SIGMA/YARA Rules

SIGMA and YARA rules are managed from this section. Rules can be cloned for editing or new ones can be created.

SIGMA Rules: Sigma rules are managed from this section. The users can edit, clone, or define a new rule in this section. Also, users can import/export rules and force them to run.

Windows YARA Rules: Windows YARA Rules are managed from this section. The users can edit or define a new rule in this section. Also, users can import/export rules.

Convert Rule: This section allows users to convert their sysmon rules for CyberCyte to use it. If the users are already using sysmon, this section will be helpful.

Last updated 8 months ago

Was this helpful?