Skip to content

CONTRIBUTING.md

Latest commit

 

History

History
51 lines (33 loc) · 2.9 KB

CONTRIBUTING.md

File metadata and controls

51 lines (33 loc) · 2.9 KB

Contributing to panther-analysis

Thank you for your interest in contributing to Panther's open-source ruleset! We appreciate all types of contributions, including new detection rules, feature requests, and bug reports.

What makes a good detection?

Please familiarize yourself with these helpful resources on writing high-quality Panther rules:

Especially excellent contributions will be considered for a quarterly prize! We will announce a winner in the Panther-Analysis Seasonal Newsletter, where we share updates and celebrate contributions to Panther’s open-source ruleset.

Testing your changes

Before submitting your pull request, make sure to:

  • Write or update relevant unit tests
  • Redact any sensitive information or PII from example logs
  • Format, lint, and test your changes to ensure CI tests pass, using the following commands:
make fmt
make lint
make test

Signing the Contributor License Agreement (CLA)

In order to clarify the intellectual property license granted with Contributions (as defined below) from any person or entity, Panther must have a Contributor License Agreement (“CLA”) on file that has been signed by each Contributor, indicating acceptance of the terms below. Except for the license granted herein to Panther and recipients of software distributed by Panther, the Contributor (“you”) reserve all rights, title and interest in your Contributions. You can find the CLA here.

Opening a Pull Request

  1. Make desired detection changes. This may include creating new detections in existing log type directories, creating new log type directories, updating existing detections, etc
  2. Commit both the Python and Metadata files
  3. Write a clear commit message
  4. Open a Pull Request against the develop branch.
  5. Once your PR has been approved by code owners, if you have merge permissions, merge it. If you do not have merge permissions, leave a comment requesting a code owner merge it for you

Code of Conduct

Please follow the Code of Conduct in all of your interactions with this project.

Need help?

If you need assistance at any point, feel free to open a support ticket, or reach out to us on Panther Community Slack.

Thank you again for your contributions, and we look forward to working together!