Behavioral Detection Engine Sigma Rules

A Sigma rules-based detection engine to block threats by identifying suspicious behavior.

Sigma’s rule-based Behavioral Engine enables analysts to set up and share rules describing techniques, tools, and procedures (TTPs), as well as attacker behaviors listed in cybersecurity frameworks such as MITRE ATT&CK.

Behavioral Engine detects:

  • Techniques, tools, and procedures (TTP)
  • Malicious behavior