Every month the Nextron Threat Research Team (NTRT) shares insights into evasive threats that we’ve seen in the wild via our Valhalla service. The aim is to highlight interesting samples our rules detected and have or had very low detection rates as reported by...
Private Sigma Rule Feed in Valhalla and Partnership with SOC Prime
We are proud to announce the integration of our private Sigma rule set in Valhalla. This rule set is used in our scanner THOR and endpoint agent Aurora. The rule set currently contains more than 250 quality-tested and generic rules written by Nextron's detection...
Sigma Rule Feed in Valhalla
Nextron Systems has always supported the Sigma project, investing hundreds of work hours into creating and maintaining the community rules shared in the public Sigma rule repository. Apart from the community support, we've created a set of internal detection rules for...
VALHALLA API 1.1 Changes
We've made some changes to VALHALLA and released version 1.1 and valhallAPI version 0.5 to reflect these changes.The new modified date shows when this rule has last been modified. See this example.The modified date will also appear in the JSON feed and metadata of...
New VALHALLA Web Features
The newest update of our popular YARA rule feed named VALHALLA adds new features to its web interface. The most awaited new feature is a keyword search that allows you to query the database for certain keywords, rule names, reports, MITRE ATT&CK ids or tags. The...
Product Updates Slides – VALHALLA and THOR Cloud
The following slides contain information on changes and new feature in several of our products. VALHALLA Product Update and New Features DOWNLOAD Slide DeckTHOR Cloud Technical Implementation, RoadmapDOWNLOAD Slide Deck
New VALHALLA Features That You Might Have Missed
Rule Info Pages The new rule info pages allow you to get more information on a certain rule. You can find all the meta data, as well as past rule matches and previous antivirus verdicts. A second tab contains statistics. You can also report false positives that...
Spotlight: Threat Hunting YARA Rule Example
With this post, we would like to demonstration the YARA rule creation process for the so-called "threat hunting" rule category that we use in VALHALLA. We noticed that many interested parties thought that "threat hunting" YARA rules are just rules with lower scores...