Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
YARA Product Requirements
# Product Requirements
PRODUCT_REQUIREMENTS = {
"FireEyeAX": {
"maximum_version": "3.4.0",
"supported_modules": [], # assumption
"with_crypto": True, # assumption
},
"FireEyeNX": {
"maximum_version": "3.4.0",
"supported_modules": [], # assumption
"with_crypto": True, # assumption
},
"FireEyeEX": {
"maximum_version": "1.7.0",
"supported_modules": [], # assumption
"with_crypto": False, # assumption
},
"CarbonBlack": {
"maximum_version": "",
"supported_modules": ["pe", "math", "hash"],
"reference": "https://github.com/carbonblack/cb-yara-connector",
"with_crypto": True, # depends
},
"Tanium": {
"maximum_version": "3.7.0",
"supported_modules": [],
"with_crypto": True, # assumption
},
"Tenable": {
"maximum_version": "3.7.0", # assumption
"supported_modules": ['pe', 'elf'],
"reference": "https://community.tenable.com/s/article/Supported-Yara-Checks",
"with_crypto": False,
},
"SymantecMAA": {
"maximum_version": "2.1.0",
"supported_modules": [], # assumption
"reference": "https://twitter.com/RedSecSecurity/status/1103599203459129344",
"with_crypto": False, # assumption
},
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.