Sigma (signature format)

From HandWiki

Sigma is a signature format based on pattern matching for system logging, to detect malicious behavior in computer systems.^[1]^[2]^[3]

See also

YARA
Snort

Further reading

Kont, Markus. "IDS for logs: Towards implementing a streaming Sigma rule engine". Cooperative Cyber Defence Centre of Excellence. https://ccdcoe.org/uploads/2020/10/Markus-Kont-Mauno-Pihelgas-IDS-for-logs-Towards-implementing-a-streaming-Sigma-rule-engine.pdf.

References

↑ Martinez, Roberto (2022). Incident Response with Threat Intelligence Practical Insights into Developing an Incident Response Capability Through Intelligence-Based Threat Hunting.. Birmingham: Packt Publishing, Limited. ISBN 978-1-80107-099-7. OCLC 1321804492. https://www.worldcat.org/oclc/1321804492.
↑ Palacin, Valentina (2021). Practical Threat Intelligence and Data-Driven Threat Hunting : A Hands-On Guide to Threat Hunting with the ATT&CK(tm) Framework and Open Source Tools.. Birmingham: Packt Publishing, Limited. ISBN 978-1-83855-163-6. OCLC 1235594404. https://www.worldcat.org/oclc/1235594404.
↑ SIMON., ROUTIN, DAVID. ROSSIER, SAMUEL. THOORES (2022). PURPLE TEAM STRATEGIES : enhancing global security posture through uniting red and blue teams with... adversary emulation.. PACKT PUBLISHING LIMITED. ISBN 978-1-80107-429-2. OCLC 1322811650. http://worldcat.org/oclc/1322811650.

External links

GitHub repository
sigmatools on PyPi

0.00

(0 votes)

Original source: https://en.wikipedia.org/wiki/Sigma (signature format). Read more

Retrieved from "https://handwiki.org/wiki/index.php?title=Sigma_(signature_format)&oldid=2229852"

Computer forensics