minus-squaretheotterone@lemmy.worldtoLemmy Shitpost@lemmy.world•Many such caseslinkfedilinkarrow-up8·3 months agoOnly run as an experiment myself but Wazuh can do it apparently: https://documentation.wazuh.com/current/proof-of-concept-guide/detect-malware-yara-integration.html MDE can do something similar but you’ll need to rewrite your rules which is of course more than suboptimal… https://learn.microsoft.com/en-us/defender-xdr/advanced-hunting-overview?view=o365-worldwide linkfedilink
theotterone@lemmy.world to cats@lemmy.world · 9 months agoMet this beautiful forest catlemmy.worldimagemessage-square2fedilinkarrow-up1237arrow-down14
arrow-up1233arrow-down1imageMet this beautiful forest catlemmy.worldtheotterone@lemmy.world to cats@lemmy.world · 9 months agomessage-square2fedilink
Only run as an experiment myself but Wazuh can do it apparently: https://documentation.wazuh.com/current/proof-of-concept-guide/detect-malware-yara-integration.html
MDE can do something similar but you’ll need to rewrite your rules which is of course more than suboptimal… https://learn.microsoft.com/en-us/defender-xdr/advanced-hunting-overview?view=o365-worldwide