the Elastic Detection Rules.