If you ever wondered what goes into merging a Sigma rule in the @sigma_hq repo, check out the latest blog. SigmaHQ Quality Assurance Pipeline - https://t.co/A2OuF1VOcw We delve into the process we go through to ensure the community contributed rules are up to par.

For all of the contributors that aim to propose enhancements or additions to the @sigma_hq specification in the future. We have introduced a new issue template that aims to track these proposals. We're calling it SEP (Sigma Enhancement Proposal). The template contains all the

Regression (True Positive) testing is coming to @sigma_hq starting from the next rule release in December. We will introduce a new CI that will validate a rule against a log. We will start with EVTX logs and extend beyond to other formats and logsources We're also introducing a

New Sigma release r2025-10-01 is available for download. 🌟37 New Rules 🛡️16 Rule updates 🔬45 Rule Fixes Here is a quick overview: - New AWS and Github based rules covering deletion of VPC flows, KMS imports, changing archive status or pages of a repo - Winrs usage as a

We’d love to see more feedback from orgs that rely on Sigma rules Even simple stats from production use are valuable. - A rule of level high that triggered 236,992 times probably needs rework. - A rule of level critical that triggered 234 times probably needs rework. - A rule of

Fun @sigma_hq stats for the end of the week. We have now reached 22 million package downloads since we started doing package releases 2 years ago. We also crossed 5700 PRs/Issues :)

⚡️ Sigma is shaping the future of detections. This Atomics on a Friday with @nas_bench explores: SigmaHQ deep dive https://t.co/RIBOa1FS4E in action Expert insights on security content’s evolution 🎥 Full video:

Because I and the rest of the maintainer team we dont have infinite time. I'm going to be pretty aggressive on PRs submitted to @sigma_hq https://t.co/MsdAvn8oNM New so called DEs copy pasting random rules and not having the capacity to read the specs will lead to an auto close

New Sigma release r2025-07-08 is available for download. 🌟43 New Rules 🛡️34 Rule updates 🔬27 Rule Fixes Explore the full release -> https://t.co/TLrfc4pJ9V This release introduces a bunch of new rules including detections for - Katz Stealer - MeshAgent usage -

New Sigma release r2025-05-21 is available for download. 🌟15 New Rules 🛡️47 Rule updates 🔬13 Rule Fixes Explore the full release -> https://t.co/BVdXDmkU9X This release focused mainly on updates and tunings of older rules, with newer detections covering NimScan, AdFind,

Sigma rule packages have been downloaded more than 10M times since we started doing releases in late 2023! Last month package crossed the 2M mark today. 🚀 @sigma_hq

Open Sourced https://t.co/cSbJE1msyE here → https://t.co/G0LWxqolpv MIT License

🎉I am finally happy announce a brand new tool – https://t.co/qUsi2KPEML Sigma to SIEM conversion – done entirely locally (in-browser). Better support for Pipelines & Filters. Persistent workspaces, and Share & Export to Zip. Check it out down here👇

New Sigma release r2025–02–03 is available for download. 🌟5 New Rules 🛡️5 Rule updates 🔬14 Rule Fixes Explore the full release -> https://t.co/CNzLQp4OHT This release saw the first wave of contribution from the @TheDFIRReport in a new collab we started with the team. 🔥

Many people use @sigma_hq rules. That's great. We like to share detection knowledge. Don't be afraid to contribute in 2025. Even a simple False Positive is good. If your boss don't want just ask until having an yes 😝

The more I see private detections the more I realize that the @sigma_hq rule repo is a gold mine and it is actually insane that its free. 😌

Last Sigma release of the year r2024-12-19 is available for download :) 🌟 12 New Rules 🛡️ 52 Rule updates 🔬 6 Rule Fixes This release include multiple updates for Linux rules, new AWS rules and more. Check the full change log and start exploring this, by downloading the

Now that the last release of the year from @sigma_hq is out. I would like to reflect on the progress we made this year by sharing some stats :) - Merged 325 pull request. 🚀 - Had 103 unique contributors. 🤝 - Added 313 new rules. 📝 - Updated and fixed the rules a combined

This is a really interesting web page published in the @Virustotal UI that lists the applied @sigma_hq rules on samples executed in their sandboxes and on how many of those samples the particular Sigma rule matched but not a single AV engine https://t.co/cTmWfVfWM4

New Sigma release r2024-11-10 is available for download 🌟 17 New Rules 🛡️ 35 Rule updates 🔬 4 Rule Fixes This release includes rules covering - Suspicious .RDP file creation by Outlook and other uncommon processes. - IIS config tampering. - PowerShell Web Access abuse. -