In the past weeks you might had some notifications on new rules in our catalog! But you also might have missed some :) Therefore here is a quick summup of the main rules that have been added: * 13 rules on **OKTA**, covering security best pratices to detect abnormal user activities. * 23 rules on **AWS**, also covering security best pratices to detect abnormal user activities. * 2 rules on **Cybereason**, covering MalOp alerts and malware detection. * A generic rule named "WAF Block Rule" on Web Application Firewall (WAF) allowing to detect external attack to your web application. This raises alerts for **AWS** and** Cloudflare WAF** for now. * A **correlation rule** that detects a common infection chain using some archive format files (ISO, VHD, IMG) to hide the malicious payload (usually a LNK file). This is a well-known technique used by many botnets (like Qakbot) and some APT groups as well. We will keep adding more rules, mainly focusing on **Microsoft Intune**, **Google WorkSpace** and more **OKTA** rules in the next weeks so stay tuned!