New post in the SigmaHQ blog: Introducing Sigma Correlations https://t.co/Ei8yxrGSwK

Check out my newly updated @sigma_hq course - Refreshed content to include all the great changes happening with the Sigma project! https://t.co/ijM4f0w31e #DetectionEngineering #InfoSec #SIGMA

2023 has been a very busy year for the @sigma_hq team and a great year for the Sigma community at large. We've seen a greater adoption of Sigma across all of the community and even from big vendors ranging from Qradar native support for Sigma rules, Splunk leveraging Sigma for

A new update has just dropped to the VsCode @sigma_hq extension 🚀. My colleague @_humpalum graciously integrated sigconverter directly into the extension via the API🧙‍♂️ In addition to all the autocomplete features and the goodness that the extension offers for sigma rule

[PySigma Basics Tips 🌟] If you leverage Sigma rules, you're probably aware that fields are vendor agnostic. Which means we can map them to anything we need. One of the feature that pySigma offers is transformations Say you normalize command line field to something like cli.

.@m3nixx and I took some time this weekend to cook something cool for Sigconverter https://t.co/BF2ssNHaj0 🧑‍🍳 You can now apply custom pySigma processing pipelines directly on the website. You might ask what does this mean? Custom processing pipelines allows you to transform a

We have just open sourced https://t.co/efwkFtbiWA and brought it back to original https://t.co/QelW1nyVxA Thank you everyone for your tremendous support from 2018 until today and into the future! 🧬 Supported Language Formats RootA and Sigma Rules can be translated into the

Elasticsearch keyword searches are fast and fine but misses case-insensitive searches. Event-Query-Language (EQL) sounds like a valuable answer for many security related use cases. Today I'm allowed to release pySigma-backend-elasticsearch (v1.0.8 ) with a EQL Support. @sigma_hq

New blog post about the the Sigma converter feature that allows to create custom output formats just by writing some YAML definition and templates: Introducing Query Post-Processing and Output Finalization to Processing Pipelines https://t.co/J4ch6DoS3N

PySigma templating feature is a game changer for backends output! A blog describing the feature is coming soon by @blubbfiction on @sigma_hq medium. Follow it here

Hi everyone, to get the weekend well started an Elastalert working conversion thanks to the template ouput in the latest version of #PySygma. I even did a #SIGMA level to priority conversion in the template. It's time to stop using sigmac 😆 @sigma_hq

🎉 Introducing SigConverter! 🎉 We're thrilled to announce the launch of https://t.co/37dKqyAMN3, a respectful-of-privacy and community-driven tool designed to simplify and streamline your Sigma rule conversion process. 🛠️ 🌟 Why SigConverter? 🤖 Easily convert to your SIEM of

🕶️🧐👀🥷🥁A new project by the Security Response team of @Google: https://t.co/fTO9MvhPBa. It fills a gap I have seen for years, asking the same questions in similar investigations across analysts who might have different background and know how. 🕶️🧐👀🥷🥁

This will be integrated into the next version of Sigma CLI. I also plan a blog post about it in our Medium publication: https://t.co/9WFxrO09x4 4/4

It also allows to put further query parts before and after the generated query, which was requested several times. Further use cases could be direct ingestion of generated queries into the SIEM directly from the conversion process and surely much more. 3/4

In the new release processing pipelines were extended by query post-processing and output finalization. This allows to create custom output formats out of queries generated by backends by embedding them into templates (Jinja2 is supported!). 2/4

Just released pySigma 0.10: https://t.co/jwHlxkQAIz It contains lots of extensions and fixes provided by the steadily growing community of pySigma contributors! Thanks to everyone of you! 1/4🧵

New blog post: Connecting Sigma Rule Sets to your Environment with Processing Pipelines https://t.co/fF4IlvuHZw If you convert Sigma rules into queries you should read this, especially if you never heard about processing pipelines before.

Just published my first post in the Sigma blog: Building Flexible & Reusable Detections with Sigma Placeholders https://t.co/Gsw27OPw4X

Hi, I've started a small project to help choose logsources #sigma with simple questions here https://t.co/HMDnapDLUh. Any help or ideas are welcome. You can make a GUI , fix my code (No worry, I know it's dirty )... But If anyone can turn it into a Visual Novel Game😏