Forum Discussion
Jeroen Vandeleur
Jan 08, 2019Copper Contributor
IS MS looking to support custom YARA rules for Windows Defender ATP
As Incident Repsonse is becoming much more important, I would like to know if Microsoft is looking to include the support for YARA rules. In that perspective it would be possible to integrate it with custom intellegance platforms and use open standards to create custom signature for all our endpoints.
Some other EDR toolings are looking to implement or already supporting YARA ...
Thanks !
- Ryan Heffernan
Microsoft
Tagging the WD ATP folks so they see this: Heike Ritter, Raviv Tamir, Tomer Alpert
You also my want to cross-post this to the WD ATP group: https://techcommunity.microsoft.com/t5/Threat-Intelligence/bd-p/WDATPActor