File tree Expand file tree Collapse file tree 1 file changed +31
-0
lines changed Expand file tree Collapse file tree 1 file changed +31
-0
lines changed Original file line number Diff line number Diff line change 1+ title : some_name_here
2+ id : RESPONSE0000
3+ description : >
4+ Some text description here. It will be merged into one line
5+ author : your name/nickname
6+ creation_date : YYYY/MM/DD
7+ severity : M # L M H
8+ tlp : AMBER # WHITE GREEN AMBER RED
9+ tags :
10+ - attack.initial_access # use the next tag scheeme for ATT&CK tags: https://github.com/Neo23x0/sigma/wiki/Tags
11+ - attack.t1193 # use the next tag scheeme for ATT&CK tags: https://github.com/Neo23x0/sigma/wiki/Tags
12+ - phishinng # could be custom tags as well
13+ references :
14+ - https://example.com
15+ preparation :
16+ -
17+ identification :
18+ -
19+ containment :
20+ - # Response Actions could be aggregated
21+ - #
22+ eradication :
23+ -
24+ recovery :
25+ -
26+ lessons_learned :
27+ -
28+ workflow : |
29+ Description of the workflow in the [Markdown](https://github.com/adam-p/markdown-here/wiki/Markdown-Cheatsheet) format.
30+ You can put here anything you want, i.e. specific conditions/requirements or details on the order of Response Actions execution.
31+ Here newlines will be saved.
You can’t perform that action at this time.
0 commit comments