all InfoSec news
Effective YARA rule search at scale?
Dec. 27, 2023, 9:23 a.m. | /u/Consistent-Music-471
For [Blue|Purple] Teams in Cyber Defence www.reddit.com
I want to hear about your solutions for querying YARA search at scale (1000+ endpoints, many rules at a time, scheduled)
Things I’ve tried:
- Creating a script through our EDR to scan a small set of rules (works slowly, limited to 50 endpoints, ran manually)
- Same process with Powershell Remoteing
Any other suggestions? Maybe there’s an endpoint agent that offers that?
Thank you!
blueteamsec edr endpoints powershell process rules scale scan script search solutions things yara yara rule
More from www.reddit.com / For [Blue|Purple] Teams in Cyber Defence
Investigating Microsoft Graph Activity Logs
1 day, 4 hours ago |
www.reddit.com
How an empty S3 bucket can make your AWS bill explode - "As it turns …
1 day, 14 hours ago |
www.reddit.com
A Summary of 6 Months Tracking AiTM Campaigns
2 days, 8 hours ago |
www.reddit.com
Unpacking with Windows Defender
2 days, 14 hours ago |
www.reddit.com
Jobs in InfoSec / Cybersecurity
Financial Crimes Compliance - Senior - Consulting - Location Open
@ EY | New York City, US, 10001-8604
Software Engineer - Cloud Security
@ Neo4j | Malmö
Security Consultant
@ LRQA | Singapore, Singapore, SG, 119963
Identity Governance Consultant
@ Allianz | Sydney, NSW, AU, 2000
Educator, Cybersecurity
@ Brain Station | Toronto
Principal Security Engineer
@ Hippocratic AI | Palo Alto