rickytip/detection-rules

# Detection Engineering Labs This repository contains Sigma detection rules developed while completing SOC detection engineering challenges. ## Skills Demonstrated - Sigma rule development - Linux & Windows threat detection - MITRE ATT&CK mapping - Adversary TTP analysis - Detection logic tuning ## Platforms Covered - Linux (auditd, process execution) - Windows (Sysmon) - Cloud (AWS IAM) ## Tooling - Sigma - SOC Labs - MITRE ATT&CK