Elastic Security provides signature-based YARA rules within the Elastic Endpoint product to detect and prevent emerging threats within Linux, Windows, and macOS systems. The repository holds over 1,000 YARA rules used for stopping Trojans, ransomware, cryptominers, and more, suitable for Network Defending, Threat Hunting, Incident Response, Malware Analysis, and more. Contributions are welcome, and the rules are licensed under the Elastic License v2.
FEATURES
ALTERNATIVES
Curated datasets for developing and testing detections in SIEM installations.
Collection of YARA signatures from recent malware research.
A threat intelligence domain/IP/hash threat feeds checker that checks IPVoid, URLVoid, Virustotal, and Cymon.
Provides breach and attack simulation products for security control validation, offering three different products to meet the needs of organizations of various sizes and maturity levels.
Proof-of-concept implementation of TAXII services for developers and non-developers.
Automated framework for collecting and processing samples from VirusTotal with YARA rule integration.
Tool for dataviz and statistical analysis of threat intelligence feeds, presented in cybersecurity conferences for measuring IQ of threat intelligence feeds.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.