Detections as Code using Sigma. Anyone done This? | allinfosecnews.com

Nov. 9, 2022, 10:08 p.m. | /u/WTFCanID0

For [Blue|Purple] Teams in Cyber Defence www.reddit.com

Anyone here actually done "Detections as Code"? I'm thinking about trying it out as we use various tools. The idea of writing detections once in Sigma and generating Splunk/ELK/QRadar searches is nice. But I'm sure there are problems, beyond the ones I'm seeing.

blueteamsec code detections sigma

More from www.reddit.com / For [Blue|Purple] Teams in Cyber Defence

How To: Use UFW(Uncomplicated Firewall) and Send the logs to Sentinel and Parse with a … 11 hours ago | www.reddit.com

blueteamsec check connections easy +8

Discover Proton Mail registration date with one weird trick… 1 day, 7 hours ago | www.reddit.com

blueteamsec date discover mail +5

NATO Deputy Secretary General: we must be big on cyber defence ambitions 1 day, 9 hours ago | www.reddit.com

big blueteamsec cyber cyber defence +4

YARA is dead, long live YARA-X 1 day, 10 hours ago | www.reddit.com

blueteamsec dead live yara

BSI is suing Microsoft to release information about security disasters 1 day, 14 hours ago | www.reddit.com

blueteamsec bsi disasters information +3

Employee Personal GitHub Repos Expose Internal Azure and Red Hat Secrets 2 days, 12 hours ago | www.reddit.com

azure blueteamsec employee expose +6

Spring Cleaning with LATRODECTUS: A Potential Replacement for ICEDID 2 days, 12 hours ago | www.reddit.com

blueteamsec cleaning icedid latrodectus +1

Revealing Spammer Infrastructure With Passive DNS - 226 Toll-Themed Domains Targeting Australia 2 days, 13 hours ago | www.reddit.com

australia blueteamsec dns domains +6

Response Filter Denial of Service (RFDoS): shut down a website by triggering WAF rule 3 days, 12 hours ago | www.reddit.com

blueteamsec denial of service down filter +4

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Technology Security Analyst

@ Halton Region | Oakville, Ontario, Canada

View on infosec-jobs.com

Senior Cyber Security Analyst

@ Valley Water | San Jose, CA

View on infosec-jobs.com

Consultant Sécurité SI Gouvernance - Risques - Conformité H/F - Strasbourg

@ Hifield | Strasbourg, France

View on infosec-jobs.com

Lead Security Specialist

@ KBR, Inc. | USA, Dallas, 8121 Lemmon Ave, Suite 550, Texas

View on infosec-jobs.com

Consultant SOC / CERT H/F

@ Hifield | Sèvres, France

View on infosec-jobs.com