foxsec-pipeline

foxsec-pipeline copied to clipboard

Bumps [google.golang.org/grpc](https://github.com/grpc/grpc-go) from 1.27.1 to 1.53.0. Release notes Sourced from google.golang.org/grpc's releases. Release 1.53.0 API Changes balancer: support injection of per-call metadata from LB policies (#5853) resolver: remove deprecated field...

dependabot[bot]

Bumps [guava](https://github.com/google/guava) from 31.0.1-jre to 32.0.0-jre. Release notes Sourced from guava's releases. 32.0.0 Maven <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> <version>32.0.0-jre</version> <!-- or, for Android: --> <version>32.0.0-android</version> </dependency> Jar files 32.0.0-jre.jar 32.0.0-android.jar Guava...

dependabot[bot]

Bumps [github.com/gorilla/websocket](https://github.com/gorilla/websocket) from 1.4.0 to 1.4.1. Release notes Sourced from github.com/gorilla/websocket's releases. v1.4.1 Notable Changes ⚠️ This release fixes a potential denial-of-service (DoS) vector in gorilla/websocket, and we recommend that...

dependabot[bot]

Bumps [github.com/unknwon/cae](https://github.com/unknwon/cae) from 1.0.0 to 1.0.1. Commits ac10440 ci: only test on Linux b862a1c Fix tests 07971c0 security: clean file path on extracting cf4aeaa cae: remove strange left-over directory e8bea74...

dependabot[bot]

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.23.13 to 1.34.0. Changelog Sourced from github.com/aws/aws-sdk-go's changelog. Release v1.34.0 (2020-08-07) Service Client Updates service/glue: Updates service API and documentation AWS Glue now adds support for Network...

dependabot[bot]

Bumps [github.com/aws/aws-sdk-go](https://github.com/aws/aws-sdk-go) from 1.19.11 to 1.34.0. Changelog Sourced from github.com/aws/aws-sdk-go's changelog. Release v1.34.0 (2020-08-07) Service Client Updates service/glue: Updates service API and documentation AWS Glue now adds support for Network...

dependabot[bot]

Bumps [spotless-maven-plugin](https://github.com/diffplug/plugin-maven) from 1.16.0 to 1.20.0. Commits See full diff in compare view [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter...

dependabot[bot]

This cannot use maxmind (i.e. should be a local lookup). This should be used to enrich the alert and possibly adjust reputation recovery suppression times.

kkleemola

For resources we expect all users to have access monitoring set up for, create an alert if an unknown user accesses it. This will likely catch legitimate access for which...

kkleemola

Because of errors in application logging (i.e., XFF header not being set) we sometimes will see events for ip addresses that we should not generate alerts for (i.e. 127.0.0.1). We...

kkleemola