Thomas Patzke Joins SOC Prime Advisory Board

Delaware, USA – September 25, 2019 – SOC Prime, Inc. is pleased to announce Thomas Patzke joins our Advisory Board. Thomas is one of the most inspiring experts in the cyber security community who has 13+ years of experience in the area of information security, currently works as blue teamer and threat hunter at thyssenkrupp CERT and has created Sigma together with Florian Roth. Thanks to his contribution to the development of Sigma, generic signature format for SIEM Systems (https://neo23x0.github.io/sigma/), thousands of specialists around the world have the opportunity to share their content no matter what security platform they use. Thomas Patzke is not only a contributor to the Sigma project but also experienced developer writing the code for Sigmac and sharing cybersecurity-related tools with the community (https://gist.github.com/thomaspatzke).

“One of the main goals in the design of Sigma is simplicity. The open source ruleset of the GitHub repository currently contains over 300 rule files and grows continuosly. Most of the detections from this repository are expressed with plain strings and wildcards for values and some boolean logic around them. We wanted to build a language that is able to express more than 90% of log signatures and leave the remaining, more complex signatures to other (not necessarily machine readable) languages. This simplicity gives Sigma users the possibility to write own Sigma parsers and build cool services with it” – says Thomas in his blog (https://patzke.org/blog.html), and we are pleased that such a passionate professional as Thomas joins our efforts to help organizations in building cutting-edge defense capabilities against the future cyber attacks. His extensive expertise in creating rules and configs will help the industry adopt one common language for cyber security. We are excited to work even closer together to bring Sigma capabilities to more platforms and extend its Use Cases.

“Today Sigma is used worldwide in over 130 countries for SOC basic content, Threat Hunting and Compliance. We are on route to extend its applications for Use Cases in Retrospective IOC matching, IoT security and beyond. The most exciting is the continuous support of the Sigma authors and researchers, Threat Detection Marketplace Community and our global Threat Bounty program members which accounts for 80+ registered developers as of today. I’m happy to contribute to Sigma evolution with help and advisory from Thomas.” – Andrii Bezverkhyi, CEO, Founder & Chairman, SOC Prime, Inc