diff --git a/salt/soc/defaults.yaml b/salt/soc/defaults.yaml
index a7ee65f57..4b3d23afe 100644
--- a/salt/soc/defaults.yaml
+++ b/salt/soc/defaults.yaml
@@ -1189,6 +1189,7 @@ soc:
           rulesRepos:
           - repo: https://github.com/Security-Onion-Solutions/securityonion-resources
             license: DRL
+            folder: sigma/stable
           sigmaRulePackages:
             - core
             - emerging_threats_addon