Techno Savvy
asked on
Hunting with sigma rules on XDR
Hi Folks
How to possibly run or utilize sigma rules with EDR and XDR to perform queries for hunting an exploit ?
Any suggestions?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks btan for sharing this tool
We have Trendmicro XDR
I cant find in that tool! Any similar product I can choose from the list
We have Trendmicro XDR
I cant find in that tool! Any similar product I can choose from the list
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
So sigma rules can be converted into Yara rules using Sigmac then those yara text can be uploaded into Trendmicro
There are chances as shown in the links which can be something to position to TM to advice further. These are open format which TM should support otherwise it is hinting us there are proprietary or unknown elements..
Since these are rarely found in the wild... and are only being promoted by a few companies... likely you'll find best solution by opening a support ticket with your vendor for best answer.