What is the pricing for ProcFilter?

ProcFilter is a free Endpoint Security tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/godaddy/procfilter/ for download and installation instructions.

What are alternatives to ProcFilter?

Popular alternatives to ProcFilter include: 1. HarfangLab EDR - EDR platform for workstation and server protection with EPP capabilities (Commercial) 2. HarfangLab Cybersecurity Solutions - EDR platform with EPP capabilities for endpoint threat detection and response (Commercial) 3. Genian EDR - On-premises/hybrid EDR with local threat detection, response, and NAC integration. (Commercial) 4. autoruns - A comprehensive utility that shows what programs are configured to run during system bootup or login, and when you start various built-in Windows applications. (Free) 5. MDE-AuditCheck - A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality. (Free) Compare these tools and more at https://cybersectools.com/categories/endpoint-security

Who should use ProcFilter?

ProcFilter is for security teams and organizations that need Windows, YARA. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Endpoint Security tools can be found at https://cybersectools.com/categories/endpoint-security

What is the pricing for ProcFilter?

ProcFilter is a free Endpoint Security tool. This makes it accessible for organizations of all sizes, from startups to enterprises. Visit https://github.com/godaddy/procfilter/ for download and installation instructions.

What are alternatives to ProcFilter?

Popular alternatives to ProcFilter include: 1. HarfangLab EDR - EDR platform for workstation and server protection with EPP capabilities (Commercial) 2. HarfangLab Cybersecurity Solutions - EDR platform with EPP capabilities for endpoint threat detection and response (Commercial) 3. Genian EDR - On-premises/hybrid EDR with local threat detection, response, and NAC integration. (Commercial) 4. autoruns - A comprehensive utility that shows what programs are configured to run during system bootup or login, and when you start various built-in Windows applications. (Free) 5. MDE-AuditCheck - A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality. (Free) Compare these tools and more at https://cybersectools.com/categories/endpoint-security

Who should use ProcFilter?

ProcFilter is for security teams and organizations that need Windows, YARA. It's particularly suitable for small to medium-sized teams looking for cost-effective solutions. Other Endpoint Security tools can be found at https://cybersectools.com/categories/endpoint-security

Explore the largest cybersecurity market database with our API!CybersecTools API access is now live!Learn More

ProcFilter

ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.

396

Endpoint Security Open Source

Windows Yara

Visit website

Compare

ProcFilter

ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.

Endpoint Security•Endpoint Detection and Response

Open Source

Windows Yara

396stars

GitHub Stars

14 Feb

Last commit

Visit Website

Updated 08 Mar 26

Compare

Explore Endpoint Security 24 Alternatives Compare Stacks Market Map Explore All Tools

APIBuild market maps, track competitors, monitor vendorsRequest API Access

ProcFilter Description

ProcFilter is a process filtering system for Windows with built-in YARA integration. YARA rules can be instrumented with custom meta tags that tailor its response to rule matches. It runs as a Windows service and is integrated with Microsoft's ETW API, making results viewable in the Windows Event Log. Installation, activation, and removal can be done dynamically and does not require a reboot. ProcFilter's intended use is for malware analysts to be able to create YARA signatures that protect their Windows environments against a specific threat. It does not include a large signature set. Think lightweight, precise, and targeted rather than broad or all-encompassing. ProcFilter is also intended for use in controlled analysis environments where custom plugins can perform artifact-specific actions. Designed to be easy to adopt, ProcFilter's integration with Git and Event Log minimize the need for additional tools or infrastructure to deploy rules or gather results. ProcFilter is compatible with Windows 7+ and Windows Server 2008+ systems. Installers ProcFilter x86/x64 Release/Debug Installers Note: Unpatched Windows 7 systems require hotfix 3033929 to load the driver component.

ProcFilter Description

ProcFilter FAQ

Common questions about ProcFilter including features, pricing, alternatives, and user reviews.

ProcFilter is ProcFilter is a process filtering system for Windows with built-in YARA integration, designed for malware analysts to create YARA signatures for Windows environments.. It is a Endpoint Security solution designed to help security teams with Windows, YARA.

Have more questions? Browse our categories or search for specific tools.

ProcFilter

ProcFilter

ProcFilter Description

ProcFilter Description

ProcFilter FAQ

FEATURED

ALTERNATIVES

POPULAR

TRENDING CATEGORIES

Stay Updated with Mandos Brief