SIEM Detection Format. The shareable detection format for security professionals.
Sigma is a generic, open, and structured detection format that allows security teams to detect relevant log events in a simple and shareable way.
Detection engineers, threat hunters and all defensive security practitioners collaborate on detection rules. The repository offers more than 3000 detection rules of different type and aims to make reliable detections accessible to all at no cost.
MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community.
Canary tokens are a free, quick, painless way to help defenders discover they've been breached (by having attackers announce themselves. How tokens works (in 3 short steps):