Architecture
Sigma rule processing using streaming SQL
Overview Before reading this blog, we strongly encourage you to read this very interesting blog from sekoia. They explain why they decided to leverage Sigma rules instead of other formats (namely STIX) to deal with complex correlation patterns. Here is a simple example: say you want to generate alerts if Read more…