└── README.md


/README.md:
--------------------------------------------------------------------------------
 1 | # SIGMA-Resources
 2 | 
 3 | Resources To Learn And Understand SIGMA Rules
 4 | 
 5 | ## SIGMA Specification
 6 | 
 7 | * [Sigma Specification by SigmaHQ](https://github.com/SigmaHQ/sigma/wiki/Specification)
 8 | * [Anatomy of a Sigma Rule](https://speakerdeck.com/fr0gger/sigma-rules-cheat-sheet)
 9 | 
10 | ## Blogs
11 | 
12 | * [Sigma Rule Creation Guide by SigmaHQ](https://github.com/SigmaHQ/sigma/wiki/Rule-Creation-Guide)
13 | * [Introducing Generic Log Sources in Sigma by Thomas Patzkes](https://patzke.org/introducing-generic-log-sources-in-sigma.html)
14 | * [A Guide to Generic Log Sources in Sigma by Thomas Patzkes](https://patzke.org/a-guide-to-generic-log-sources-in-sigma.html)
15 | * [How to Write Sigma Rules](https://www.nextron-systems.com/2018/02/10/write-sigma-rules/)
16 | * [The Best Possible Monitoring with Sigma Rules](https://www.nextron-systems.com/2017/07/06/the-best-possible-monitoring-with-sigma-rules/)
17 | * [What is Sigma? Threat Hunting in SIEM Products with Sigma Rules – Example Sigma Rules](https://www.systemconf.com/2021/03/21/what-is-sigma-threat-hunting-in-siem-products-with-sigma-rules-example-sigma-rules/)
18 | * [Threat Detection with SIGMA Rules](https://www.loginsoft.com/blog/2020/06/17/threat-detection-with-sigma-rules/)
19 | 
20 | ## Cheat Sheets
21 | 
22 | * [Sigma – Detection Expression](https://drive.google.com/file/d/1nayvP3m8GD8cxV_nrk6459mHDV2xaqFB/view)
23 | 
24 | ## Slides
25 | 
26 | * [Sigma - Generic Signatures for SIEM Systems by Florian Roth](https://www.slideshare.net/secret/gvgxeXoKblXRcA)
27 | * [Threat Hunting with Application Logs and Sigma by Thomas Patzke](https://www.owasp.org/images/a/a8/GOD17-Sigma.pdf)
28 | * [Sigma Hall of Fame - EU ATT&CK User Workshop, October 2021 by Florian Roth](https://www.slideshare.net/FlorianRoth2/sigma-hall-of-fame-eu-attck-user-workshop-october-2021)
29 | 
30 | ## Talks / Webinars
31 | 
32 | * [Sigma - Generic Signatures for Log Events by Thomas Patzke](https://www.youtube.com/watch?v=OheVuE9Ifhs)
33 | * [Security Talks with SOC Prime: Implementing & Customizing SIGMA](https://tdm.socprime.com/education)
34 | * [Security Talks with SOC Prime: All About SIGMA](https://www.youtube.com/watch?v=HTCoQPSnIiU)
35 | * [[SIGMA] 2.1 - Case Study 1 - Windows Event Logs - Background and Sample Rule by Applied Network Defense](https://vimeo.com/556287539/7ccac2e5b7)
36 | * [How to Level Up Your Threat Detection Practice by SANS](https://www.sans.org/webcasts/level-threat-detection-practice-119845/)
37 | 
38 | ## Courses
39 | 
40 | * [Detection Engineering with Sigma by Applied Network Defense](https://www.networkdefense.co/courses/sigma/)
41 | 
42 | ## Books
43 | 
44 | * [Practical Threat Intelligence and Data-Driven Threat Hunting](https://www.packtpub.com/product/practical-threat-intelligence-and-data-driven-threat-hunting/9781838556372) - Chapter 5 Include an Introduction to SIGMA Rules.
45 | 
46 | ## Rules Repositories
47 | 
48 | * [SigmaHQ - Rules](https://github.com/SigmaHQ/sigma/tree/master/rules)
49 | * [SOC Prime - Rules](https://sigma.socprime.com/#!/)
50 | * [Joe Security - Rules](https://github.com/joesecurity/sigma-rules/tree/master/rules)
51 | * [Michel de CREVOISIER - Rules](https://github.com/mdecrevoisier/SIGMA-detection-rules)
52 | * [The DFIR Report - Rules](https://github.com/The-DFIR-Report/Sigma-Rules)
53 | 
54 | ## SIGMA Rules Converters
55 | 
56 | * [UNCODER.IO](https://uncoder.io/)
57 | * [SIGMAC](https://github.com/SigmaHQ/sigma/blob/master/tools/README.md)
58 | * [SIGMA UI](https://github.com/socprime/SigmaUI)
59 | * [sigmaio - sigma in, anything out](https://sigmaio.app/)
60 | 


--------------------------------------------------------------------------------