Sigma (signature format)

Sigma is a signature format based on pattern matching for system logging, to detect malicious behavior in computer systems.^[1]^[2]^[3]

See also

YARA
Snort

Further reading

Kont, Markus. "IDS for logs: Towards implementing a streaming Sigma rule engine" (PDF). Cooperative Cyber Defence Centre of Excellence.

References

↑ Martinez, Roberto (2022). Incident Response with Threat Intelligence Practical Insights into Developing an Incident Response Capability Through Intelligence-Based Threat Hunting. Birmingham: Packt Publishing, Limited. ISBN 978-1-80107-099-7. OCLC 1321804492.
↑ Palacin, Valentina (2021). Practical Threat Intelligence and Data-Driven Threat Hunting : A Hands-On Guide to Threat Hunting with the ATT&CK(tm) Framework and Open Source Tools. Birmingham: Packt Publishing, Limited. ISBN 978-1-83855-163-6. OCLC 1235594404.
↑ SIMON., ROUTIN, DAVID. ROSSIER, SAMUEL. THOORES (2022). PURPLE TEAM STRATEGIES : enhancing global security posture through uniting red and blue teams with... adversary emulation. PACKT PUBLISHING LIMITED. ISBN 978-1-80107-429-2. OCLC 1322811650.{{cite book}}: CS1 maint: multiple names: authors list (link)

External links

GitHub repository
sigmatools on PyPi

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.