Skip to content

Navigation Menu

Explore
By company size
By use case
By industry
View all solutions
Topics
- AI
- DevOps
- Security
- Software Development
- View all
Explore
- GitHub Sponsors
  Fund open source developers
- The ReadME Project
  GitHub community articles
Repositories
- Enterprise platform
  AI-powered developer platform
Available add-ons
Pricing

Search code, repositories, users, issues, pull requests...

Search

Clear

Search syntax tips

Provide feedback

We read every piece of feedback, and take your input very seriously.

Include my email address so I can be contacted

Saved searches

Use saved searches to filter your results more quickly

Name

Query

To see all available qualifiers, see our documentation.

Sign up

You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session. You switched accounts on another tab or window. Reload to refresh your session.

Dismiss alert

elastic / detection-rules Public

Notifications You must be signed in to change notification settings
Fork 558
Star 2.3k

Code
Issues 145
Pull requests 39
Actions
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Security
Insights

Labels Milestones

No labels!

There aren’t any labels for this repository quite yet.

125 labels

Sort

Sort

Reverse alphabetically

fleet-release

Issue tracking rule updates released to (OOB) Fleet integration package

github_actions

Pull requests that update GitHub Actions code

good first issue

good first issue

Good for newcomers

help wanted

Extra attention is needed

Hunt: New

Hunt: Tuning

Hunting

Integration: Auditd Manager

Integration: Auditd Manager

Integration: AWS

Integration: AWS

AWS related rules

Integration: AWS-Bedrock

Integration: AWS-Bedrock

Integration: Azure Openai

Integration: Azure Openai

Integration: Azure

Integration: Azure

azure related rules

Integration: Beaconing

Integration: Beaconing

Integration: Cloud Defend

Integration: Cloud Defend

Cloud Defend Integration

Integration: Crowdstrike

Integration: Crowdstrike

crowdstrike integration

Integration: CyberArkPas

Integration: CyberArkPas

CyberArkPas integration

Integration: DED

Integration: DED

Integration: DGA

Integration: DGA

Integration: Endpoint

Integration: Endpoint

Elastic Endpoint Security

Integration: GCP

Integration: GCP

GCP related rules

Integration: GitHub

Integration: GitHub

GitHub integration

Integration: Google Workspace

Integration: Google Workspace

Integration: Kubernetes

Integration: Kubernetes

Kubernetes Integration

Integration: LMD

Integration: LMD

Integration: LotL

Integration: LotL

Integration: Microsoft 365

Integration: Microsoft 365

Integration: Okta

Integration: Okta

okta related rules

integration: ProblemChild

integration: ProblemChild

Integration: Rapid7 Threat Command

Integration: Rapid7 Threat Command

Integration: Slack

Integration: Slack

Previous 1 2 3 4 5 Next

Footer

© 2025 GitHub, Inc.

Footer navigation

Terms
Privacy
Security
Status
Docs
Contact

You can’t perform that action at this time.