1. Download the list of malware domain here: malware list
2. Create a new Reference set.
Name: Malware Domain List
Type: AlphaNumeric
3. Export the list in Qradar reference set.
Admin > System Configuration > Reference set management
Subscribe to:
Post Comments (Atom)
QRadar SIEM - Create a rule for Malware domain detection
In the previous post, I already created a Reference set for Malware domain. This time, we will create a rule when one of the malware domain...

-
In the previous post, I already created a Reference set for Malware domain. This time, we will create a rule when one of the malware domain...
-
System Monitor (Sysmon) is a Windows system service and device driver that, once installed on a system, remains resident across system rebo...
No comments:
Post a Comment