Fabric icon indicating copy to clipboard operation
Fabric copied to clipboard
Published 2 weeks ago verified publisher icon danielmiessler

Add create_sigma_rules Pattern

Open bobby-tablez opened this issue 1 year ago • 3 comments

What this Pull Request (PR) does

Add a pattern which takes a cybersecurity related publication and extracts TTP indicators in the form of Sigma rules. https://github.com/SigmaHQ/sigma

Related issues

none

Screenshots

none

bobby-tablez avatar Jun 11 '24 19:06 bobby-tablez

Potentially supplying a better name for the PR will help with review.

brianredbeard avatar Jun 11 '24 20:06 brianredbeard

@bobby-tablez using what models you tested it? Thx

dorinvlas avatar Jun 13 '24 13:06 dorinvlas

Tested using gpt-3.5, gpt4, gpt4o

bobby-tablez avatar Jun 13 '24 19:06 bobby-tablez