yara

Yara 101

This entry is part 5 of 17 in the series Threat Detection Engineering

Views: 12YARA is a powerful pattern-matching tool and rule format used for identifying and classifying files based on specific patterns, characteristics, or content. SOC analysts commonly use YARA rules to detect and classify malware samples, suspicious files, or indicators of compromise (IOCs). Yara is an essential tool used by SOC analysts to enhance their threat detection … Read more

by Bharath Narayanasamy

Views: 19“The pattern matching swiss knife for malware researchers (and everyone else)” YARA in a nutshell YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA we can create descriptions of malware families (or whatever you want to describe) based on textual or binary … Read more