Generic > Sigma rules
Repository of detection rules, covering persistence techniques as well. You can even use filters such as --filter tag=attack.persistence or specifically for one technique tag=attack.t1084.
Repository of detection rules, covering persistence techniques as well. You can even use filters such as --filter tag=attack.persistence or specifically for one technique tag=attack.t1084.