Tactics, Techniques, and Procedures (TTPs)

This site collects expert rules (McAfee) and behavioral rules (XDR bioc) based on Sigma's TTP or EQL rules.

It is basically a translation of some of the Sigma and EQL rules you can find here: https://github.com/Neo23x0/sigma/tree/master/rules and https://eqllib.readthedocs.io/en/latest/analytics.html, to McAfee's products (ENS Expert Rules) and PaloAlto (XDR).

Disclaimer

You'll probably need to try out each of these rules in your environment. False positives are possible.