Forum Discussion
Sigma rules on sentinel
Was just wondering, if its worth importing converted sigma rules into sentinel to use for detection. Does sentinel already have these rules by default in its intelligence?
- There is a blog posting here in regards to importing Sigma rules that may help you deicde: https://techcommunity.microsoft.com/t5/Azure-Sentinel/Importing-Sigma-Rules-to-Azure-Sentinel/ba-p/657097
Hi gary,
I am aware of it. The reason i asked is because ianhelle of MSFT did create that notebook conversion. So i was wondering if it would have been included into Sentinels intelligence, and by me importing converted sigma rules this would be a duplication.
