Add remote YARA language to pricing chart#25181
Conversation
noahtalerman
left a comment
noahtalerman
left a comment
There was a problem hiding this comment.
Thanks @sgress454! Looking good.
Left some request changes below.
| friendlyName: Scan files for zero days and malware signatures | ||
| description: Use YARA signatures to report and trigger automations when zero days, malware, or unexpected files are detected on a host. | ||
| description: Use YARA signatures to report and trigger automations when zero days, malware, or unexpected files are detected on a host. YARA rules can be deployed remotely and privately. | ||
| documentationUrl: https://fleetdm.com/tables/yara |
There was a problem hiding this comment.
| documentationUrl: https://fleetdm.com/tables/yara | |
| documentationUrl: https://fleetdm.com/guides/remote-yara-rules |
I think let's point to the guide in the top-level URL. This way, if someone clicks to learn more on the pricing page they'll be taken to the guide:
Also, it looks like the guide has a link to the table (old URL) 👍
| - industryName: Malware detection (YARA/custom IoCs) # TODO: consider: technically more than YARA, consider generalizing this and including the concept of comparing known binary hashes and other IoCs (either via live query or in the data lake to compare threat intel feed) | ||
| friendlyName: Scan files for zero days and malware signatures | ||
| description: Use YARA signatures to report and trigger automations when zero days, malware, or unexpected files are detected on a host. | ||
| description: Use YARA signatures to report and trigger automations when zero days, malware, or unexpected files are detected on a host. YARA rules can be deployed remotely and privately. |
There was a problem hiding this comment.
| description: Use YARA signatures to report and trigger automations when zero days, malware, or unexpected files are detected on a host. YARA rules can be deployed remotely and privately. | |
| description: Deploy YARA signatures (rules) to report and trigger automations when zero days, malware, or unexpected files are detected on a host. |
Small copy tweak. I think users expect to be able to deploy "remotely and privately" (the new way) even though you can technically deploy rules publicly (old way). I think let's make the new way as the best practice.
There was a problem hiding this comment.
Gotcha. I was thinking this was a selling point since it seems that only Fleet supports it right now, so seemed like it was worth explicitly pointing out.
There was a problem hiding this comment.
Fair point. I tweaked the langauge a bit but left in the second sentence.
| - description: Deploy YARA rules to your own private server that Fleet authenticates with. | ||
| moreInfoUrl: https://fleetdm.com/guides/remote-yara-rules |
There was a problem hiding this comment.
| - description: Deploy YARA rules to your own private server that Fleet authenticates with. | |
| moreInfoUrl: https://fleetdm.com/guides/remote-yara-rules |
I think we can cut this because we're updating the top level URL to the guide. Also it's less to maintain if we pull it out.
3 participants
relates to #14899