GitHub - elastic/protections-artifacts: Elastic Security detection content for Endpoint
Skip to content

elastic/protections-artifacts

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

ATT&CK navigator coverage

Protections Artifacts

Elastic Security prevents ransomware and malware, detects advanced threats, and arms responders with vital context. It’s free and open, ready for every endpoint.

Protections-Artifacts is the home of our detection logic (rules, yara, etc) for Elastic Security for endpoint. At Elastic, we believe that being open and transparent is critical for the success of us and our users. Check out our blog post if you are interested in additional background.

Directory

Below you will find the artifacts we have opened in this repository:

Folder Description
behavior/ EQL based malicious behavior rules
yara/ Yara rules for malware protection
ransomware/ Elastic ransomware protection artifact

Questions? Problems? Suggestions?

If you would like you to provide feedback or contribute to this repository, please familiarize yourself with the applicable artifact’s readme and open an issue using one of the provided templates. We cannot accept pull requests at this time because this repository is automatically generated.

You can also reach us in our Slack Workspace or in the Security Discuss forum.

License

Copyright Elasticsearch B.V. and/or licensed to Elasticsearch B.V. under one or more contributor license agreements. Licensed under the Elastic License 2.0; you may not use these artifacts except in compliance with the Elastic License 2.0

Contributors must sign a Contributor License Agreement before contributing code to any Elastic repositories.

Releases

No releases published

Packages

No packages published

Languages