Projects

SIGMA


"Sigma is a generic and open signature format that allows you to describe relevant log events in a straightforward manner." Extremely useful although out-of-the-box rules are likely to require tuning for an individual environment.


https://github.com/SigmaHQ/sigma

https://medium.com/malware-buddy/security-infographics-9c4d3bd891ef#5920


Florian Roth's presentation on SIGMA

https://github.com/Neo23x0/Talks/blob/master/Sigma_Hall_of_Fame_20211022.pdf


SOC Prime provide a convertor for sigma rules into different formats

https://uncoder.io/


Cheat sheet for writing Sigma rules from learnsigmarules.com who offer a course.

https://drive.google.com/file/d/1nayvP3m8GD8cxV_nrk6459mHDV2xaqFB/view

MaGMa

The MaGMa Use Case Framework (UCF) from the Dutch Payments Association is a framework and tool for use case management and administration

https://www.betaalvereniging.nl/en/safety/magma/