Welcome to the new Splunkbase! To return to the old Splunkbase, click here.
Collections
Apps
Submit an app
Warning

This app is archived. Learn more

TA-eicar app icon

TA-eicar

Need to provide evidence that your malware response on Linux is ready? Read on!

Built by Daniel Wilson
splunk product badge
Latest Version 1.0.0
March 14, 2020
Compatibility
Not Available
Platform Version: 9.4, 9.3, 9.2, 9.1, 9.0, 8.2, 8.1, 8.0, 7.3, 7.2, 7.1, 7.0
CIM Version: 4.x, 3.x
Rating

0

(0)

Log in to rate this app
Support
TA-eicar support icon
Not Supported
Need to provide evidence that your malware response on Linux is ready? Read on! This TA randomly places the EICAR test file on common malware locations on the Linux file system and logs it's change out. This is helpful in testing your blue/purple team detection on the Linux platform. Provides evidence of incident response ability to auditors as well. This saved the day in our PCI audit last year. The logs created a clear historical of incidents which we could easily compare to our SOC responses. Learn More about EICAR here - https://en.wikipedia.org/wiki/EICAR_test_file

Categories

Created By

Daniel Wilson

Type

addon

Downloads

336

Licensing

Splunk Answers

Resources

Log in to report this app listing