From cfa9e7ddf83efcc51804c6c1a6b02458ca3b272c Mon Sep 17 00:00:00 2001
From: Thomas Patzke <thomas@patzke.org>
Date: Sun, 21 Jan 2018 21:41:43 +0100
Subject: [PATCH] Addition of Sigma

---
 README.md | 1 +
 1 file changed, 1 insertion(+)

diff --git a/README.md b/README.md
index 3bd013d..95895f4 100644
--- a/README.md
+++ b/README.md
@@ -91,6 +91,7 @@
 - [The DML Model](http://ryanstillions.blogspot.com.au/2014/04/the-dml-model_21.html) - The Detection Maturity Level (DML) model is a capability maturity model for referencing ones maturity in detecting cyber attacks.
 - [Endgame Hunt Cycle](http://pages.endgame.com/rs/627-YBU-612/images/Endgame%20Hunt%20Methodology%20POV%203.24.16.pdf)
 - [NIST Cybersecurity Framework](https://www.nist.gov/cyberframework)
+- [Sigma](https://github.com/Neo23x0/sigma) - Generic Signature Format for SIEM Systems
 
 #### Research Papers