Forum Discussion
[MDE] Add the important feature, Yara rules if possible
Hi, Refer to this advisory (first link). In addition, you can see that there are Yara rules from GitHub (inside pdf). (2nd link) All EDR/XDR companies (except Microsoft) already have features and...
Jayronn
Microsoft
MicrosoftHi tay76,
We're considering Yara support in the future. We have extensive Advance hunting toolkit which is discussed here https://docs.microsoft.com/en-us/microsoft-365/security/defender-endpoint/advanced-hunting-overview?view=o365-worldwide.
Please let me know if this helps answer your question.
also to note it here that the advanced hunting toolkit is only available with more expensive license packages
Perhaps a tool to convert from Yara rule format to the format used in Advanced Hunting, would be most useful.
