Elastic Security YARA Rules Logo

Elastic Security YARA Rules

0
Free
Visit Website

Elastic Security provides signature-based YARA rules within the Elastic Endpoint product to detect and prevent emerging threats within Linux, Windows, and macOS systems. The repository holds over 1,000 YARA rules used for stopping Trojans, ransomware, cryptominers, and more, suitable for Network Defending, Threat Hunting, Incident Response, Malware Analysis, and more. Contributions are welcome, and the rules are licensed under the Elastic License v2.

FEATURES

ALTERNATIVES

Curated datasets for developing and testing detections in SIEM installations.

Collection of YARA signatures from recent malware research.

A threat intelligence domain/IP/hash threat feeds checker that checks IPVoid, URLVoid, Virustotal, and Cymon.

Provides breach and attack simulation products for security control validation, offering three different products to meet the needs of organizations of various sizes and maturity levels.

Proof-of-concept implementation of TAXII services for developers and non-developers.

Automated framework for collecting and processing samples from VirusTotal with YARA rule integration.

A collection of YARA rules for Windows, Linux, and Other threats.

Tool for dataviz and statistical analysis of threat intelligence feeds, presented in cybersecurity conferences for measuring IQ of threat intelligence feeds.

CyberSecTools logoCyberSecTools

Explore the largest curated directory of cybersecurity tools and resources to enhance your security practices. Find the right solution for your domain.

Copyright © 2024 - All rights reserved