YARA Product Requirements

yara_product_req.py

# Product Requirements
PRODUCT_REQUIREMENTS = {
    "FireEyeAX": {
        "maximum_version": "3.4.0",
        "supported_modules": [],  # assumption
        "with_crypto": True,  # assumption
    },
    "FireEyeNX": {
        "maximum_version": "3.4.0",
        "supported_modules": [],  # assumption
        "with_crypto": True,  # assumption
    },
    "FireEyeEX": {
        "maximum_version": "1.7.0",
        "supported_modules": [],  # assumption
        "with_crypto": False,  # assumption
    },
    "CarbonBlack": {
        "maximum_version": "",
        "supported_modules": ["pe", "math", "hash"],
        "reference": "https://github.com/carbonblack/cb-yara-connector",
        "with_crypto": True,  # depends
    },
    "Tanium": {
        "maximum_version": "3.7.0",
        "supported_modules": [],
        "with_crypto": True,  # assumption
    },
    "Tenable": {
        "maximum_version": "3.7.0",  # assumption
        "supported_modules": ['pe', 'elf'],
        "reference": "https://community.tenable.com/s/article/Supported-Yara-Checks",
        "with_crypto": False,
    },
    "SymantecMAA": {
        "maximum_version": "2.1.0",
        "supported_modules": [],  # assumption
        "reference": "https://twitter.com/RedSecSecurity/status/1103599203459129344",
        "with_crypto": False,   # assumption
    },
}