-
-
Notifications
You must be signed in to change notification settings - Fork 1.2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Sigma rules feed.. #1614
Comments
I am also interested in the cooperation with Sigma rule. The most difficult part of the research is that the amount of data sources is far too small to link the detected CVEs to those rules. Do you know of a data source that is stable, updated and has a reasonable amount of data linking these rules to CVEs? |
Least you could at the very least , add it in the yellow Least in golang.. https://github.com/opencybersecurityalliance/stix-shifter , ports to stix2 https://pkg.go.dev/github.com/TcM1911/stix2 https://raw.githubusercontent.com/SigmaHQ/sigma/master/tools/config/ecs-suricata.yml , perhaps useful. |
https://uncoder.io/
https://github.com/SigmaHQ/sigma
https://github.com/bradleyjkemp/sigma-go
A few free sigma feeds..
While common in siem land , these are more raw threat detections..
Machine a is vulnerable to x..⚠️ Machine a is showing active infected.... might be useful to know.. on reports
Warning
Your firewall is not patched is vulnerable, compromised etc..
as a 🔌 plug-in ..
Simular to go-cti gost etc..
The text was updated successfully, but these errors were encountered: