SIGMA-detection-rules

Set of SIGMA rules (>320) mapped to MITRE ATT&CK tactic and techniques (by mdecrevoisier)

SIGMA-detection-rules Alternatives

Similar projects and alternatives to SIGMA-detection-rules based on common topics and language

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a better SIGMA-detection-rules alternative or higher similarity.

SIGMA-detection-rules reviews and mentions

Posts with mentions or reviews of SIGMA-detection-rules. We have used some of these posts to build our list of alternatives and similar projects. The last one was on 2023-12-04.
  • should we write our own custom rule
    2 projects | /r/cybersecurity | 4 Dec 2023
    I am currently employed as a cyber analyst, and we've recently implemented an Endpoint Detection and Response (EDR) system. Upon closer inspection, I've observed that numerous events are not being flagged as alerts. This raises a crucial question: should I take the initiative to create custom rules to ensure these events are brought to our attention, or should I rely solely on the EDR's intrinsic capabilities to detect and classify threats? As a potential solution, I'm contemplating the implementation of rules based on Sigma, such as those available at the following repository: here. Your insights and experiences on the effectiveness of this approach would be greatly appreciated. Thank you for your time and assistance.
  • Installed Graylog. 7 million log entries per month. Now what?
    5 projects | /r/sysadmin | 27 May 2022
    Depending on whether this is up your alley either look for a MSSP/MDR/Managed BlaBla provider or head on to - https://github.com/splunk/security_content - https://www.elastic.co/guide/en/security/current/prebuilt-rules.html - https://github.com/mdecrevoisier/SIGMA-detection-rules - https://github.com/Azure/Azure-Sentinel to get an idea of what to look for. MITRE ATT&CK and the related DETT&CT should serve as an additional eye opener. Ah yes - forgot the bible on log management from Anton Chuvakin in the above list.

Stats

Basic SIGMA-detection-rules repo stats
2
256
6.4
23 days ago

mdecrevoisier/SIGMA-detection-rules is an open source project licensed under Creative Commons Zero v1.0 Universal which is not an OSI approved license.

SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives
www.saashub.com