Open Source Introducing new SigmaHQ Rule Packs
SIEM Detection Format
detection format for
Get the most out of the Sigma ecosystem in your SIEM, and start using thousands of great security detections from the community and beyond.
title: AWS Root Credentials description: Detects AWS root account usage logsource: product: aws service: cloudtrail detection: selection: userIdentity.type: Root filter: eventType: AwsServiceEvent condition: selection and not filter falsepositives: - AWS Tasks That Require Root User Credentials level: medium
Explore the Sigma Ecosystem
The upcoming Sigma projects, developments and services.
Community project that use and extend the Sigma ecosystem.
Sigma would not be possible without the hard work and dedications of hundreds of online contributors through Github.
If you would like to support the project in any way, please visit our contribute guide on the sigma documentation page.