Skip to the main content.

1 min read

Start triage with already set YARA rules for SUNBURST

Featured Image

3 weeks ago, one of the biggest breaches happened where FireEye uncovered a malicious campaign that gained access to victims via trojanized updates to Orion, SolarWinds’ IT monitoring and management software. Being aware of the nationwide damages this breach will produce, Binalyze released an initiative where we decided to give support to SUNBURST damaged entities by releasing a version of Binalyze AIR with the codename SUNBURST that will enable anyone to identify their exposure to the attack and pinpoint their network vulnerability in under an hour.

This version is FREE of charge for 15-days and 25,000 endpoints.

Binalyze is the fastest evidence collection, triage, and IR investigation platform that now also contains the YARA Rules for SUNBURST thanks to our colleagues at FireEye. In the below lines you will find instructions how to perform a triage with already set YARA rules for SUNBURST in less than an hour.

Now it is time to showcase how easy it is.

  1. Select an endpoint

    yara-rules-air

  2. Click on “Triage” button

    sunburst-yara

  3. Select both SUNBURST YARA rules and click on “Save”.

    yara-rules-sunburst

  4. Triage is now in processing.

    yara-sunburst

  5. As said it is done in less than an hour or to be exact in 34 minutes.

    yara-rules

  6. To see full view of the investigation results click on “View”.

New call-to-action

New IDC Report:The State of Digital Forensics and Incident Response 2023

New IDC Report:The State of Digital Forensics and Incident Response 2023

With the intricacies of the digital world growing exponentially, the relevance of effective and timely Digital Forensics and Incident Response (DFIR)...

Read More
Binalyze Secures $19 Million in Series A Funding

Binalyze Secures $19 Million in Series A Funding

Cybersecurity firm will use the investment to accelerate the company’s growth and development of its category-defining Digital Forensics and Incident...

Read More
Empower your SOC with Modern DFIR

Empower your SOC with Modern DFIR

Hey there, cyber defenders and infosec aficionados! I’m Gamze, Marketing Manager for the META region here at Binalyze.

Read More