sigma (@sigma_hq) 's Twitter Profile
sigma

@sigma_hq

Generic Detection Rules for Log Data

ID: 1257685780274778113

linkhttps://github.com/SigmaHQ/sigma calendar_today05-05-2020 14:57:49

376 Tweet

4,4K Followers

0 Following

Nasreddine Bencherchali (@nas_bench) 's Twitter Profile Photo

We're pleased to announce the official release of the Sigma Specification v2.0 🚀 - an important milestone for the Sigma project, that introduces new features as well as many enhancements to the Sigma standard. - sigma Check out the release blog for all the juicy details -

We're pleased to announce the official release of the Sigma Specification v2.0 🚀 - an important milestone for the Sigma project, that introduces new features as well as many enhancements to the Sigma standard. - <a href="/sigma_hq/">sigma</a>

Check out the release blog for all the juicy details -
Nasreddine Bencherchali (@nas_bench) 's Twitter Profile Photo

- MITRE D3FEND tag support. - New related type "Correlation" for easily linking between rules used in correlation. - New modifiers for datetime fields And many more things are coming in sigma Specification v2.1 later this year.

- MITRE D3FEND tag support.
- New related type "Correlation" for easily linking between rules used in correlation.
- New modifiers for datetime fields

And many more things are coming in <a href="/sigma_hq/">sigma</a> Specification v2.1 later this year.
Nasreddine Bencherchali (@nas_bench) 's Twitter Profile Photo

New Sigma release r2024–09–02 is available for download. 🌟75 New Rules 🛡️43 Rule updates 🔬30 Rule Fixes Here is a snippet from this release - Added coverage for multiple GTFOBins. - Updates adding new file sharing domains (*.pages.dev, *.w3spaces.com, *.workers.dev) -

New Sigma release r2024–09–02 is available for download.

🌟75 New Rules
🛡️43 Rule updates
🔬30 Rule Fixes

Here is a snippet from this release

- Added coverage for multiple GTFOBins.
- Updates adding new file sharing domains (*.pages.dev, *.w3spaces.com, *.workers.dev)
-
evan j (@ejcx_) 's Twitter Profile Photo

Today RunReveal is announcing support for sigma detections and open sourcing our sigma rule evaluator, sigmalite. Read the blog, and check out the code! sigmalite.dev blog.runreveal.com/introducing-si…

Αⅼех (@sifex) 's Twitter Profile Photo

A massive thanks to BSides Tallinn for having me on this year. Amazing conference, would recommend anyone to make the trip up 🇪🇪 Slides for the Sigma talk below 👇 sinn.io/sigma-decoding…

frack113 (@frack113) 's Twitter Profile Photo

If like me you need the sigma rules references as PDF for AIR GAP, I started a best effort projet : github.com/frack113/sigma…

Nasreddine Bencherchali (@nas_bench) 's Twitter Profile Photo

New Sigma release r2024-11-10 is available for download 🌟 17 New Rules 🛡️ 35 Rule updates 🔬 4 Rule Fixes This release includes rules covering - Suspicious .RDP file creation by Outlook and other uncommon processes. - IIS config tampering. - PowerShell Web Access abuse. -

New Sigma release r2024-11-10 is available for download

🌟 17 New Rules
🛡️ 35 Rule updates
🔬 4 Rule Fixes

This release includes rules covering

- Suspicious .RDP file creation by Outlook and other uncommon processes.
- IIS config tampering.
- PowerShell Web Access abuse.
-
Florian Roth ⚡️ (@cyb3rops) 's Twitter Profile Photo

This is a really interesting web page published in the @Virustotal UI that lists the applied sigma rules on samples executed in their sandboxes and on how many of those samples the particular Sigma rule matched but not a single AV engine virustotal.com/ui/sigma_rules

This is a really interesting web page published in the @Virustotal UI that lists the applied <a href="/sigma_hq/">sigma</a> rules on samples executed in their sandboxes and on how many of those samples the particular Sigma rule matched but not a single AV engine
virustotal.com/ui/sigma_rules
Nasreddine Bencherchali (@nas_bench) 's Twitter Profile Photo

Last Sigma release of the year r2024-12-19 is available for download :) 🌟 12 New Rules 🛡️ 52 Rule updates 🔬 6 Rule Fixes This release include multiple updates for Linux rules, new AWS rules and more. Check the full change log and start exploring this, by downloading the

