I'm searching for prebuild rules for elastic SIEM, i found that i can use elastic provided rules :
But i would like to know if there is any other source to get pre build rules for elastic SIEM, for example rules for fortigate, sophos firewalls and other network devices.
Thanks in advance.
Tarek, I'm not aware of any third-party provider of rules for our detection engine and we encourage community and industry members to contribute to the detection-rules repository. This project is open to the community, which enables anyone to submit rules. If you've developed rules for network appliances, consider a pull request using our accessible process. Each release, I consider community feedback like yours to help address needs of members - we don't have plans to integrate Fortigate or Sophos data sources in a near-term release.
Apache, Apache Lucene, Apache Hadoop, Hadoop, HDFS and the yellow elephant
logo are trademarks of the
Apache Software Foundation
in the United States and/or other countries.