Web: https://www.reddit.com/r/blueteamsec/comments/z3dqxy/using_yara_rules_in_a_large_scale_enterprise/

Nov. 24, 2022, 7:39 a.m. | /u/JoeBeOneKenobi

For [Blue|Purple] Teams in Cyber Defence reddit.com

I've always wondered how yara rules could be used in a large scale enterprise to detect nalware.

I understand the premise of yara rules and how they work, and understand how individual files can be scanned using a number of yara rules each designed to detect a specific piece of malware, or how an individual yara rule can be run against a large number of files - but I do not understand how this can be used at scale in …

blueteamsec enterprise large rules scale yara yara rules

Senior Cloud Security Engineer

@ HelloFresh | Berlin, Germany

Senior Security Engineer

@ Reverb | Remote, US

Sr. Product Manager - Cloud Security/CNAPP

@ Zscaler | Atlanta, GA, United States

ISSO - Security Delivery

@ Novetta | Columbia, MD

Junior Cyber Security Recruitment Consultant (possibility for work abroad)

@ Gradfuel | London, England, United Kingdom

Internship, Cybersecurity

@ Qontigo | Eschborn, Hessen, Germany

Security Administrator

@ Zero Hash | Melbourne, VIC - Remote

Cybersecurity Project Manager, Reactive Lead - Unit 42 Consulting (Remote)

@ Palo Alto Networks | Santa Clara, CA, United States

Consultant, GRC, Proactive Services (Unit 42) - Remote

@ Palo Alto Networks | New York City, United States

Senior Manager, Security Operations (Secure Access Engineering)

@ GitHub | Remote - United States

Junior Penetration Tester - Amsterdam

@ BreachLock | Amsterdam, North Holland, Netherlands

Senior Product Security Engineer

@ 8x8, Inc. | Remote, Romania