https://github.com/osquery/osquery logo
p

psbkb

10/12/2017, 8:28 PM
do I need to run the malware and run the query around the developed IOC
c

clong

10/12/2017, 10:26 PM
Just create an IOC around what the query is searching for, yes. no need to run actual malware
7 Views