Link to home
Start Free TrialLog in
Avatar of Techno Savvy
Techno SavvyFlag for Norway

asked on

Hunting with sigma rules on XDR

Hi Folks

How to possibly run or utilize sigma rules with EDR and XDR to perform queries for hunting an exploit  ?


Any suggestions?

Avatar of David Favor
David Favor
Flag of United States of America image

You'll work with whatever vendor is providing your EDR/XDR scanner.

Since these are rarely found in the wild... and are only being promoted by a few companies... likely you'll find best solution by opening a support ticket with your vendor for best answer.
ASKER CERTIFIED SOLUTION
Avatar of btan
btan

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Techno Savvy

ASKER

Thanks btan for sharing this tool
We have Trendmicro XDR
I cant find in that tool! Any similar product I can choose from the list
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
So sigma rules can be converted into Yara rules using Sigmac then those yara text can be uploaded into Trendmicro 
Avatar of btan
btan

There are chances as shown in the links which can be something to position to TM to advice further. These are open format which TM should support otherwise it is hinting us there are proprietary or unknown elements..