SIGMA Resources
Resources To Learn And Understand SIGMA Rules
* [Sigma Specification by SigmaHQ](https://github.com/SigmaHQ/sigma/wiki/Specification) * [Anatomy of a Sigma Rule](https://speakerdeck.com/fr0gger/sigma-rules-cheat-sheet) The project is first published in 2021. Key topics include: awesome, detection, detection-engineering, learning, linux.
SIGMA-Resources
Resources To Learn And Understand SIGMA Rules
SIGMA Specification
Blogs
- Sigma Rule Creation Guide by SigmaHQ
- Introducing Generic Log Sources in Sigma by Thomas Patzkes
- A Guide to Generic Log Sources in Sigma by Thomas Patzkes
- How to Write Sigma Rules
- The Best Possible Monitoring with Sigma Rules
- What is Sigma? Threat Hunting in SIEM Products with Sigma Rules – Example Sigma Rules
- Threat Detection with SIGMA Rules
Cheat Sheets
Slides
- Sigma - Generic Signatures for SIEM Systems by Florian Roth
- Threat Hunting with Application Logs and Sigma by Thomas Patzke
- Sigma Hall of Fame - EU ATT&CK User Workshop, October 2021 by Florian Roth
Talks / Webinars
- Sigma - Generic Signatures for Log Events by Thomas Patzke
- Security Talks with SOC Prime: Implementing & Customizing SIGMA
- Security Talks with SOC Prime: All About SIGMA
- [SIGMA] 2.1 - Case Study 1 - Windows Event Logs - Background and Sample Rule by Applied Network Defense
- How to Level Up Your Threat Detection Practice by SANS
Courses
Books
- Practical Threat Intelligence and Data-Driven Threat Hunting - Chapter 5 Include an Introduction to SIGMA Rules.
Rules Repositories
- SigmaHQ - Rules
- SOC Prime - Rules
- Joe Security - Rules
- Michel de CREVOISIER - Rules
- The DFIR Report - Rules
SIGMA Rules Converters
Contributors
Showing top 3 contributors by commit count.
Related Repositories
sindresorhus/awesome
😎 Awesome lists about all kinds of interesting topics
vinta/awesome-python
An opinionated list of Python frameworks, libraries, tools, and resources
awesome-selfhosted/awesome-selfhosted
A list of Free Software network services and web applications which can be hosted on your own servers
trimstray/the-book-of-secret-knowledge
A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more.
avelino/awesome-go
A curated list of awesome Go frameworks, libraries and software
521xueweihan/HelloGitHub
:octocat: 分享 GitHub 上有趣、入门级的开源项目。Share interesting, entry-level open source projects on GitHub.