Blog

Filter: Results for "antivirus"

Clear Filter

Categories

Virustotal Lookups in THOR v10.7

Virustotal Lookups in THOR v10.7

We're glad to announce a new feature that allows users to enrich events generated by THOR with information from Virustotal.  The feature is available in the full THOR v10.7 TechPreview and THOR Lite. It can be used in any scan mode: live endpoint scanning, lab...

read more

Analyze VMware ESX Systems with THOR Thunderstorm

Since the release of THOR Thunderstorm in the summer of 2020, our customers used it to analyse a variety of systems that are usually considered as "out of scope". In some cases the EULA prevents the installation of Antivirus scanners or EDR agents. In other cases the...

read more

New VALHALLA Web Features

The newest update of our popular YARA rule feed named VALHALLA adds new features to its web interface. The most awaited new feature is a keyword search that allows you to query the database for certain keywords, rule names, reports, MITRE ATT&CK ids or tags. The...

read more

New VALHALLA Features That You Might Have Missed

Rule Info Pages The new rule info pages allow you to get more information on a certain rule. You can find all the meta data, as well as past rule matches and previous antivirus verdicts. A second tab contains statistics.  You can also report false positives that...

read more

Not All IOC Scanning Is The Same

People often tell us that EDR product X already does IOC scanning and that they don’t have to check for these indicators a second time using our scanners. Especially when it comes to network wide sweeps for traces of activity due to an ongoing incident I recommend...

read more
THOR 10 Fusion – Major Changes

THOR 10 Fusion – Major Changes

In anticipation of our new scanner THOR 10 Fusion, we would like to show you some of the exciting new features and upcoming changes.  Modes and Feature Cleanup We've reviewed and reworked all scan modes in order to clarify the overview of active modules and features...

read more

50 Shades of YARA

A long time ago I've noticed that there is no single best YARA rule for a given sample, but different best solutions depending on the user's requirements and use case. I noticed that I often create 2 to 3 YARA rules for a single sample that I process, while each of...

read more
Valhalla YARA and Sigma Rule Feed

Valhalla YARA and Sigma Rule Feed

VALHALLA boosts your detection capabilities with the power of thousands of hand-crafted high-quality YARA and Sigma rules. Our team curates more than quality tested YARA rules in 8 different categories: APT, Hack Tools, Malware, Web Shells, Exploits,...

read more
GDPR Cookie Consent with Real Cookie Banner