T-Guard Official Documentation
  • Introduction
    • About T-Guard
    • Architecture
  • Installation
    • Prerequisites
    • Installation Steps
    • Integration Steps
    • Use Case
  • User Manual
    • Wazuh (SIEM)
      • Accessing Wazuh Dashboard
      • Deploying Wazuh Agents
      • Wazuh Fields Description
      • Decoders and Rulers
      • Threat Detection and Response
    • DFIR-IRIS
      • DFIR-IRIS (Digital Forensic Incident Response - IRIS)
      • Accessing DFIR-IRIS Dashboard
      • Using IRIS
  • Demo Testing
    • Brute-force Attacks
    • Malware Detection
    • File Integrity Monitoring
Powered by GitBook
On this page
  1. Demo Testing

Malware Detection

PreviousBrute-force AttacksNextFile Integrity Monitoring

Last updated 1 year ago

In order to test the capabilities of our security operations center (SOC), we will intentionally download malware samples to a test computer. The downloaded files will then be monitored by the File Integrity Monitoring features of the SOC.

The files will be checked against Yara rules and VirusTotal to determine if they are malicious. If the files are found to be malicious, the system will automatically run an active response to prevent infection and mitigate the potential risk to the network.