IBM QRadarJoin this online user group to communicate across Security product users and IBM experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.
Hi, is there a blacklist of hashes of (bad / malicious / suspected) mobile applications (as you can find those in google play store / apple store) that can be used in qradar to check the app hashes i reive in certain events against when people install app on their device ?
Hi, no-One ? is my question not clear maybe ?
Just let me know
If we do not keep[ track of thios on x-force maybe some ideas on other locations where to find such lists ?
thanks
Hi.
I guess you can use a reference list for this. And correct me if I'm wrong, but don't we get such intel right into the box from x-force?
Hi yes thanks, surely a reference list can be used to implement it but the question here is if such a list is already maintained so that we dont have to build / maintain it ourselves ??? Maybe in x-force ? Maybe elsewhere ... it would need both iOS and Android apps ...
thanks koen
Hi, no updates ? I could imagine that there is a list of malicious mobile device apps ?
Hello koenkleingeld,
it is correct that IBM QRadar uses X-Force malware data. This database is extensiv but focuses more on regular malicious files instead of iOS and Android apps.
Regards
Manuel Hauptmann