It is done! Our new free scanner SPARK Core has been released. After weeks of planning, development and testing, we're proud to provide the community with a new and powerful multi-platform scanner. SPARK Core is a reduced version of our successful scanner SPARK. The...
It has been a while since I wrote "How to Write Simple but Sound Yara Rules - Part 2". Since then I changed my rule creation method to generate more versatile rules that can also be used for in-memory detection. Furthermore new features were added to yarGen and...
Today most security teams have access to a lot of different information sources. On the one hand they collect log data from different sources and try to correlate them in a useful way in so-called SIEM systems. On the other hand they receive threat information from...