sigma_hq's profile picture. Generic Detection Rules for Log Data

sigma

@sigma_hq

Generic Detection Rules for Log Data

sigma đã đăng lại

New Sigma release r2025-12-01 is available for download. 🌟35 New Rules 🛡️21 Rule updates 🔬30 Rule Fixes Explore the full release -> github.com/SigmaHQ/sigma/… The major update of this release is the introduction of windows regression testing in the CI. We now highly encourage…

nas_bench's tweet image. New Sigma release r2025-12-01 is available for download.

🌟35 New Rules
🛡️21 Rule updates
🔬30 Rule Fixes

Explore the full release -> github.com/SigmaHQ/sigma/…

The major update of this release is the introduction of windows regression testing in the CI. We now highly encourage…

sigma đã đăng lại

The @sigma_hq repo is about to reach 10K 🌟. It would be nice if we could achieve this milestone before the end of the year. github.com/SigmaHQ/sigma If you have not already please star it and tell a friend to do the same.


sigma đã đăng lại

Proud to share that DetectionStream is now collaborating with the Sigma community to create opportunities for people to learn and grow within detection engineering. We’ve set up two channels for general discussions and challenge creation. Join here: discord.gg/KfdbeQpp


sigma đã đăng lại

Really happy with this collab 🔥 Come join the @sigma_hq server and discuss detectionstream.com Sigma challenges to learn and share your detection experience. The challenge creation channel will be a private channel accessible for vetted persons who are willing to…

Proud to share that DetectionStream is now collaborating with the Sigma community to create opportunities for people to learn and grow within detection engineering. We’ve set up two channels for general discussions and challenge creation. Join here: discord.gg/KfdbeQpp



sigma đã đăng lại

If you ever wondered what goes into merging a Sigma rule in the @sigma_hq repo, check out the latest blog. SigmaHQ Quality Assurance Pipeline - blog.sigmahq.io/sigmahq-qualit… We delve into the process we go through to ensure the community contributed rules are up to par.

nas_bench's tweet image. If you ever wondered what goes into merging a Sigma rule in the @sigma_hq repo, check out the latest blog. 

SigmaHQ Quality Assurance Pipeline -
blog.sigmahq.io/sigmahq-qualit…

We delve into the process we go through to ensure the community contributed rules are up to par.

sigma đã đăng lại

For all of the contributors that aim to propose enhancements or additions to the @sigma_hq specification in the future. We have introduced a new issue template that aims to track these proposals. We're calling it SEP (Sigma Enhancement Proposal). The template contains all the…

nas_bench's tweet image. For all of the contributors that aim to propose enhancements or additions to the @sigma_hq specification in the future. We have introduced a new issue template that aims to track these proposals.

We're calling it SEP (Sigma Enhancement Proposal). 

The template contains all the…
nas_bench's tweet image. For all of the contributors that aim to propose enhancements or additions to the @sigma_hq specification in the future. We have introduced a new issue template that aims to track these proposals.

We're calling it SEP (Sigma Enhancement Proposal). 

The template contains all the…
nas_bench's tweet image. For all of the contributors that aim to propose enhancements or additions to the @sigma_hq specification in the future. We have introduced a new issue template that aims to track these proposals.

We're calling it SEP (Sigma Enhancement Proposal). 

The template contains all the…

sigma đã đăng lại

Regression (True Positive) testing is coming to @sigma_hq starting from the next rule release in December. We will introduce a new CI that will validate a rule against a log. We will start with EVTX logs and extend beyond to other formats and logsources We're also introducing a…

nas_bench's tweet image. Regression (True Positive) testing is coming to @sigma_hq starting from the next rule release in December.
We will introduce a new CI that will validate a rule against a log. We will start with EVTX logs and extend beyond to other formats and logsources

We're also introducing a…
nas_bench's tweet image. Regression (True Positive) testing is coming to @sigma_hq starting from the next rule release in December.
We will introduce a new CI that will validate a rule against a log. We will start with EVTX logs and extend beyond to other formats and logsources

We're also introducing a…

sigma đã đăng lại

New Sigma release r2025-10-01 is available for download. 🌟37 New Rules 🛡️16 Rule updates 🔬45 Rule Fixes Here is a quick overview: - New AWS and Github based rules covering deletion of VPC flows, KMS imports, changing archive status or pages of a repo - Winrs usage as a…

nas_bench's tweet image. New Sigma release r2025-10-01 is available for download.

