Sigma rules for Duo

Introduction

In a previous story, I wrote about duoreverse, a Python wrapper using a custom build of the duo_client to help red teams conduct multiple attack techniques against a Duo environment. Throughout the story, I provided attack scenarios with corresponding detection guidance, including example log events. I’ve been working on additional features and code cleanup for duoreverse and recognized an opportunity to…