DFIR, Threat Hunting, Sigma, Yara and open-source
Florian Roth, is the CTO of Nextron Systems GmbH and has officially worked in the information security industry since 2003. Florian is the creator of APT Scanner THOR – Scanner for Attacker Activity and Hack Tools and developer of the Nextron’s most comprehensive handcrafted Yara rule feed service – Valhalla. He created the Sigma project together with Thomas Patzke. Sigma is an open standard, a generic rule format for the SIEM systems and is recognized as de-factor standard for SIEM queries by MISP. https://github.com/Neo23x0/sigma/tree/master/rules Florian is also an author of numerous open-source Github projects including yarGen, LOKI IOC Scanner, yarAnalyzer, FENRIR (Bash IOC Scanner) and several OSINT projects such as APT Group Mapping (Google Docs), YARA Exchange member. His well-known Twitter Account @Cyb3rOps has more than 30.000 Followers from IT Security Industry.