Sigma
Sigma is a generic and open signature format that allows you to describe relevant security-related information in a structured and machine-readable way. It is designed to be used in SIEM systems and other security tools to detect and respond to threats. Sigma is a collaborative project that aims to make reliable detections accessible to all at no cost. The repository offers more than 3000 detection rules of different types, including generic detection rules, threat hunting rules, and emerging threat rules. Sigma is a powerful tool for security professionals, threat hunters, and analysts to detect and respond to threats in a more efficient and effective way.
FEATURES
SIMILAR TOOLS
A tracker that detects and logs SYN packets with a specific signature generated by the Mirai malware, providing real-time information on Mirai-based campaigns.
Zero Day Live is a threat intelligence platform that provides early detection of malware and zero-day vulnerabilities through a proprietary sensor network processing over 1 billion data points.
A collection of APT and cybercriminals campaigns with various resources and references.
An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.
yarAnalyzer creates statistics on a yara rule set and files in a sample directory, generating tables and CSV files, including an inventory feature.
A tool to extract indicators of compromise from security reports in PDF format.
PINNED
Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.