Vulnerability Research - Loginsoft Research

Threat Detection

Vulnerability Research

Loginsoft Vulnerability Research rules provides visibility for enterprises to quickly identify the attacks or attack attempts thus allowing a SOC analyst and first incident responders to easily prioritize the events and automate the further investigations. Upon diligent research we provide the threat detection patterns of all known exploits of a widely used components/software. The following are a few components which we were able to generate detection patterns.

Recent Research

CVE	Component	Sigma
CVE-2017-7529	nginx
CVE-2013-4547	nginx
CVE-2013-2028	nginx
CVE-2010-2266	nginx
CVE-2010-2263	nginx
CVE-2009-4487	nginx
CVE-2009-3898	nginx
CVE-2018-16845	nginx

GitHub Repositories

zeek-scripts

Updated on Feb 15 Public

zeek scripts for CVE detection and Threat Hunt

oval4malw

Updated on Aug 18, 2022 Public

Using OVAL for Malware Detection

detection-rules

Updated on Jul 27, 2022 Public

Threat Detection & Anomaly Detection rules for popular open-source components

OVAL-Repository

Updated on Feb 22, 2022 Public

Loginsoft OVAL repository for the security content