Skip to content

Secure Accessfirewall Detections#3986

Merged
nasbench merged 28 commits intodevelopfrom
secure_xcess
Apr 29, 2026
Merged

Secure Accessfirewall Detections#3986
nasbench merged 28 commits intodevelopfrom
secure_xcess

Conversation

@patel-bhavin
Copy link
Copy Markdown
Contributor

@patel-bhavin patel-bhavin commented Apr 1, 2026
edited
Loading

Update detections with Secure Access firewall attack data!

Detections :-

  • Detect Large ICMP Traffic
  • Detect Outbound SMB Traffic
  • Detect Outbound LDAP Traffic
  • Windows Remote Desktop Network Bruteforce Attempt

@patel-bhavin patel-bhavin changed the title Secure Accecess firewall detections Secure Access firewall Detections Apr 1, 2026
@patel-bhavin patel-bhavin added this to the v5.27.0 milestone Apr 15, 2026
@patel-bhavin patel-bhavin changed the title Secure Access firewall Detections Secure Access/ Umbrella firewall Detections Apr 17, 2026
@patel-bhavin patel-bhavin changed the title Secure Access/ Umbrella firewall Detections Secure Accessfirewall Detections Apr 21, 2026
@patel-bhavin patel-bhavin marked this pull request as ready for review April 23, 2026 04:47
ljstella
ljstella reviewed Apr 27, 2026
View reviewed changes
Comment thread macros/non_public_ip_blocks.yml Outdated
Comment thread macros/non_public_ip_blocks.yml Outdated
nasbench
nasbench reviewed Apr 29, 2026
View reviewed changes
Comment thread contentctl.yml Outdated
Comment thread data_sources/cisco_secure_access_firewall.yml Outdated
Comment thread detections/network/detect_outbound_smb_traffic.yml
Comment thread macros/non_public_ip_blocks.yml Outdated
patel-bhavin and others added 5 commits April 29, 2026 19:28
@patel-bhavin @nasbench
Update data_sources/cisco_secure_access_firewall.yml
bf704af 
Co-authored-by: Nasreddine Bencherchali <nasreddineb@splunk.com>
@patel-bhavin @nasbench
Update macros/non_public_ip_blocks.yml
e11abff 
Co-authored-by: Nasreddine Bencherchali <nasreddineb@splunk.com>
@patel-bhavin
fix TA version
d64e3d8
@patel-bhavin
Merge branch 'develop' into secure_xcess
e12a7c9
@patel-bhavin
updating renames
80dfd8c
@nasbench
Copy link
Copy Markdown
Contributor

nasbench commented Apr 29, 2026

LGTM

@nasbench nasbench merged commit becdb58 into develop Apr 29, 2026
6 checks passed
@nasbench nasbench deleted the secure_xcess branch April 29, 2026 18:41
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ljstella ljstella ljstella left review comments

@nasbench nasbench nasbench approved these changes

Assignees

No one assigned

Labels

Datasource Detections Macros Stories

Projects

None yet

Milestone

v5.27.0

Development

Successfully merging this pull request may close these issues.

3 participants

@patel-bhavin @nasbench @ljstella