[Deprecation] Deprecating Potential Password Spraying of Microsoft 365 User Accounts

[terrancedejesus]

Pull Request

Issue link(s):

Summary - What I changed

Deprecates this rule. Originally we added the Deprecated prefix to the rule for customers to identify that it was being deprecated. This PR finishes the deprecation process.

Deprecated Deprecated - Suspicious JAVA Child Process as well per @Aegrah

How To Test

No testing required.

Checklist

• Added a label for the type of pr: bug, enhancement, schema, maintenance, Rule: New, Rule: Deprecation, Rule: Tuning, Hunt: New, or Hunt: Tuning so guidelines can be generated
• Added the meta:rapid-merge label if planning to merge within 24 hours
• Secret and sensitive material has been managed correctly
• Automated testing was updated or added to match the most common scenarios
• Documentation and comments were added for features that require explanation

Contributor checklist

• Have you signed the contributor license agreement?
• Have you followed the contributor guidelines?

[github-actions]

Rule: Deprecation - Guidelines

These guidelines serve as a reminder set of considerations when recommending the deprecation of a rule.

Documentation and Context

• Description of the reason for deprecation.
• Include any context or historical data supporting the deprecation decision.

Rule Metadata Checks

• deprecated = true added to the rule metadata.
• updated_date should be the date of the PR.

Testing and Validation

• A prior rule tuning occurred for the rule where Deprecated - is prepended to the rule name, and the rule has already been released.
• Rule has be moved to the _deprecated directory.
• Double check gaps potentially or inadvertently introduced.
• Provide evidence that the rule is no longer needed or has been replaced (e.g., alternative rules, updated detection methods).