FireEye Mandiant SunBurst Countermeasures

FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity

0

FireEye Mandiant SunBurst Countermeasures

FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity

0

Explore Security Operations 15 Alternatives Compare Stacks Market Map Explore All Tools

MCPThe entire cybersecurity market, one prompt awayTry MCP Access

FireEye Mandiant SunBurst Countermeasures Description

Security Operations/Threat Hunting

Snort Ioc Yara Rules

These rules are provided freely to the community without warranty. In this GitHub repository you will find rules in multiple languages: Snort Yara IOC ClamAV The rules are categorized and labeled into two release states: Production: rules that are expected to perform with minimal tuning. Supplemental: rules that are known to require further environment-specific tuning and tweaking to perform, and are often used for hunting workflows. Please check back to this GitHub for updates to these rules. FireEye customers can refer to the FireEye Community (community.fireeye.com) for information on how FireEye products detect these threats. The entire risk as to quality and performance of these rules is with the users. Please review the FireEye blog for additional details on this threat. Please note: COSMICGALE and SUPERNOVA signatures and indicators are confirmed to detect malicious files and activity, however they have not been directly associated with the current UNC2452 Solarwinds compromise. The entire risk as to quality and performance of these rules is with the users. Please review the FireEye blog for additional details on this threat. Please note: COSMICGALE and SUPERNOVA signatures and indicators are confirmed to detect malicious files and activity, however they have not been directly associated with the current UNC2452 Solarwinds compromise.

FireEye Mandiant SunBurst Countermeasures Description

Security Operations/Threat Hunting

Snort Ioc Yara Rules

These rules are provided freely to the community without warranty. In this GitHub repository you will find rules in multiple languages: Snort Yara IOC ClamAV The rules are categorized and labeled into two release states: Production: rules that are expected to perform with minimal tuning. Supplemental: rules that are known to require further environment-specific tuning and tweaking to perform, and are often used for hunting workflows. Please check back to this GitHub for updates to these rules. FireEye customers can refer to the FireEye Community (community.fireeye.com) for information on how FireEye products detect these threats. The entire risk as to quality and performance of these rules is with the users. Please review the FireEye blog for additional details on this threat. Please note: COSMICGALE and SUPERNOVA signatures and indicators are confirmed to detect malicious files and activity, however they have not been directly associated with the current UNC2452 Solarwinds compromise. The entire risk as to quality and performance of these rules is with the users. Please review the FireEye blog for additional details on this threat. Please note: COSMICGALE and SUPERNOVA signatures and indicators are confirmed to detect malicious files and activity, however they have not been directly associated with the current UNC2452 Solarwinds compromise.

FireEye Mandiant SunBurst Countermeasures FAQ

Common questions about FireEye Mandiant SunBurst Countermeasures including features, pricing, alternatives, and user reviews.

FireEye Mandiant SunBurst Countermeasures is FireEye Mandiant SunBurst Countermeasures: freely available rules for detecting malicious files and activity developed by Google. It is a Security Operations solution designed to help security teams with Snort, IOC, YARA.

Have more questions? Browse our categories or search for specific tools.

FEATURED

Security Operations

Threat Management

Threat Management

ALTERNATIVES

Cythereal MAGIC™

Malware hunting platform that auto-generates YARA rules from shared code analysis.

0

File analysis & threat intel search engine for SOC and IR teams.

0

Stairwell Variant Discovery

Expands a single malware hash into full family visibility via structural analysis.

0

Collects Yara rules from over 150 free resources, a free alternative to Valhalla.

0

LOKI is a simple IOC and YARA Scanner for Indicators of Compromise Detection.

0

POPULAR

Vulnerability Assessment

OSINTLeak Real-time OSINT Leak Intelligence

Threat Intelligence Platforms

Threat Intelligence Platforms

TestSavant AI Security Assurance Platform

Fabric Platform by BlackStork

Security Information and Event Management

View Popular Tools →

TRENDING CATEGORIES

Digital Forensics and Incident Response

Digital Forensics and Incident Response (DFIR) tools for digital forensic analysis, evidence collection, malware analysis, and cyber incident investigation.

Threat Intelligence Platforms

TIP for collecting, analyzing, and sharing cyber threat data, indicators of compromise (IOCs), and threat feeds.

Penetration Testing

Penetration testing tools and frameworks for manual security testing, exploit development, and vulnerability validation.

Offensive Security

Offensive security tools for penetration testing, red team exercises, exploit development, and ethical hacking activities.

Identity Governance and Administration

Identity Governance and Administration (IGA) platforms for identity lifecycle management, access governance, role management, and compliance reporting.

View All Categories →

Stay Updated with Mandos Brief

Get strategic cybersecurity insights in your inbox