protections-artifacts
Endpoint protection rules
Contains detection logic and rules for protecting endpoints from malware and ransomware threats
Elastic Security detection content for Endpoint
1k stars
46 watching
118 forks
Language: YARA
last commit: 8 days ago
Linked from 2 awesome lists
inquest/awesome-yara
infosecb/awesome-detection-engineeringRelated projects:
| Repository | Description | Stars |
|---|---|---|
| elastic/detection-rules | Provides a set of reusable code components for developing and testing security rules | 1,966 |
 yara-rules/yara-endpoint | A tool used to scan files and assets for malware using Yara signatures, offering incident response capabilities. | 104 |
 radar/elastic | A library that provides a thin veneer over HTTPotion to interact with Elastic Search in Elixir | 65 |
 mycert/espot | Captures attempts to exploit a known vulnerability in Elasticsearch by monitoring incoming requests and sending responses to a configured endpoint. | 27 |
 f0wl/yara_rules | A collection of YARA rules for malware analysis and threat intelligence | 10 |
 advanced-threat-research/yara-rules | A collection of rules to detect and prevent malware infections using YARA-based threat intelligence | 570 |
| elastic/pplguard | A proof-of-concept tool to mitigate vulnerabilities in Windows security flaws affecting Protected Processes Light processes | 67 |
 securitymagic/yara | A collection of YARA rules for detecting malware and suspicious activity in various environments. | 11 |
 delivr-to/detections | A repository of detection content in the form of YARA rules and corresponding payloads. | 59 |
 fr0gger/yara-unprotect | A collection of Yara rules for detecting malware evasion techniques and malicious activity. | 25 |
 yelp/elastalert | An alerting system for Elasticsearch data that can be easily set up and configured to trigger notifications on anomalies or patterns in the data. | 7,997 |
 h3x2b/yara-rules | Rules and patterns used to identify malicious software | 23 |
 tenable/yara-rules | A curated collection of YARA rules for identifying and flagging malicious code and behavior. | 60 |
 jipegit/yara-rules-public | A collection of Yara rules for detecting malicious code and behavior | 11 |
 xlabssecurity/waf-hook | An application that detects and identifies various types of website protection systems | 5 |