I need a solution
I've just stumbled across these things called Yara rules. The way I understand it, they are rules that allow us to scan files and then identify the type of malware or if infact they are malware and then suggest classification. I see that Symantec already uses them.
So are they for identifying zero day exploits that Symantec has not yet released signatures for? If so, where would I enter Yara rules i get from a security bulletin?
Or am I completely wrong about what they are?
0