Loginsoft Blogs

Handling Multiline Log formats using Regex and GROK Parser

To effectively analyze logs from multiple products, security operations teams must first comprehend the diverse landscape of log types. We will provide an overview of common log types encountered, such as system logs, application logs, network logs, and security logs....

read more

Empowering CI/CD with Rego Policies

Rego is a policy language used by the Open Policy Agent (OPA), a powerful policy enforcement engine. By integrating Rego OPA with CI/CD pipelines, we can automate policy enforcement, improve code and configuration quality, ensure compliance and reduce the risk of...

read more

Security Products: Challenge, Accessibility, Approach to test

We are often asked by our clients to setup security firewalls and networking products in a lab environment using popular emulators like EVE-NG or GNS3 etc. It is always not easy to find ways to emulate different security network products, but we are able to find...

read more

Detecting Atlassian Confluence Exploitation – CVE-2022-26134

Context Background Atlassian has published a security advisory CVE-2022-26134 on June 2, for its Confluence Server and Data Center, regarding zero-day vulnerability. Several customer environments were being compromised with the unauthenticated activity and for which...

read more

Cisco Umbrella Reporting Integration with Cortex XSOAR

Security teams are constantly flooded with alerts from multiple systems. Using the Cisco Umbrella Reporting API, security analysts can programmatically pull contextual threat intelligence from the Global Network into their Security Management, Incident, Orchestration...

read more

Open Vulnerability Assessment Language (OVAL) in a Nutshell

Before diving into the OVAL, we shall quickly brief the project from where it has evolved. Overview of SCAP Security Content Automation Protocol (SCAP), a project from NIST is widely adopted by many software and hardware manufacturers as a sophisticated framework of...

read more

Palo Alto Networks Cortex XSOAR Integration

The changing threat landscape in cybersecurity has highlighted the need for a platform that centralizes intelligence from various sources in order to perform an effective security operation and workflow. Cortex XSOAR combines both security orchestration and incident...

read more

Emerging Threats and Vulnerabilities in Cybersecurity

Loginsoft Research Team has been monitoring several exploits from the dedicated servers that were deployed globally for the purpose of threat discovery. The team analyzes and enriches this data to identify behavior, methods and intent of the Threat actors. The...

read more

IBM QRadar Use Cases

What should I build on IBM QRadar to effectively manage and investigate the alerts? The guide for Product Managers to explore Security Use Cases. In an age where cyber threats are widespread, it is important that organizations keep their data secure. The IBM QRadar...

read more

Threat Research Blogs

Ransomware Watch Q1 2023 Highlights

June 20, 2023

Over 800 organizations found themselves listed on ransomware sites lurking in the depths of the dark web..


Taming the Storm: Understanding and Mitigating the Consequences of CVE-2023-27350

May 23, 2023

The world of cybersecurity is constantly evolving, with new threats emerging every day. One of the latest threats to emerge is..


IcedID Malware: Traversing Through its Various Incarnations

May 02, 2023

IcedID, the notorious malware, is actively involved in several delivery campaigns, demonstrating versatility and adaptability.


Maximizing Threat Detections of Qakbot with Osquery

April 12, 2023

Initially, Qakbot spreads using malicious email attachments, drive-by-download attacks


From Innocence to Malice: The OneNote Malware Campaign Uncovered

March 30, 2023

OneNote has been highly cherished by Threat Actors (TAs) in recent months.

read more  

Aurora: The Dark Dawn and its Menacing Effects

March 24, 2023

Aurora Stealer a non-friendly program in your neighborhood developed in Go-lang.

read more  

Let us know how we can help you