Loginsoft PursuitX API

Loginsoft PursuitX provides intelligence-driven threat detections of malware families and threat actors and their tactics, techniques, and procedures which help an organization to integrate with their current SIEM and SOAR solutions. PursuitX consistently monitors various adversaries by tracking the attack behavior comprising TTPs and collect relevant log events to generate detection rules specific to a malware family or a threat actor.

• With context driven signatures that help to improve existing security controls, the detection feed comes in a prominent and revolutionary format “SIGMA” which is a human-readable and effective format that can describe relevant log events from various telemetry and convert rules to queries of the respective SIEM solution of their choice
• The PursuitX team continuously research and update the detections to automatically prioritize the events for actionable response

Sigma Rules as De facto:

• Describes detection and includes metadata which is helpful for investigations
• Can easily be integrated with several SIEM solutions
• Community endorsed
• Can easily be shared with threat intelligence platforms