TryHackMe - Sigma
Sigma is a generic and open signature format that allows you to describe relevant log events in a straightforward manner. The rule format is very flexible, easy to write, and allows for the creation of detection rules applicable across different SIEM backends.
Follow/Connect:
💻Blog: https://micahsoday.github.io
💻LinkedIn: https://www.linkedin.com/in/micah-funderburk/
💻TryHackMe: https://tryhackme.com/p/M0dChild
Link to the Room:
🔍https://tryhackme.com/room/
References:
🔗https://github.com/SigmaHQ/sigma-specification/blob/main/Sigma_specification.md
🔗https://www.signalscorps.com/blog/2022/sigma-rules-102-writing-detections-search-identifiers/
🔗https://uncoder.io/
Micah Babinski's LinkedIn/Blog:
🔌https://www.linkedin.com/in/micah-babinski
🔌https://micahbabinski.medium.com/
Видео TryHackMe - Sigma канала Micahs0day
Follow/Connect:
💻Blog: https://micahsoday.github.io
💻LinkedIn: https://www.linkedin.com/in/micah-funderburk/
💻TryHackMe: https://tryhackme.com/p/M0dChild
Link to the Room:
🔍https://tryhackme.com/room/
References:
🔗https://github.com/SigmaHQ/sigma-specification/blob/main/Sigma_specification.md
🔗https://www.signalscorps.com/blog/2022/sigma-rules-102-writing-detections-search-identifiers/
🔗https://uncoder.io/
Micah Babinski's LinkedIn/Blog:
🔌https://www.linkedin.com/in/micah-babinski
🔌https://micahbabinski.medium.com/
Видео TryHackMe - Sigma канала Micahs0day
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
![Cybersecurity HomeLab Pt.3 - DMZ](https://i.ytimg.com/vi/N_IlfgIWWMg/default.jpg)
![LetsDefend (SOC Analyst) - Event ID #113: Suspicious Certutil.exe Usage](https://i.ytimg.com/vi/So-ORKGromw/default.jpg)
![Beginner Cloud Project | Cloud Resume Challenge Overview](https://i.ytimg.com/vi/4Q0wjk72Hjk/default.jpg)
![TryHackMe - Benign (Splunk Investigation)](https://i.ytimg.com/vi/elgflkcMz_s/default.jpg)
![Deploying Linux Based Amazon EC2 Instance in AWS](https://i.ytimg.com/vi/6Xg3PVZBumM/default.jpg)
![PwnedLabs | LOOT Exchange, Teams, and SharePoint Data with GraphRunner](https://i.ytimg.com/vi/B1Ucol64Wsc/default.jpg)
![PwnedLabs | Intro to AWS IAM Enumeration](https://i.ytimg.com/vi/RvrZ52ngh5Q/default.jpg)
![TryHackMe - Splunk BOTSv1 (APT Scenario) Walkthrough -](https://i.ytimg.com/vi/l9Ozh2WnCiE/default.jpg)
![Cybersecurity HomeLab Pt.2 - VLANs](https://i.ytimg.com/vi/86aBBg5TVOY/default.jpg)
![LetsDefend (SOC Analyst) - Event ID #119: Possible IDOR Attack Detected](https://i.ytimg.com/vi/EEN3AnvvnC4/default.jpg)
![Docker x VSCode | Getting Started with Dev Containers](https://i.ytimg.com/vi/4hki_17bkII/default.jpg)
![Cloud Resume Challenge Static Website S3](https://i.ytimg.com/vi/FT6hHDN5wc8/default.jpg)
![LetsDefend (SOC Analyst) - Event ID #74: Data Leak via Mailbox Forwarding Detected](https://i.ytimg.com/vi/SVDDJWYX0sE/default.jpg)
![Work From Home Desk Overhaul (Cybersecurity Edition)](https://i.ytimg.com/vi/yEjDFTQpgs0/default.jpg)
![Cybersecurity (SOC Analyst) | Top 3 Underrated Skills](https://i.ytimg.com/vi/jJZw44K5LxY/default.jpg)
![CompTIA Cybersecurity Analyst (CySA+) | CS0-002 | Resources & Tips to Pass!](https://i.ytimg.com/vi/XthT7dlB14I/default.jpg)
![Going for Gold | BTL1 | I Passed!](https://i.ytimg.com/vi/HnYIk0N7d24/default.jpg)
![LetsDefend (SOC Analyst) - Event ID #92: Ransomware Detected](https://i.ytimg.com/vi/UerGFhzr8kQ/default.jpg)
![TryHackMe - Investigating Windows](https://i.ytimg.com/vi/tXiq_O9oQ40/default.jpg)
![LetsDefend (SOC Analyst) - Event ID #93: Phishing Email Detected - Excel 4.0 Macros](https://i.ytimg.com/vi/SZ53u31puoI/default.jpg)