Forum Discussion

Jeroen Vandeleur's avatar
Jeroen Vandeleur
Copper Contributor
Jan 08, 2019

IS MS looking to support custom YARA rules for Windows Defender ATP

As Incident Repsonse is becoming much more important, I would like to know if Microsoft is looking to include the support for YARA rules. In that perspective it would be possible to integrate it with custom intellegance platforms and use open standards to create custom signature for all our endpoints. 

 

Some other EDR toolings are looking to implement or already supporting YARA ... 

 

Thanks ! 

Resources