Why are some Sigma detections classified with a level such as Critical, High, Medium, and Low?
Why are some Sigma detections classified with a level such as Critical, High, Medium, and Low?
The (optional) Sigma Add-On provides pre-defined detection rules which can include
Written by Amrik Randhawa
Updated over a week ago
Once you enable the Sigma add-on you may start seeing detections come through. These detections can include a level parameter with a value of:
These level classifications are provided by the rule author.
Learn more on the Sigma GitHub repo ReadMe.
