In this post I will introduce the structure of Sigma Rules and how to write attributes to support detection content
Blog
The Signals Corps blog
-
Sigma Rules 101: Metadata and Logsources
Tutorials Sigma December 27, 2021
-
OASIS TAXII 2.1 104: Medallion TAXII Server
Tutorials Taxii November 29, 2021
In this post I will show an open-source TAXII Server allowing you to quickly get up and running to share intelligence.
-
OASIS TAXII 2.1 103: Updating Objects in Collections
Tutorials Taxii November 15, 2021
In this post I will show intelligence producers how to add and remove STIX 2.1 Objects using a TAXII Server API.
-
OASIS TAXII 2.1 102: Consuming Objects in Collections
Tutorials Taxii November 01, 2021
In this post I will walk through how TAXII Clients logically consume cyber threat intelligence from Collections using a TAXII 2.1 API.
-
OASIS TAXII 2.1 101: TAXII Concepts
Tutorials Taxii October 18, 2021
In this post I will give you an introduction of TAXII 2.1 concepts to prepare you for the following posts in the tutorial series.
-
OASIS STIX 2.1 107: Tooling
Tutorials Stix October 04, 2021
In this post I will introduce you to a few tools that will help you create and manage STIX 2.1 content.
-
OASIS STIX 2.1 106: Bundling
Tutorials Stix September 20, 2021
In this post I will show you how to package your STIX Objects so that they can be shared with others and integrated with other software.
-
OASIS STIX 2.1 105: Versioning
Tutorials Stix September 06, 2021
In this post I will show you some best practices for modifying STIX Objects by implementing proper versioning.
-
OASIS STIX 2.1 104: Customisation
Tutorials Stix August 23, 2021
In this post I will talk about customising STIX Objects when the predefined specification does not meet the needs of a data creators.
-
OASIS STIX 2.1 103: Patterns
Tutorials Stix August 09, 2021
In this post I will deconstruct STIX Patterns and demonstrate how to write effective detection rules (aka patterns).