🌟37 New Rules
🛡️16 Rule updates
🔬45 Rule Fixes

Here is a quick overview:

- New AWS and Github based rules covering deletion of VPC flows, KMS imports, changing archive status or pages of a repo

- Winrs usage as a…

sigma đã đăng lại

We’d love to see more feedback from orgs that rely on Sigma rules Even simple stats from production use are valuable. - A rule of level high that triggered 236,992 times probably needs rework. - A rule of level critical that triggered 234 times probably needs rework. - A rule of…


sigma đã đăng lại

Fun @sigma_hq stats for the end of the week. We have now reached 22 million package downloads since we started doing package releases 2 years ago. We also crossed 5700 PRs/Issues :)


sigma đã đăng lại

⚡️ Sigma is shaping the future of detections. This Atomics on a Friday with @nas_bench explores: SigmaHQ deep dive sigconverter.io in action Expert insights on security content’s evolution 🎥 Full video: youtube.com/watch?v=rYhxQt…

AtomicsonaFri's tweet card. Mastering Sigma The Future of Security Content Atomics on a Friday

youtube.com

YouTube

Mastering Sigma The Future of Security Content Atomics on a Friday


sigma đã đăng lại

Because I and the rest of the maintainer team we dont have infinite time. I'm going to be pretty aggressive on PRs submitted to @sigma_hq github.com/SigmaHQ/sigma/ New so called DEs copy pasting random rules and not having the capacity to read the specs will lead to an auto close…


sigma đã đăng lại

New Sigma release r2025-07-08 is available for download. 🌟43 New Rules 🛡️34 Rule updates 🔬27 Rule Fixes Explore the full release -> github.com/SigmaHQ/sigma/… This release introduces a bunch of new rules including detections for - Katz Stealer - MeshAgent usage -…

nas_bench's tweet image. New Sigma release r2025-07-08 is available for download.

🌟43 New Rules
🛡️34 Rule updates
🔬27 Rule Fixes

Explore the full release -> github.com/SigmaHQ/sigma/…

This release introduces a bunch of new rules including detections for 

- Katz Stealer
- MeshAgent usage
-…

sigma đã đăng lại

New Sigma release r2025-05-21 is available for download. 🌟15 New Rules 🛡️47 Rule updates 🔬13 Rule Fixes Explore the full release -> github.com/SigmaHQ/sigma/… This release focused mainly on updates and tunings of older rules, with newer detections covering NimScan, AdFind,…

nas_bench's tweet image. New Sigma release r2025-05-21 is available for download.

🌟15 New Rules
🛡️47 Rule updates
🔬13 Rule Fixes

Explore the full release -> github.com/SigmaHQ/sigma/…

This release focused mainly on updates and tunings of older rules, with newer detections covering NimScan, AdFind,…

sigma đã đăng lại

Sigma rule packages have been downloaded more than 10M times since we started doing releases in late 2023! Last month package crossed the 2M mark today. 🚀 @sigma_hq

nas_bench's tweet image. Sigma rule packages have been downloaded more than 10M times since we started doing releases in late 2023! Last month package crossed the 2M mark today. 🚀 @sigma_hq

sigma đã đăng lại

🎉I am finally happy announce a brand new tool – detection.studio Sigma to SIEM conversion – done entirely locally (in-browser). Better support for Pipelines & Filters. Persistent workspaces, and Share & Export to Zip. Check it out down here👇


sigma đã đăng lại

New Sigma release r2025–02–03 is available for download. 🌟5 New Rules 🛡️5 Rule updates 🔬14 Rule Fixes Explore the full release -> github.com/SigmaHQ/sigma/… This release saw the first wave of contribution from the @TheDFIRReport in a new collab we started with the team. 🔥…

nas_bench's tweet image. New Sigma release r2025–02–03 is available for download.

🌟5 New Rules
🛡️5 Rule updates
🔬14 Rule Fixes

Explore the full release -> github.com/SigmaHQ/sigma/…

This release saw the first wave of contribution from the @TheDFIRReport in a new collab we started with the team. 🔥…

sigma đã đăng lại

Many people use @sigma_hq rules. That's great. We like to share detection knowledge. Don't be afraid to contribute in 2025. Even a simple False Positive is good. If your boss don't want just ask until having an yes 😝

frack113's tweet image. Many people use @sigma_hq  rules. That's great. We like to share detection knowledge. Don't be afraid to contribute in 2025. Even a simple False Positive is good. If your boss don't want just ask until having an yes 😝

sigma đã đăng lại

The more I see private detections the more I realize that the @sigma_hq rule repo is a gold mine and it is actually insane that its free. 😌


Loading...

Something went wrong.


Something went wrong.