New post in the SigmaHQ blog: Introducing Sigma Correlations.

RT @DefensiveDepth: Check out my newly updated @sigma_hq course - Refreshed content to include all the great changes happening with the Sig….

RT @nas_bench: 2023 has been a very busy year for the @sigma_hq team and a great year for the Sigma community at large. We've seen a great….

RT @nas_bench: A new update has just dropped to the VsCode @sigma_hq extension 🚀. My colleague @_humpalum graciously integrated sigconverte….

RT @nas_bench: [PySigma Basics Tips 🌟]. If you leverage Sigma rules, you're probably aware that fields are vendor agnostic. Which means we….

RT @nas_bench: .@m3nixx and I took some time this weekend to cook something cool for Sigconverter 🧑‍🍳 You can now a….

RT @andriinb: We have just open sourced and brought it back to original .Thank you everyone….

RT @4ndur1n: Elasticsearch keyword searches are fast and fine but misses case-insensitive searches. Event-Query-Language (EQL) sounds like….

New blog post about the the Sigma converter feature that allows to create custom output formats just by writing some YAML definition and templates:. Introducing Query Post-Processing and Output Finalization to Processing Pipelines.

RT @nas_bench: PySigma templating feature is a game changer for backends output! A blog describing the feature is coming soon by @blubbfict….

RT @frack113: Hi everyone, to get the weekend well started an Elastalert working conversion thanks to the template ouput in the latest ver….

RT @_josehelps: 🎉 Introducing SigConverter! 🎉. We're thrilled to announce the launch of a respectful-of-privacy an….

RT @alexanderjaeger: 🕶️🧐👀🥷🥁A new project by the Security Response team of @Google: It fills a gap I have seen for….

This will be integrated into the next version of Sigma CLI. I also plan a blog post about it in our Medium publication:. 4/4.

It also allows to put further query parts before and after the generated query, which was requested several times. Further use cases could be direct ingestion of generated queries into the SIEM directly from the conversion process and surely much more. 3/4.

In the new release processing pipelines were extended by query post-processing and output finalization. This allows to create custom output formats out of queries generated by backends by embedding them into templates (Jinja2 is supported!). 2/4.

Just released pySigma 0.10:. It contains lots of extensions and fixes provided by the steadily growing community of pySigma contributors! Thanks to everyone of you!. 1/4🧵.

New blog post: Connecting Sigma Rule Sets to your Environment with Processing Pipelines. If you convert Sigma rules into queries you should read this, especially if you never heard about processing pipelines before.

Just published my first post in the Sigma blog:. Building Flexible & Reusable Detections with Sigma Placeholders.

RT @frack113: Hi,.I've started a small project to help choose logsources #sigma with simple questions here Any hel….