Skip to content

preambleai/security-rules

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
Elastic_ELK
Elastic_ELK
 
 
IBM_Qradar
IBM_Qradar
 
 
Microsoft_Sentinel
Microsoft_Sentinel
 
 
Splunk
Splunk
 
 
Yara
Yara
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Detection Signatures and rules

This repository currently contains rules for detecting access to specific domains of known generative AI tools and associated file activities across different SIEM platforms: Splunk, IBM QRadar, Microsoft Sentinel, and Elastic (ELK) Stack.

Repository Structure

The repository is organized by platform, each containing the specific detection rule.

How to Use

  1. Navigate to the folder corresponding to your SIEM platform.
  2. Copy and paste the rule into your SIEM.
  3. Make any changes required to match your file naming structure and data sources.

Contributing

We welcome contributions to expand and improve these detection rules. Please open an issue or submit a pull request with your enhancements.

License

This repository is licensed under the MIT License.

About

Rules and signatures to detect shadow AI

Topics

siem yara-rules ai-security shadow-ai

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages