gwin 0 Posted July 25, 2022 Posted July 25, 2022 Hello everyone EEI/EI is one of great product, iam use yearly to help me and my team to know issue of malware and similiar yet. i try to know this product step by step, and my question can EEI integration with Mitre ATT&CK and use external rules like Yara and Sigma rules. because on base knowledge i am not find this topic, one of i find create rules with base .xml : https://help.eset.com/tools/ei/ei_rules_guide_1.7.pdf i think its good for eei can use external rules to improve existing database rule list and detection
Administrators Marcos 5,461 Posted July 25, 2022 Administrators Posted July 25, 2022 No, you must create ESET Inspect rules to detect particular behavior. They are very different to Yara rules since they are based on ESET's features provided by ESET security products.
Recommended Posts