<html lang="en">
<body>

<p>
	<b>[OOTB] SOC Content - ENG. Version 2</b><br>
	Change list:<br>
	New rules were added: R61_06, R034_01 ,R034, R334, R152_ХХ, R286, R035, R036, R089, R211, R221, R207, R228, R331, R350, R405, R406, R407, R408, R409, R410, R229, R152_09, R089_05, R087, R231_05, R293_03, R093_XX, R150, R083_02, R083_03, R083_04, R301, R082_03, R082_05, R082_05, R082_06, R077_03, R077_04, R084_04, R099_XX, R110_08, R208_03, R285, R296, R335, R411, R412, R413, R414, R415, R416, R417, R057_02, R059_(03-06), R061_(07-09), R063_04, R082_(07-08), R083_(05-09), R087_04, R093_(30-34), R107_03, R209_04, R211_(03-06), R224_(10-16), R225, R228_03, R231_06, R240_(03-05), R289_03, R296_(17-18), R302_(02-03), R351, R417_(02-03), R418, R419, R420, R421, R422, R423, R426, R427, R428, R429, R430.<br>
	
	Rules were updated:
	<ul>
	<li>Rule R061 was renamed.</li>
	<li>Condition of the rule R098_02  was fixed.</li>
	<li>Condition of the rule R298 was updated.</li>
	<li>Condition of the rule R073 was updated.</li>
	<li>Condition of the rule R233_01 was fixed.</li>
	<li>Rules R224 were renamed, new rules were added.</li>
	<li>Rule R050_01 was split to three different rules.</li>
	<li>Rule R221 was renamed to R224_08.</li>
	<li>Rules R107 were renamed.</li>
	<li>Rule R220_02 was updated.</li>
	<li>Rule R057 was renamed to R057_01.</li>
	<li>Condition of the rule R061_04 was updated.</li>
	<li>Condition of the rule R073 was updated.</li>
	<li>Condition of the rule R084_01 was updated.</li>
	<li>Condition of the rule R099_04 was updated.</li>
	<li>Condition of the rule R101_01 was fixed.</li>
	<li>Condition of the rule R101_02 was fixed.</li>
	<li>Condition of the rule R104_01 was fixed.</li>
	<li>Condition of the rule R105_01 was fixed.</li>
	<li>Condition of the rules R110_02, R110_06 were fixed and updated.</li>
	<li>Condition of the rule R233_01 was fixed.</li>
	<li>Condition of the rule R283_01 was updated.</li>
	<li>Condition of the rule R288_02 was updated and fixed.</li>
	<li>Condition of the rule R296_04 was updated.</li>
	<li>Condition of the rule R296_13 was fixed.</li>
	<li>Condition of the rule R298 was updated.</li>
	<li>Condition of the rule R300_01 was updated.</li>
	<li>Condition of the rule R320 was updated.</li>
	<li>Condition of the rule R330 was fixed.</li>
	</ul>
	
	Other changes:
	<ul>
	<li>Rule R033 was deleted.</li>
	<li>Rule R050_02 was deleted.</li>
	<li>The rule SR210_02 has been fixed due to KUMA v3.2 features.</li>
	<li>Rules names and descriptions were updated.</li>
	<li>Filter Microsoft Windows events was fixed.</li>
	</ul>
</p>

<p>
	<b>[OOTB] SOC Content - ENG. Version 1</b><br>
	Change list:
  <ul>
		<li>SOC_package1, SOC_package2, SOC_package3 have been merged into one package.</li>
		<li>Correlation rules R201, R202, R203 have been fixed.</li>
		<li>Folder "Integration" has been added. Resources that needed for editing by user have been moved to this folder.</li>
		<li>A function that allows automatically add rules that fire too many times to the stop-list has been added. See the SOC Content description in KUMA help to find additional information about this function.</li>
		<li>Filters needed to generate a list of exclusions and correlation rules tuning were added. Filter for a rules placed in the folder "Integration".</li>
		<li>Correlation rule names and description have been fixed.</li>
	</ul>
</p>

</body>
</html>
