detections.ai

detections.ai operates a community-driven platform for security detection engineers to share, discover, and create detection rules across multiple security platforms. The platform aggregates detection content from various sources including GitHub repositories, individual users, vendors, and content creators, organizing them in a searchable format. Users can access detection rules written in multiple query languages including SIGMA, KQL (Kusto Query Language), and SPL (Splunk Processing Language). The platform features a community structure with specialized groups focused on specific security domains such as cloud threat hunting, PowerShell-based attack detection, and MITRE ATT&CK framework mapping. These groups enable detection engineers to collaborate, share expertise, and validate detection rules through peer review. detections.ai incorporates AI-powered detection generation capabilities that allow users to transform threat intelligence into actionable detection rules. The AI models are purpose-built for detection engineering workflows and can analyze various input formats including PDF documents, JSON log files, and markdown files to generate new detections. This functionality bridges the gap between raw threat intelligence and operational security detections. The platform serves detection engineers, security operations teams, and threat hunters who need to develop, maintain, and improve detection capabilities across their security infrastructure. By combining community collaboration with AI-enhanced automation, detections.ai addresses the challenge of creating and maintaining effective security detections at scale.