issues
search
redcanaryco
/
surveyor
A cross-platform baselining, threat hunting, and attack surface analysis tool for security teams.
MIT License
169
stars
59
forks
source link
Add Support for Sigma Rules
#106
Closed
rc-csmith
closed
1 year ago
rc-csmith
commented
1 year ago
Changes
Create two options:
--sigmarule
allows user to specify a single file
--sigmadir
allows user to specify a directory of Sigma rule files
Add extended requirements to support Sigma conversion (but do not make Sigma dependencies a requirement to run Surveyor)
Added type checking to GitHub workflow
To Do:
Update documentation on how to use the new Sigma options
Document limitations of Sigma (no support for Cortex XDR)
Changes
--sigmarule
allows user to specify a single file--sigmadir
allows user to specify a directory of Sigma rule filesTo Do: