{"id":3839,"date":"2018-12-05T15:34:54","date_gmt":"2018-12-05T14:34:54","guid":{"rendered":"http:\/\/nextron.bsk-consulting.de\/?p=3839"},"modified":"2022-03-25T14:15:02","modified_gmt":"2022-03-25T13:15:02","slug":"asgard-analysis-cockpit-2-2-feature-overview","status":"publish","type":"post","link":"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/","title":{"rendered":"ASGARD Analysis Cockpit 2.2 Feature Overview"},"content":{"rendered":"

[et_pb_section fb_built=”1″ _builder_version=”3.22″][et_pb_row _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

Later this month the new version 2.2 of ASGARD Analysis Cockpit will be released. These are the most important new features.<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″ background_size=”initial” background_position=”top_left” background_repeat=”repeat”][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

The Optimize Button<\/h2>\n

The new “Optimize” button allows you to add all unassigned log lines to existing cases with matching filters. It is possible that you miss some events when creating a new case, either by the wrong selection or due to the fact that new log lines can arrive at any time via SYSLOG or log file import in the background.<\/p>\n

Now it is possible to add all unassigned log lines to previously created cases by using the “Optimize” button.\u00a0 \u00a0<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2018\/12\/Screenshot-2018-12-05-at-13.10.55.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″]
\n[\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

It will not remove previously assigned log lines from existing cases. It just helps you to clear up the base lining section by removing events that are related to existing cases but haven’t been assigned to these cases yet.<\/p>\n

You can later review all automatic assignments in the “Automatic Event Assignment” protocol.<\/p>\n

[\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2018\/12\/Bildschirmfoto-2018-11-27-um-15.25.28.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″]
\n[\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

Notification Settings<\/h2>\n

The new “notification” settings allow you to create notification rules for the following type of events:<\/p>\n

    \n
  1. Log lines that are automatically assigned to an existing case<\/li>\n
  2. Status changes of cases<\/li>\n<\/ol>\n

    The current supported actions are:<\/p>\n

      \n
    1. Syslog Forwarding<\/li>\n
    2. Email Notification<\/li>\n<\/ol>\n

      [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2018\/12\/Screenshot-2018-12-05-at-13.13.31.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″]
      \n[\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

      This allows you to define flexible rules for many different events. You may e.g. create a rule that sends an email notification whenever a new “Incident” case is opened.\u00a0<\/p>\n

      [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2018\/12\/Screenshot-2018-12-05-at-13.13.08.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″]
      \n[\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

      You could also forward all incoming log lines that are automatically assigned to a case of type “Incident”\u00a0to your remote SIEM system. (each syslog message will be extended by two new fields: case_type and case_id)<\/p>\n

      [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2018\/12\/Screenshot-2018-12-05-at-13.12.22.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″]
      \n[\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

      An email for a opened “Incident” case will then look like this:<\/p>\n

      [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2018\/12\/Screenshot-2018-12-05-at-14.15.50.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″]
      \n[\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

      The attachments of these emails contain the included log lines (text) and a JSON with all case information in machine readable form.<\/p>\n

      [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2018\/12\/Screenshot-2018-12-05-at-14.16.16.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″]
      \n[\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

      File Importer<\/h2>\n

      The File Importer status view has been improved so that it shows the number of total files in queue and the number of processed files.<\/p>\n

      [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2018\/12\/Bildschirmfoto-2018-11-27-um-16.04.59.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″]
      \n[\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

      Improved Reporting<\/h2>\n

      The new improved reporting allows you to generate reports not only for a given period of time (e.g. last month) but custom queries on the ElasticSearch database. E.g. you can generate report for the scans on your SuSE linux systems only.\u00a0<\/p>\n

      [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2018\/12\/Screenshot-2018-12-05-at-15.04.20.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″]
      \n[\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

      The reports contain more panels and information on the data set.\u00a0<\/p>\n

      [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2018\/12\/Screenshot-2018-12-05-at-15.04.05.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″]
      \n[\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

