all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Using yara rules in a large scale enterprise

Add to bookmarks
Nov. 24, 2022, 7:39 a.m. | /u/JoeBeOneKenobi

For [Blue|Purple] Teams in Cyber Defence www.reddit.com

I've always wondered how yara rules could be used in a large scale enterprise to detect nalware.

I understand the premise of yara rules and how they work, and understand how individual files can be scanned using a number of yara rules each designed to detect a specific piece of malware, or how an individual yara rule can be run against a large number of files - but I do not understand how this can be used at scale in …

blueteamsec enterprise large rules scale yara yara rules

Visit resource

More from www.reddit.com / For [Blue|Purple] Teams in Cyber Defence

JA4T: TCP Fingerprinting - And How to Use It to Block Over 60% of Internet … 4 hours ago | www.reddit.com
block blueteamsec fingerprinting internet +3
ArcaneDoor - New espionage-focused campaign found targeting perimeter network devices 6 hours ago | www.reddit.com
arcanedoor blueteamsec campaign devices +6
The not-so-silent type: Vulnerabilities across keyboard apps reveal keystrokes to network eavesdroppers - The Citizen … 20 hours ago | www.reddit.com
apps blueteamsec citizen lab keyboard +7
Spain reopens a probe into a Pegasus spyware case after a French request to work … 20 hours ago | www.reddit.com
blueteamsec case french pegasus +6
Justice Department Announces Charges Against Four Iranian Nationals For Multi-Year Cyber Campaign Targeting U.S. Companies 1 day ago | www.reddit.com
blueteamsec campaign charges companies +7
Decrypting Synology Patchfiles 1 day, 13 hours ago | www.reddit.com
blueteamsec synology
Analyzing Forest Blizzard’s custom post-compromise tool for exploiting CVE-2022-38028 to obtain credentials 2 days, 7 hours ago | www.reddit.com
blizzard blueteamsec compromise credentials +5
No, LLM Agents can not Autonomously Exploit One-day Vulnerabilities 2 days, 19 hours ago | www.reddit.com
agents blueteamsec can exploit +2
Request for Feedback: Roadmap to Threat Hunter 3 days, 8 hours ago | www.reddit.com
blueteamsec cloud cybersecurity engineer +16

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

EY GDS Internship Program - SAP, Cyber, IT Consultant or Finance Talents with German language

@ EY | Wrocław, DS, PL, 50-086
View on infosec-jobs.com

Security Architect - 100% Remote (REF1604S)

@ Citizant | Chantilly, VA, United States
View on infosec-jobs.com

Network Security Engineer - Firewall admin (f/m/d)

@ Deutsche Börse | Prague, CZ
View on infosec-jobs.com

Junior Cyber Solutions Consultant

@ Dionach | Glasgow, Scotland, United Kingdom
View on infosec-jobs.com

Senior Software Engineer (Cryptography), Bitkey

@ Block | New York City, United States
View on infosec-jobs.com
View more jobs