Last Sigma release of the year r2024-12-19 is available for download :)

🌟 12 New Rules
🛡️ 52 Rule updates
🔬 6 Rule Fixes

This release include multiple updates for Linux rules, new AWS rules and more. Check the full change log and start exploring this, by downloading the
Nasreddine Bencherchali (@nas_bench) 's Twitter Profile Photo

Now that the last release of the year from sigma is out. I would like to reflect on the progress we made this year by sharing some stats :) - Merged 325 pull request. 🚀 - Had 103 unique contributors. 🤝 - Added 313 new rules. 📝 - Updated and fixed the rules a combined

Now that the last release of the year from <a href="/sigma_hq/">sigma</a> is out. I would like to reflect on the progress we made this year by sharing some stats :)

- Merged 325 pull request. 🚀

- Had 103 unique contributors. 🤝

- Added 313 new rules. 📝

- Updated and fixed the rules a combined
frack113 (@frack113) 's Twitter Profile Photo

Many people use sigma rules. That's great. We like to share detection knowledge. Don't be afraid to contribute in 2025. Even a simple False Positive is good. If your boss don't want just ask until having an yes 😝

Many people use <a href="/sigma_hq/">sigma</a>  rules. That's great. We like to share detection knowledge. Don't be afraid to contribute in 2025. Even a simple False Positive is good. If your boss don't want just ask until having an yes 😝
Nasreddine Bencherchali (@nas_bench) 's Twitter Profile Photo

New Sigma release r2025–02–03 is available for download. 🌟5 New Rules 🛡️5 Rule updates 🔬14 Rule Fixes Explore the full release -> github.com/SigmaHQ/sigma/… This release saw the first wave of contribution from the The DFIR Report in a new collab we started with the team. 🔥

New Sigma release r2025–02–03 is available for download.

🌟5 New Rules
🛡️5 Rule updates
🔬14 Rule Fixes

Explore the full release -&gt; github.com/SigmaHQ/sigma/…

This release saw the first wave of contribution from the <a href="/TheDFIRReport/">The DFIR Report</a> in a new collab we started with the team. 🔥
Αⅼех (@sifex) 's Twitter Profile Photo

🎉I am finally happy announce a brand new tool – detection.studio Sigma to SIEM conversion – done entirely locally (in-browser). Better support for Pipelines & Filters. Persistent workspaces, and Share & Export to Zip. Check it out down here👇

Nasreddine Bencherchali (@nas_bench) 's Twitter Profile Photo

Sigma rule packages have been downloaded more than 10M times since we started doing releases in late 2023! Last month package crossed the 2M mark today. 🚀 sigma

Sigma rule packages have been downloaded more than 10M times since we started doing releases in late 2023! Last month package crossed the 2M mark today. 🚀 <a href="/sigma_hq/">sigma</a>
Nasreddine Bencherchali (@nas_bench) 's Twitter Profile Photo

New Sigma release r2025-05-21 is available for download. 🌟15 New Rules 🛡️47 Rule updates 🔬13 Rule Fixes Explore the full release -> github.com/SigmaHQ/sigma/… This release focused mainly on updates and tunings of older rules, with newer detections covering NimScan, AdFind,

New Sigma release r2025-05-21 is available for download.

🌟15 New Rules
🛡️47 Rule updates
🔬13 Rule Fixes

Explore the full release -&gt; github.com/SigmaHQ/sigma/…

This release focused mainly on updates and tunings of older rules, with newer detections covering NimScan, AdFind,
Nasreddine Bencherchali (@nas_bench) 's Twitter Profile Photo

New Sigma release r2025-07-08 is available for download. 🌟43 New Rules 🛡️34 Rule updates 🔬27 Rule Fixes Explore the full release -> github.com/SigmaHQ/sigma/… This release introduces a bunch of new rules including detections for - Katz Stealer - MeshAgent usage -

New Sigma release r2025-07-08 is available for download.

🌟43 New Rules
🛡️34 Rule updates
🔬27 Rule Fixes

Explore the full release -&gt; github.com/SigmaHQ/sigma/…

This release introduces a bunch of new rules including detections for 

- Katz Stealer
- MeshAgent usage
-