      The data from all reports can be downloaded as JSON file.\u00a0<\/p>\n

      [\/et_pb_text][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_image src=”https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2018\/12\/Screenshot-2018-12-05-at-15.12.01.png” align_tablet=”center” align_last_edited=”on|desktop” _builder_version=”4.4.2″ hover_enabled=”0″]
      \n[\/et_pb_image][\/et_pb_column][\/et_pb_row][et_pb_row _builder_version=”3.25″][et_pb_column type=”4_4″ _builder_version=”3.25″ custom_padding=”|||” custom_padding__hover=”|||”][et_pb_text _builder_version=”3.27.4″]<\/p>\n

      Upgrade to 2.2<\/h2>\n

      The upgrade will be visible in the “Updates” section of your Analysis Cockpit once it is released. See the change.log notes for a full list of changes.\u00a0<\/p>\n

       <\/p>\n

      [\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"

      Later this month the new version 2.2 of ASGARD Analysis Cockpit will be released. These are the most important new features. The Optimize Button The new “Optimize” button allows you to add all unassigned log lines to existing cases with matching filters. It is possible that you miss some events when creating a new case, either by the wrong selection or due to the fact that new log lines can arrive at any time via SYSLOG or log file import in the background. Now it is possible to add all unassigned log lines to previously created cases by using the “Optimize” button.\u00a0 \u00a0 It will not remove previously assigned log lines from existing cases. It just helps you to clear up the base lining section by removing events that are related to existing cases but haven’t been assigned to these cases yet.You can later review all automatic assignments in the “Automatic Event Assignment” protocol. Notification SettingsThe new “notification” settings allow you to create notification rules for the following type of events:Log lines that are automatically assigned to an existing caseStatus changes of casesThe current supported actions are:Syslog ForwardingEmail Notification This allows you to define flexible rules for many different events. […]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":"","footnotes":""},"categories":[36,46],"tags":[90,76,149,89,148,150,75],"class_list":["post-3839","post","type-post","status-publish","format-standard","hentry","category-asgard-analysis-cockpit","category-newsletter","tag-analysis","tag-asgard","tag-email","tag-log","tag-notifications","tag-optimize","tag-syslog"],"yoast_head":"\nASGARD Analysis Cockpit 2.2 Feature Overview - Nextron Systems<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/\"},\"author\":{\"name\":\"Florian Roth\",\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/person\/4fd503007d60aabaf1ae747502f36919\"},\"headline\":\"ASGARD Analysis Cockpit 2.2 Feature Overview\",\"datePublished\":\"2018-12-05T14:34:54+00:00\",\"dateModified\":\"2022-03-25T13:15:02+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/\"},\"wordCount\":1419,\"publisher\":{\"@id\":\"https:\/\/www.nextron-systems.com\/#organization\"},\"keywords\":[\"analysis\",\"asgard\",\"email\",\"log\",\"notifications\",\"optimize\",\"syslog\"],\"articleSection\":[\"ASGARD Analysis Cockpit\",\"Newsletter\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/\",\"url\":\"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/\",\"name\":\"ASGARD Analysis Cockpit 2.2 Feature Overview - Nextron Systems\",\"isPartOf\":{\"@id\":\"https:\/\/www.nextron-systems.com\/#website\"},\"datePublished\":\"2018-12-05T14:34:54+00:00\",\"dateModified\":\"2022-03-25T13:15:02+00:00\",\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/\"]}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.nextron-systems.com\/#website\",\"url\":\"https:\/\/www.nextron-systems.com\/\",\"name\":\"Nextron Systems\",\"description\":\"We Detect Hackers\",\"publisher\":{\"@id\":\"https:\/\/www.nextron-systems.com\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.nextron-systems.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.nextron-systems.com\/#organization\",\"name\":\"Nextron Systems GmbH\",\"url\":\"https:\/\/www.nextron-systems.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2017\/11\/Nextron_0.2s_inv_symbol_only.png\",\"contentUrl\":\"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2017\/11\/Nextron_0.2s_inv_symbol_only.png\",\"width\":260,\"height\":260,\"caption\":\"Nextron Systems GmbH\"},\"image\":{\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/logo\/image\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/person\/4fd503007d60aabaf1ae747502f36919\",\"name\":\"Florian Roth\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.nextron-systems.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/0dfaa838ce5d82e2e7bfa75ed3f43ae5?