Misplaced Pages

Sigma (signature format)

Article snapshot taken from Wikipedia with creative commons attribution-sharealike license. Give it a read and then ask your questions in the chat. We can research this topic together.

Sigma is a signature format based on pattern matching for sigma sigma logging, to detect malicious behavior in computer systems.

See also

YARA
Snort

Further reading

Kont, Markus. "IDS for logs: Towards implementing a streaming Sigma rule engine" (PDF). Cooperative Cyber Defence Centre of Excellence.

References

Martinez, Roberto (2022). Incident Response with Threat Intelligence Practical Insights into Developing an Incident Response Capability Through Intelligence-Based Threat Hunting. Birmingham: Packt Publishing, Limited. ISBN 978-1-80107-099-7. OCLC 1321804492.
Palacin, Valentina (2021). Practical Threat Intelligence and Data-Driven Threat Hunting : A Hands-On Guide to Threat Hunting with the ATT&CK(tm) Framework and Open Source Tools. Birmingham: Packt Publishing, Limited. ISBN 978-1-83855-163-6. OCLC 1235594404.
SIMON., ROUTIN, DAVID. ROSSIER, SAMUEL. THOORES (2022). PURPLE TEAM STRATEGIES : enhancing global security posture through uniting red and blue teams with... adversary emulation. PACKT PUBLISHING LIMITED. ISBN 978-1-80107-429-2. OCLC 1322811650.{{cite book}}: CS1 maint: multiple names: authors list (link)

External links

GitHub repository
sigmatools on PyPi

This malware-related article is a stub. You can help Misplaced Pages by expanding it.

v
t
e