Phoenix
Sigma IntelligenceBeta
All Authors
RR

Roberto Rodriguez

Cyb3rWard0g
@Cyb3rWard0g
First rule: Mon Feb 12 2018 01:00:00 GMT+0100 (Central European Standard Time)
Commits on SigmaHQPull Requests
Share profile card
0rules authored
19sole author
69co-authored
Top Log Sources
1
windows / security
26 rules
2
windows / image_load
10 rules
3
windows / process_creation
10 rules
Rule Types
detection
82threat hunting
6
By Severity
critical
5
high
35
medium
35
low
9
informational
4
By Status
stable
1
test
87
experimental
0
deprecated
0
unsupported
0
0
Total Rules
0
Stable Rules
0
High / Critical
0
Log Source Types
Recent RulesAll rules →
CredUI.DLL Loaded By Uncommon Process
Tue Oct 20 2020 02:00:00 GMT+0200 (Central European Summer Time)
mediumDetection
Startup Folder File Write
Sat May 02 2020 02:00:00 GMT+0200 (Central European Summer Time)
mediumDetection
RDP Sensitive Settings Changed
Sat Aug 06 2022 02:00:00 GMT+0200 (Central European Summer Time)
highDetection
Sysmon Channel Reference Deletion
Tue Jul 14 2020 02:00:00 GMT+0200 (Central European Summer Time)
highDetection
Suspicious Non PowerShell WSMAN COM Provider
Wed Jun 24 2020 02:00:00 GMT+0200 (Central European Summer Time)
mediumDetection
Uncommon PowerShell Hosts
Sun Aug 11 2019 02:00:00 GMT+0200 (Central European Summer Time)
mediumThreat Hunt
Browse all 88 rules by Roberto Rodriguez
Filter the full rule library to see only their contributions
View Rules →