23f72c2 · Detection As Code

readme: multi-siem conversion screenshot

23f72c2 Zion Boggan committed on May 29, 2026 (3 weeks ago)

README.md +2 -0

		@@ -9,6 +9,8 @@ Every rule here converts cleanly to Splunk SPL, Elastic ES\|QL, and **Mic
		Sentinel / Defender KQL**, and is tagged to MITRE ATT&CK so coverage is something you can
		measure instead of guess at.

	+	![One Sigma rule compiled to three SIEMs](docs/screenshots/01-multi-siem-conversion.png)
	+
		## Why

		A detection written in one SIEM's query language is stranded there. Writing it in Sigma

docs/screenshots/01-multi-siem-conversion.png +0 -0

Binary file not shown