Explore OpenCTI or OpenAEV platform with 30 days Free Trial!
XTM Hub by FiligranSign In
SigmaHQ logo

SigmaHQ

Automatic deploy
Verified
Open Source Threat Intel
Detection & Response Enablement

Overview

The SigmaHQ connector ingests Sigma detection rules from the SigmaHQ repository (https://sigmahq.io) as indicators in OpenCTI. It imports over 3000 detection rules including generic detection rules, threat hunting rules, emerging threat rules, compli

The SigmaHQ connector enables automated ingestion of Sigma detection rules from the SigmaHQ repository (https://sigmahq.io) into OpenCTI as indicators. Sigma is a generic signature format for SIEM systems that allows detection engineers, threat hunters, and defensive security practitioners to collaborate on detection rules.

This connector imports more than 3000 detection rules.

By importing these rules as indicators in OpenCTI, organizations can enrich their threat intelligence platform with community-maintained detection logic, enhance their detection capabilities, and correlate Sigma rules with other threat intelligence entities such as TTPs, malware, and threat actors.

Basic information

SigmaHQ
Vendor Contact
Connectors
External import
7.260522.0
0

    We use cookies to make the XTM Hub work, understand how it's used, and improve your experience. Strictly necessary cookies are always on. With your consent, we also use optional cookies for functionality, performance and analytics, and marketing. You can accept all, reject all, or choose which optional cookies to allow. You can change your preferences at any time via "Cookie settings". See our Cookie Policy for more information.