• EN

Deploying and using a Yara rule with Veeam

  • 18 January 2024
  • 7 comments
  • 553 views
leduardoserrano
Userlevel 7
Badge +6

Hi! In the recent Veeam Backup & Replication v12.1, Veeam brings many new features and capabilities related to data security and integrations with cybersec tools. One of them is the capability to scan backup files with Yara rules.

This is a great feature due to the native flexibility of Yara rules and its wide use in the community.

In this demonstration, we will see how to create a simple Yara rule, associate a malicious file with a VM, and obtain uncompromised recovery points through a scan operation. Everything is effortless and intuitive. I hope it is helpful for the community!

 

 

Luiz Eduardo Serrano. Cloud Architect, Systems Engineer for Veeam and Object First. Veeam Vanguard/VMCA 2024/VMCE. VMware Tanzu Vanguard 2024/VCP Security/VMware User Group, 4xHPE Master ASE/Instructor, RedHat Ansible SE/Instructor, AWS Architect, Nutanix NCA, Cisco-HPE Cloud & DC champion. My blog: https://cloudnroll.com

7 comments

Chris.Childerhose
Userlevel 7
Badge +20

Thanks for sharing this as I am interested in YARA stuff and getting more details.

Chris Childerhose - VMCA2022 | VMCE2023 | Veeam Vanguard 7* | Veeam Legend 3* | vExpert 5* | VCAP-DCV/VCP-DCV | Object First Ace | Cisco Champion | Twitter: @cchilderhose | Blog Site – https://just-virtualization.tech
NZ_BenThomas
Userlevel 6
Badge +3

Thanks for the share :) It’s great to see more people trying this out, and I think it’s definitely going to be one of those Veeam features we look back on and think damn how did we do without it??

Ben Thomas | Solutions Advisor | Veeam Vanguard 2023 | VMCE2022 | Microsoft MVP 2018-2023 | BCThomas.com
wolff.mateus
Userlevel 7
Badge +11

Very nice post @leduardoserrano!

IT Lover | Veeam Vanguard | VUG Leader | Blogger
Moustafa_Hindawi
Userlevel 7
Badge +6

Thank you @leduardoserrano  for sharing

Moustafa Hindawi | Blogger | Nutanix Technology Champion | NCSE | NCM-MCI | VMCE | 2xVCAP-DTM & DCV | 2xVCP-NV & CMA | LinkedIn: https://www.linkedin.com/in/moustafaadelmoustafa/ | My Blog: https://cloudwhales.co.uk/author/mhindawi/
leduardoserrano
Userlevel 7
Badge +6

Thank you @leduardoserrano  for sharing

🙏🏻

Luiz Eduardo Serrano. Cloud Architect, Systems Engineer for Veeam and Object First. Veeam Vanguard/VMCA 2024/VMCE. VMware Tanzu Vanguard 2024/VCP Security/VMware User Group, 4xHPE Master ASE/Instructor, RedHat Ansible SE/Instructor, AWS Architect, Nutanix NCA, Cisco-HPE Cloud & DC champion. My blog: https://cloudnroll.com
Scott
Userlevel 7
Badge +8

Great post. I think this feature is only going to become more and more useful and excited to see where it goes. 

leduardoserrano
Userlevel 7
Badge +6

Great post. I think this feature is only going to become more and more useful and excited to see where it goes. 

I agree, @Scott !!! 👏

Luiz Eduardo Serrano. Cloud Architect, Systems Engineer for Veeam and Object First. Veeam Vanguard/VMCA 2024/VMCE. VMware Tanzu Vanguard 2024/VCP Security/VMware User Group, 4xHPE Master ASE/Instructor, RedHat Ansible SE/Instructor, AWS Architect, Nutanix NCA, Cisco-HPE Cloud & DC champion. My blog: https://cloudnroll.com

Comment


Terms & Conditions