Currently Yara rules are compiled and embedded as an asset in the binary. It would be good to provide a way to encrypt the ruleset (e.g. with an AES key) in order to make any extraction a little bit harder to do. This also should apply for ruleset updates delivered through the server.
Currently Yara rules are compiled and embedded as an asset in the binary. It would be good to provide a way to encrypt the ruleset (e.g. with an AES key) in order to make any extraction a little bit harder to do. This also should apply for ruleset updates delivered through the server.