Go to LimaCharlie
All Collections
Detect & Respond
Sigma Rules
Why are some Sigma detections classified with a level such as Critical, High, Medium, and Low?

Why are some Sigma detections classified with a level such as Critical, High, Medium, and Low?

The (optional) Sigma Add-On provides pre-defined detection rules which can include
Amrik Randhawa avatar
Written by Amrik Randhawa. Updated over a week ago

Once you enable the Sigma add-on you may start seeing detections come through. These detections can include a level parameter with a value of:

  • Critical

  • High

  • Medium

  • Low

These level classifications are provided by the rule author.

Learn more on the Sigma GitHub repo ReadMe.

Did this answer your question?