From f5e0c47147e623157b8c74f0d8b7c4498fcb70d9 Mon Sep 17 00:00:00 2001
From: Josh Kamdjou <jkamdjou@gmail.com>
Date: Fri, 24 Mar 2023 12:47:21 -0400
Subject: [PATCH] Add Sublime / MQL detection rules

---
 README.html | 1 +
 README.md   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/README.html b/README.html
index 3e3816f..e7f4504 100644
--- a/README.html
+++ b/README.html
@@ -145,6 +145,7 @@
 <li><a href="https://github.com/InQuest/awesome-yara#rules">Awesome YARA Rules</a></li>
 <li><a href="https://github.com/chronicle/detection-rules">Chronicle Detection Rules</a> - Collection of YARA-L 2.0 sample rules for the Chronicle Detection API.</li>
 <li><a href="https://github.com/GoogleCloudPlatform/security-analytics">GCP Security Analytics</a> - Community Security Analytics provides a set of community-driven audit &amp; threat queries for Google Cloud.</li>
+<li><a href="https://github.com/sublime-security/sublime-rules">Sublime Detection Rules</a> - Email attack detection, response, and hunting rules.</li>
 </ul>
 <h2 id="dataset">Dataset</h2>
 <ul>
diff --git a/README.md b/README.md
index c91332e..8483a7b 100644
--- a/README.md
+++ b/README.md
@@ -140,6 +140,7 @@
 - [Chronicle Detection Rules](https://github.com/chronicle/detection-rules) - Collection of YARA-L 2.0 sample rules for the Chronicle Detection API.
 - [GCP Security Analytics](https://github.com/GoogleCloudPlatform/security-analytics) - Community Security Analytics provides a set of community-driven audit & threat queries for Google Cloud.
 - [ThreatHunter-Playbook](https://github.com/OTRF/ThreatHunter-Playbook) - A community-driven, open-source project to share detection logic, adversary tradecraft and resources to make detection development more efficient.
+- [Sublime Detection Rules](https://github.com/sublime-security/sublime-rules) - Email attack detection, response, and hunting rules.
 
 ## Dataset