Skip to content

Commit 0107a92

Browse files
patel-bhavinpatel-bhavin
committed
updating yaml files
1 parent 94ae5f5 commit 0107a92

File tree

3 files changed

+15
-4
lines changed

3 files changed

+15
-4
lines changed

datasets/attack_techniques/T1087.004/aws_invoke_model_access_denied/aws_invoke_model_access_denied.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,7 +1,7 @@
11
author: Bhavin Patel
22
id: c467c7d4-5b8d-44c8-9259-8847e1e4df7a
33
date: '2024-03-07'
4-
description: This dataset is synthetically generated using manually simulated events in a lab environment.
4+
description: This dataset is generated in a AWS Bedrock Lab Environment by simulating events using AWS API calls
55
environment: NA
66
dataset:
77
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1087.004/aws_invoke_model_access_denied/cloudtrail.json

datasets/attack_techniques/T1485/aws_delete_knowledge_base/aws_delete_knowledge_base.yml

Lines changed: 2 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -1,12 +1,11 @@
11
author: Bhavin Patel
22
id: 984e9022-b87b-499a-a260-8d0282c46ea2
33
date: '2025-04-10'
4-
description: Dataset generated from AWS CloudTrail logs capturing the lifecycle of an intentionally exposed S3 bucket, including its creation, public access configuration (via bucket policy and website hosting), and subsequent deletion. This simulates the an activity of a malicious actor deleting a knowledge base from AWS Bedrock.
4+
description: Dataset generated from AWS CloudTrail logs capturing the activity of a malicious actor deleting a knowledge base from AWS Bedrock.
55
environment: attack_range
66
dataset:
77
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1485/aws_delete_knowledge_base/cloudtrail.json
88
sourcetypes:
99
- aws:cloudtrail
1010
references:
11-
- https://attack.mitre.org/techniques/T1485/
12-
11+
- https://attack.mitre.org/techniques/T1485/

datasets/attack_techniques/T1562.008/aws_bedrock_delete_model_invocation_logging/aws_bedrock_delete_model_invocation_logging.yml

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -0,0 +1,12 @@
1+
author: Bhavin Patel, Splunk
2+
id: 09f580b9-cbc0-4d90-8e26-7dd4584a5650
3+
date: '2025-04-10'
4+
description: Dataset which contains cloudtrail logs for aws delete model invocation logging
5+
environment: attack_range
6+
dataset:
7+
- https://media.githubusercontent.com/media/splunk/attack_data/master/datasets/attack_techniques/T1562.008/aws_bedrock_delete_model_invocation_logging/cloudtrail.json
8+
sourcetypes:
9+
- aws:cloudtrail
10+
references:
11+
- https://attack.mitre.org/techniques/T1562/008/
12+
- https://github.com/aquasecurity/cloudsploit

0 commit comments

Comments
 (0)
pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy