Sigma is a rule format for threat detection in log files. It is for log data what "Snort rules" are for network traffic or "YARA signatures" are for file data. It is easy to write and read. Writing a Sigma rule is a matter of minutes. On the right you can see a simple...
The new version of "thor-util" (used with THOR/SPARK) / "spark-core-util" (used with SPARK Core) support a feature that allows a user to convert any scanner log file into a convenient report. Convert THOR / SPARK / SPARK Core scan logs into HTML reports Convert a...
I’ve collected some interesting samples for an internal YARA rule creation training session with our interns. With this blog post, I'll also share 3 new premium feed YARA rules by pushing them to the Open Source signature-base repo. What are the the preliminary...
It is done! Our new free scanner SPARK Core has been released. After weeks of planning, development and testing, we're proud to provide the community with a new and powerful multi-platform scanner. SPARK Core is a reduced version of our successful scanner SPARK. The...
Take our software problem solving cheat sheet to give your interns, trainees, apprentices guidance while finding their own solution to common software problems.