# From Logs to Logic: Practical Detection Engineering Using Sigma
This session introduces Sigma as a practical framework for detection engineering, focusing on how to understand, write, and apply Sigma rules to real-world security telemetry. Attendees will learn what Sigma is, how its taxonomy is structured, how to read and interpret existing rules, and how to write effective detections that translate across platforms.
The session includes a hands-on exercise where participants are given a dataset and tasked with creating a Sigma rule to detect adversarial behavior. By working through the full detection lifecycle, from understanding the data to expressing logic in Sigma, students will gain a practical understanding of how Sigma can be used to build portable, intelligence-driven detections in modern security environments.