Problem: we've collected hash from systems. What's the best way to compare hash files against known bad malware and how to automatically flag bad hashes?
Ideally, we should be able to control the hash selection by checking against a whitelist and a blacklist dataset. For those hash appearing in the whitelist, we would simply ignore. For those in the blacklist we would tag and identify blacklist source.
Problem: we've collected hash from systems. What's the best way to compare hash files against known bad malware and how to automatically flag bad hashes?
Ideally, we should be able to control the hash selection by checking against a whitelist and a blacklist dataset. For those hash appearing in the whitelist, we would simply ignore. For those in the blacklist we would tag and identify blacklist source.