Lock & Load: Arming Yourself with Custom Sigma Rules

Adam Goss
11 min readApr 10

Hey friend, welcome back!

In my last blog post on using threat intelligence articles for hunting we looked at extracting IOCs and TTPs from these articles and using them to perform IOC-based and TTP-based threat hunts. Hunting IOCs was simple, however, for TTPs, we had to correlate MITRE ATT&CK techniques mentioned in these articles to corresponding Sigma rules that could…

Adam Goss

Cyber Security Professional | Red Teamer | Adversary Emulator | Malware Analysis | Threat Hunter | Automator