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/0dfaa838ce5d82e2e7bfa75ed3f43ae5?s=96&d=mm&r=g\",\"caption\":\"Florian Roth\"},\"description\":\"Florian Roth serves as the Head of Research and Development at Nextron Systems. With a background in IT security since 2000, he has delved deep into nation-state cyber attacks since 2012. Florian has developed the THOR Scanner and actively engages with the community via his Twitter handle @cyb3rops. He has contributed to open-source projects, including 'Sigma', a generic SIEM rule format, and 'LOKI', an open-source scanner. Additionally, he has shared valuable resources like a mapping of APT groups and operations and an Antivirus Event Analysis Cheat Sheet.\",\"url\":\"https:\/\/www.nextron-systems.com\/author\/florian\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"ASGARD Analysis Cockpit 2.2 Feature Overview - Nextron Systems","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/","schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/#article","isPartOf":{"@id":"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/"},"author":{"name":"Florian Roth","@id":"https:\/\/www.nextron-systems.com\/#\/schema\/person\/4fd503007d60aabaf1ae747502f36919"},"headline":"ASGARD Analysis Cockpit 2.2 Feature Overview","datePublished":"2018-12-05T14:34:54+00:00","dateModified":"2022-03-25T13:15:02+00:00","mainEntityOfPage":{"@id":"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/"},"wordCount":1419,"publisher":{"@id":"https:\/\/www.nextron-systems.com\/#organization"},"keywords":["analysis","asgard","email","log","notifications","optimize","syslog"],"articleSection":["ASGARD Analysis Cockpit","Newsletter"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/","url":"https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/","name":"ASGARD Analysis Cockpit 2.2 Feature Overview - Nextron Systems","isPartOf":{"@id":"https:\/\/www.nextron-systems.com\/#website"},"datePublished":"2018-12-05T14:34:54+00:00","dateModified":"2022-03-25T13:15:02+00:00","inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.nextron-systems.com\/2018\/12\/05\/asgard-analysis-cockpit-2-2-feature-overview\/"]}]},{"@type":"WebSite","@id":"https:\/\/www.nextron-systems.com\/#website","url":"https:\/\/www.nextron-systems.com\/","name":"Nextron Systems","description":"We Detect Hackers","publisher":{"@id":"https:\/\/www.nextron-systems.com\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.nextron-systems.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.nextron-systems.com\/#organization","name":"Nextron Systems GmbH","url":"https:\/\/www.nextron-systems.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.nextron-systems.com\/#\/schema\/logo\/image\/","url":"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2017\/11\/Nextron_0.2s_inv_symbol_only.png","contentUrl":"https:\/\/www.nextron-systems.com\/wp-content\/uploads\/2017\/11\/Nextron_0.2s_inv_symbol_only.png","width":260,"height":260,"caption":"Nextron Systems GmbH"},"image":{"@id":"https:\/\/www.nextron-systems.com\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.nextron-systems.com\/#\/schema\/person\/4fd503007d60aabaf1ae747502f36919","name":"Florian Roth","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.nextron-systems.com\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/0dfaa838ce5d82e2e7bfa75ed3f43ae5?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/0dfaa838ce5d82e2e7bfa75ed3f43ae5?s=96&d=mm&r=g","caption":"Florian Roth"},"description":"Florian Roth serves as the Head of Research and Development at Nextron Systems. With a background in IT security since 2000, he has delved deep into nation-state cyber attacks since 2012. Florian has developed the THOR Scanner and actively engages with the community via his Twitter handle @cyb3rops. He has contributed to open-source projects, including 'Sigma', a generic SIEM rule format, and 'LOKI', an open-source scanner. Additionally, he has shared valuable resources like a mapping of APT groups and operations and an Antivirus Event Analysis Cheat Sheet.","url":"https:\/\/www.nextron-systems.com\/author\/florian\/"}]}},"_links":{"self":[{"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/posts\/3839","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/comments?post=3839"}],"version-history":[{"count":8,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/posts\/3839\/revisions"}],"predecessor-version":[{"id":7260,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/posts\/3839\/revisions\/7260"}],"wp:attachment":[{"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/media?parent=3839"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/categories?post=3839"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.nextron-systems.com\/wp-json\/wp\/v2\/tags?post=3839"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}