This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
NetWitness Discussions

NEW Open Source Malware/Malicious Code & Content Endpoint YARA Rules Available in NetWitness LIVE!

Will_G
Moderator Moderator
Moderator

‎2022-02-16 04:56 PM

Hi All, 

 

I am pleased to share with you that today the NetWitness Threat Research and Intelligence Content team upload 518 YARA Rules to the NetWitness LIVE CMS. The rules in question can be found within the ‘COMMUNITY’ section of LIVE and focus on Malware/malicious code & content detection and identification in addition to APT-centric malware and tooling. These rules were collected via open sources and as such are not guaranteed by RSA Security or NetWitness. However, it is our belief that these rules can and will aid in advancing the practical and theoretical defensive strategies of our customers – both internal and external to the business. Should you have any questions regarding these rules please feel to reach out to me.

 

Will_G_0-1645048393209.png

 

 

Will_G_1-1645048393211.png

 

Labels:
2 REPLIES 2

AbdelrahmanMoha
Contributor
Contributor

‎2022-03-20 05:51 AM

Dear Will, 

 

Could you please advise how we can get these Rules from the live since when I checked it seems it is not available? and if their is any requirement that we need to enable 

 

Thanks.

0 Likes

EdPadilla
Occasional Contributor
Occasional Contributor

‎2022-03-21 10:44 AM

any updates, or explanation or discussion?

0 Likes
© 2022 RSA Security LLC or its affiliates. All rights reserved.