Skip to content

This repository contains security detection rules I've created, using the flexible and open Sigma standard, designed to enhance consistency and efficiency in security operations across various log files.

Notifications You must be signed in to change notification settings

jacobstickney/sigmarules

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

23 Commits
 
 
 
 

Repository files navigation

Sigma is a generic and open signature format that allows you to describe relevant log events in a straightforward manner. The rule format is very flexible, easy to write and applicable to any type of log file. The main purpose of the Sigma project is to provide a structured form in which researchers or analysts can describe their once developed detection methods and make them shareable with others.

SIGMA rules are valuable in detection engineering as they provide a generic, open standard for defining security detection rules in a structured and scalable manner. They allow for the creation of rules that can be shared across different systems, reducing the effort required to create custom rules for each system. This promotes consistency in detection and improves the overall efficiency of the security operations center (SOC). Additionally, by using SIGMA, organizations can leverage the collective wisdom of the security community, benefiting from rules created by others who have encountered similar threats.

About

This repository contains security detection rules I've created, using the flexible and open Sigma standard, designed to enhance consistency and efficiency in security operations across various log files.

Topics

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published