Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AI_Creation_Events #11754

Merged
merged 4 commits into from
Feb 5, 2025
Merged

AI_Creation_Events #11754

merged 4 commits into from
Feb 5, 2025

Conversation

mgstate
Copy link
Contributor

@mgstate mgstate commented Feb 3, 2025

Machine learning creation event

Required items, please complete

Change(s):

Added a new detection rule for Azure Machine Learning Write Operations.
Updated the YAML configuration to include tactics and techniques relevant to potential rogue access or resource creation.
Reason for Change(s):

To monitor and investigate write operations on Azure Machine Learning resources, ensuring that any unauthorized access or resource creation is detected.
Resolves ISSUE #1234 (if applicable).
Version Updated:

Yes
Detections/Analytic Rule templates are required to have the version updated.
Testing Completed:

Yes
The code has been tested in a Microsoft Sentinel environment to validate syntax and execution.
Checked that the validations are passing and have addressed any issues that are present:

Yes

@mgstate
Create Machine_Learning_Creation.yaml
3d649b4 
Machine learning creation event
@mgstate mgstate requested review from a team as code owners February 3, 2025 18:21
@mgstate
Copy link
Contributor Author

mgstate commented Feb 3, 2025
edited
Loading

@microsoft-github-policy-service agree

@v-prasadboke v-prasadboke added Solution Solution specialty review needed Hunting Hunting specialty review needed labels Feb 4, 2025
@v-shukore
Copy link
Contributor

Hi @mgstate, the key 'ID' is not present in this analytic rule. Please add it to the rule. You can refer any rule from our repo. Thanks.

@mgstate
Copy link
Contributor Author

mgstate commented Feb 4, 2025
edited
Loading

Hi @mgstate, the key 'ID' is not present in this analytic rule. Please add it to the rule. You can refer any rule from our repo. Thanks.

I see - the appropriate modifications have been made @v-prasadboke @v-shukore

@mgstate
Copy link
Contributor Author

mgstate commented Feb 4, 2025

Hi @mgstate, the key 'ID' is not present in this analytic rule. Please add it to the rule. You can refer any rule from our repo. Thanks.

I see - the appropriate modifications have been made @v-prasadboke @v-shukore

sorry meant to put @v-shukore

@v-atulyadav v-atulyadav merged commit 49f2e04 into Azure:master Feb 5, 2025
31 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@v-atulyadav v-atulyadav v-atulyadav approved these changes

@v-shukore v-shukore v-shukore approved these changes

Assignees

@v-shukore v-shukore

Labels
Hunting Hunting specialty review needed Solution Solution specialty review needed
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@mgstate @v-shukore @v-atulyadav @v-prasadboke