Sigma – A shareable detection format for security professionals
sigmahq.ioHey Team, the SigmaHQ team and I have been working over the last 11 months & we're finally happy to release a brand new documentation suite and website to try and bring more Security & Detection engineers to adopt Sigma and enjoy the benefits around the ecosystem.
Please let us know what you think & feel free to ask any questions!
Any plans to add more backends to pySigma or to have parity with sigmac? How about support to covnert to sigma instead of just from? It would be a great way to share intel.
I see random github repos with sigma rules popup, it would be nice if you guys came up with a community repo anyone can dump into without going through your PR process (think Alienvault OTX but for Sigma).
It's also not clear on Nextron system's website if they offer paid/private/supported rules to compete with the likes of socprime.
YAML with dots in keys...
selection:
userIdentity.type: Root