[Snort-sigs] More APT1 info that needs to be made into snort rules
jesler at ...435...
Mon Mar 4 09:21:24 EST 2013
On Mar 4, 2013, at 8:49 AM, Barry Weymes <weymes at ...1166...> wrote:
> I came across a Symantec report today:http://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/comment_crew_indicators_of_compromise.pdf
> I was wondering if the information within it was made into a VRT rule. However, disappointingly I cant see any of it being made into rules.
> Im also not sure if this the right place to be bringing this issue up. Can someone recommend a person within sourcefire that would knowledge about the rule generation process?
I've opened a bug to see what we can make!
Senior Research Engineer, VRT
OpenSource Community Manager
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Snort-sigs