Jump to content
Tuts 4 You

malware download possibility

jolin wong

Recommended Posts

in my previous company, we use arcsight siem, so malware ticket is generated after siem get log from various resouce, in the log we can see malware name (for example name of *.exe, *.pdf, *.doc file), also malware can be downloaded from siem, my current company facing a problem, the arcsight siem can't sow malware name, also attachment does not have malware executable file. it is very difficult to analyze malware, is there anything need to be configured from siem, so malware name will appear and dowloadable.

or we have to set up a ftp folder for user to upload the suspected exe file, then we analyze from there?


Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Create New...