About

Philosophy

Quality isn't an afterthought in SigmaHQ - it's the product. Every detection rule passes through a rigorous, multi-stage pipeline that combines formal specification, automated validation, real-world log testing, and mandatory peer review before a single line reaches production.

Quality Assurance

The pipeline below maps every stage a Sigma rule passes through - from the base specification that defines what a valid rule looks like, through three layers of automated validation and two rounds of live log testing, to a mandatory two-reviewer approval before merge. Click any stage to read the full story behind it.

Foundation

Sigma Specification

Click to explore →

Foundation

SigmaHQ Convention

Click to explore →

Contribution

Rule Submission

Click to explore →

Automated Validation

JSON Schema

Click to explore →

Automated Validation

PySigma Validators

Click to explore →

Automated Validation

SigmaHQ Validators

Click to explore →

Log Testing

Benign Log Testing

Click to explore →

Log Testing

Regression Testing

Click to explore →

Human Review

Four-Eyes Principle

Click to explore →

Release

Merged to Main

Click to explore →

Click any node to explore the stage

Pipeline stages based on the SigmaHQ Quality Assurance Pipeline post by the SigmaHQ team.