SIGMA

"Sigma is a generic and open signature format that allows you to describe relevant log events in a straightforward manner." Extremely useful although out-of-the-box rules are likely to require tuning for an individual environment.

https://github.com/SigmaHQ/sigma

https://medium.com/malware-buddy/security-infographics-9c4d3bd891ef#5920

Florian Roth's presentation on SIGMA

https://github.com/Neo23x0/Talks/blob/master/Sigma_Hall_of_Fame_20211022.pdf

SOC Prime provide a convertor for sigma rules into different formats

https://uncoder.io/

Cheat sheet for writing Sigma rules from learnsigmarules.com who offer a course.

https://drive.google.com/file/d/1nayvP3m8GD8cxV_nrk6459mHDV2xaqFB/view