Downloadable rule updatesedit

This section lists all updates to prebuilt detection rules, made available with the Prebuilt Security Detection Rules integration in Fleet.

To download the latest updates, follow the instructions in Download latest prebuilt Elastic rules

Update version Date New rules Updated rules Notes

0.14.2

15 Oct 2021

18

89

This release includes rules covering Windows endpoints, as well as several third-party integrations — including rules contributed by the community.

0.14.1

08 Sep 2021

3

71

Included in this release is a rule to detect web shells, including ProxyShell activity.

0.13.3

22 Jul 2021

4

36

Included in this release is a rule for Windows Defender Exclusions, which has been used in recent campaigns, as well as a rule to resiliently detect parent PID spoofing.

0.13.2

07 Jul 2021

15

6

Included in this release are 3 new rules for the recently observed REvil activity as well as 4 new rules covering the recent PrintNightmare vulnerability.

0.13.1

21 Jun 2021

4

41