fix: D3FEND expandable cards, System page cleanup, and multi-source improvements

- Make D3FEND defense cards clickable with expandable details and external link
- Fix D3FEND URLs to use PascalCase technique names matching the ontology
- Remove duplicate Import Atomic Red Team from System page (use Data Sources)
- Add bulk Activate All / Deactivate All buttons with confirmation modal
- Fix template admin list to show both active and inactive templates
- Add PATCH /test-templates/bulk-activate backend endpoint
- Auto-seed data sources on container startup via entrypoint.sh
- Fix SigmaHQ, CALDERA, GTFOBins import issues
- Register D3FEND sync handler in data sources router
- Add CIS Controls v8 compliance framework import
- Expand Test Catalog source filters (CALDERA, LOLBAS, GTFOBins)
- Campaign Generate from Threat Actor now opens actor selector modal
- Add coverage snapshot creation button to Comparison page
- Update README with accurate data source and feature documentation

backend/app/services/sigma_import_service.py

@@ -46,11 +46,11 @@ logger = logging.getLogger(__name__)
 # ---------------------------------------------------------------------------
 
 SIGMA_ZIP_URL = (
-    "https://github.com/SigmaHQ/sigma/archive/refs/heads/main.zip"
+    "https://github.com/SigmaHQ/sigma/archive/refs/heads/master.zip"
 )
 
 _DOWNLOAD_TIMEOUT = 300
-_ZIP_ROOT_PREFIX = "sigma-main"
+_ZIP_ROOT_PREFIX = "sigma-master"
 
 # Regex to extract MITRE ATT&CK technique IDs from Sigma tags
 # e.g. "attack.t1059.001" → "T1059.001"
@@ -170,7 +170,7 @@ def _parse_sigma_rules(rules_dir: Path) -> list[dict]:
         # Create one entry per technique
         for tech_id in technique_ids:
             source_url = (
-                f"https://github.com/SigmaHQ/sigma/blob/main/"
+                f"https://github.com/SigmaHQ/sigma/blob/master/"
                 f"{relative_path.replace(chr(92), '/')}"
             )
             results.append({