Open Source Defensive Capabilities

Sigma is a company that helps organizations mature their detection and response capability. One of the major things they try to do is move processes from individual competencies, where you just have a smart person that's able to build cool detections, to an actual organizational competency. Sigma has tried to address this by basically having a generic format that you can then take and convert into whatever your specific implementation is. They're significantly different ways that people manage that. And there are many different ways that resources are allocated to trioging alerts for instance.