Sigma (signature format)
From HandWiki
Sigma is a signature format based on pattern matching for system logging, to detect malicious behavior in computer systems.[1][2][3]
See also
Further reading
- Kont, Markus. "IDS for logs: Towards implementing a streaming Sigma rule engine". Cooperative Cyber Defence Centre of Excellence. https://ccdcoe.org/uploads/2020/10/Markus-Kont-Mauno-Pihelgas-IDS-for-logs-Towards-implementing-a-streaming-Sigma-rule-engine.pdf.
References
- ↑ Martinez, Roberto (2022). Incident Response with Threat Intelligence Practical Insights into Developing an Incident Response Capability Through Intelligence-Based Threat Hunting.. Birmingham: Packt Publishing, Limited. ISBN 978-1-80107-099-7. OCLC 1321804492. https://www.worldcat.org/oclc/1321804492.
- ↑ Palacin, Valentina (2021). Practical Threat Intelligence and Data-Driven Threat Hunting : A Hands-On Guide to Threat Hunting with the ATT&CK(tm) Framework and Open Source Tools.. Birmingham: Packt Publishing, Limited. ISBN 978-1-83855-163-6. OCLC 1235594404. https://www.worldcat.org/oclc/1235594404.
- ↑ SIMON., ROUTIN, DAVID. ROSSIER, SAMUEL. THOORES (2022). PURPLE TEAM STRATEGIES : enhancing global security posture through uniting red and blue teams with... adversary emulation.. PACKT PUBLISHING LIMITED. ISBN 978-1-80107-429-2. OCLC 1322811650. http://worldcat.org/oclc/1322811650.
External links
- GitHub repository
- sigmatools on PyPi
Original source: https://en.wikipedia.org/wiki/Sigma (signature format).
Read more |