Hunting for Hackers with Sigma Rules

Поділитися
Вставка
  • Опубліковано 7 січ 2025

КОМЕНТАРІ • 41

  • @jayinfosec
    @jayinfosec Рік тому +19

    There is a lot of haters on Sigma... Nas even said, "many people tell him he isnt good at detection engineering" - meanwhile, every vendor and enterprise is using their rules.... Sigma is freakin awesome!!

    • @imveryhungry112
      @imveryhungry112 11 місяців тому

      sigma sucks. it looks like they4re trying to tailer it to just work for very specific vendors. Fuckin lame.

  • @xCheddarB0b42x
    @xCheddarB0b42x Рік тому +4

    This was fantastic upload. Can't wait to play with these detection rules. Thank you both!

  • @stunnx4421
    @stunnx4421 Рік тому +1

    This was great! Thanks, both of you!

  • @chadguru9565
    @chadguru9565 4 дні тому

    This is what I was looking for when I looked up "Sigma" on UA-cam, but wasn't expecting to be bombarded with pages and pages of incel content

  • @hamidb75
    @hamidb75 Рік тому +3

    This was great and very informative for detection, Thanks a bunch to both.

  • @bing_crilling8981
    @bing_crilling8981 Рік тому +12

    patrick bateman cybersecurity

  • @demotedc0der
    @demotedc0der Рік тому +1

    this is literally a next level type of detection system

  • @shadisukkar
    @shadisukkar 5 місяців тому +1

    Is there any potential that Wazuh becomes a supported backend for Sigma?

  • @Hybrid_Netowrks
    @Hybrid_Netowrks 7 місяців тому

    John can Sigma support in converting AIX binary logs into Splunk format?

  • @KCM25NJL
    @KCM25NJL Рік тому +2

    I guess the obvious question now, is what would a threat actor do to fly under the sigma radar?

    • @xCheddarB0b42x
      @xCheddarB0b42x Рік тому

      Fuzzing or other obfuscation and also patience. Separate actions with time.

  • @crusader_
    @crusader_ Рік тому

    Banger thumbnail

  • @Wca2e9315
    @Wca2e9315 Рік тому +1

    Can you hunt the Lazarus syndicate?

  • @squid13579
    @squid13579 Рік тому +1

    Full time: Batman
    Part time : cyber security😎

  • @xakcisx
    @xakcisx Рік тому +6

    So sigma

  • @HeyDudee
    @HeyDudee Рік тому

    John You da best 🔥🔥

  • @-BANKAI-n1
    @-BANKAI-n1 4 місяці тому

    I can't get sigma rules to work with insightidr, even the converter failes to process the rules.i'm doing something wrong or is it not yet supported?

    • @-BANKAI-n1
      @-BANKAI-n1 4 місяці тому

      Nvm, i found out while typing the message:
      The InsightIDR backend supports the following log entry/rule types:
      Process start events
      DNS query events
      Web proxy events
      Firewall events
      Ingress authentication events

  • @-robotsea-6846
    @-robotsea-6846 Рік тому

    John, I swear all I hear is Seth Rogan when you are talking. Man I'm dying over here. But long LIVE sigma. Haters gonna hate.

  • @Aurora.Astralis
    @Aurora.Astralis 11 місяців тому

    My name is Aurora which made me a little confused when I kept hearing/seeing it

  • @everypizza
    @everypizza Рік тому

    🗿 phonk security

  • @Revoku
    @Revoku Рік тому

    a bunch of streamers/youtubers are going on about call of shames anti-cheat acting like it has malware, imo you should have a nosy at it, bet you can sort out all the drama in no time flat

  • @imveryhungry112
    @imveryhungry112 11 місяців тому

    How the f do you convert these to like sql queries? Noone will ever get to the point.

  • @MysteryMan159
    @MysteryMan159 Рік тому

    Still waiting for vim plug-ins exploits 😎

  • @SzaboB33
    @SzaboB33 Рік тому +1

    Sigma rules! XD

  • @syedbarkath6960
    @syedbarkath6960 Рік тому

    John why the quality and presentation of the video changes if you are with other hackers? That s need to be same.

  • @mauritaniainjector3736
    @mauritaniainjector3736 Рік тому

    Talk on palastin 😢

  • @wolfleader2
    @wolfleader2 3 місяці тому

    What the sigma

  • @stickysimon0379
    @stickysimon0379 Рік тому

    Teach us how to write a simple computer code for python and windows

  • @alkassirabumustafa7875
    @alkassirabumustafa7875 Рік тому

    Hi

  • @Sudhanshu0761
    @Sudhanshu0761 Рік тому

    Nice

  • @amirhosseinamiran
    @amirhosseinamiran Рік тому +1

    Thanks for content ❤❤❤
    I can hack just for you man

  • @DZDZDZDZDZDZDZDZDZDZDZDZDZ-w4n

    Firs

  • @Salim-b4x7c
    @Salim-b4x7c Рік тому

    Second 😂

  • @Gyhvthhfdcvv
    @Gyhvthhfdcvv Рік тому

    first