Adlice forum

Software feedback => MRF => Topic started by: ag100 on April 06, 2018, 03:59:00 pm

Title: RFE
Post by: ag100 on April 06, 2018, 03:59:00 pm
Hello,

I am working on planning some changes to my instance, but before going off and creating something that probably won't be backwards compatible with future releases, I wanted to see if there were any planned enhancements to address the things I'm working on.  Among them:

- When pulling a VT report, I would like to tag (or otherwise correlate) the sample with at least all of the detections rather than one.  It would also be great to pull things such as the data from the behavior tab (when available).

- Yara Scanning - Both upon submission, and retroactively (as new rules are added, etc...)

 Thanks!
Title: Re: RFE
Post by: ag100 on April 08, 2018, 06:34:47 pm
Disregard, I have decided to go in a different direction.  Thanks.
Title: Re: RFE
Post by: Tigzy on April 09, 2018, 12:09:20 pm
Hey, let me answer anyway :)

- When pulling a VT report, I would like to tag (or otherwise correlate) the sample with at least all of the detections rather than one.  It would also be great to pull things such as the data from the behavior tab (when available).
=> This goes against the VirusTotal terms of service, so we can't. As for the behavior data, I don't think it's available in the public API (I may be wrong)

- Yara Scanning is planned, and currently in development.