In the past three months several verified rules have been updated (**159**), and new rules (**35**) published to improve our detection capabilities! **Integrations** to raise alerts based on the related security products: * CloudFlare, 1 anomaly rule to detect DDoS. * Microsoft Entra ID, 1 rule to detect password compromised by a know credential testing tool. * Palo Alto Cortex XDR, 3 rules to detect alert raised and not blocked from low to high severity. * Stormshield Ses, 3 rules to detect critical alert blocked / not blocked and emergency alert. * Trellix Network Security 2 rules to detect threat blocked, notified. **Threats**: * Linux, 7 rules: Correlation Linux Decode And Exec, Docker Escape Bind Mount, Generic-reverse-shell-oneliner, Linux Bash Reverse Shell, Linux Shared Lib Injection Via Ldso Preload, Linux Remove Immutable Attribute, Linux Suspicious Search. * Windows, 13 rules: Adidnsdump Enumeration, AMSI Deactivation Using Registry Key, Aspnet Compiler, Computer Account Deleted, Credentials Extraction, Dism Disabling Windows Defender, Exfiltration Via Pscp, Impacket Addcomputer, Permission Discovery Via Wmic, Suspicious Regasm Regsvcs Usage, Svchost Modification, System Network Connections Discovery, User Account Deleted. * Network, 5 rules: Anomaly Internal Ping, Anomaly Internal Port Connection, Anomaly Internal RDP, Anomaly Multiple Host Port Scan, EvilProxy Phishing Domain. Our rules changelog is available over there: https://docs.sekoia.io/xdr/features/detect/rules_changelog/