{"id":12376,"date":"2025-08-20T13:39:13","date_gmt":"2025-08-20T12:39:13","guid":{"rendered":"https:\/\/mspglobal.com\/blog\/?p=12376"},"modified":"2025-10-01T12:03:06","modified_gmt":"2025-10-01T11:03:06","slug":"what-msps-must-know-about-infostealer-logs-with-estelle-ruellan","status":"publish","type":"post","link":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/","title":{"rendered":"What MSPs must know about infostealer logs, with Flare&#8217;s Estelle Ruellan"},"content":{"rendered":"\n<p>Estelle Ruellan is a Threat Intelligence Researcher at Flare, bringing a blend of mathematics and criminology to her work in the cybersecurity space. She specializes in applying LLMs to cybercrime data and transforming the data into clear, actionable visualizations for partners.&nbsp;<\/p>\n\n\n\n<p>At MSP GLOBAL 2025, she\u2019ll be talking about how corporate credentials end up on infostealer logs. According to the <a href=\"https:\/\/flare.io\/learn\/resources\/blog\/stolen-credentials-in-cybercrime-insights-2025-verizon-dbir\/\">2025 Verizon Data Breach Investigations Report (DBIR)<\/a>, which includes data from Flare, credentials were involved in 88% of basic web application attack breaches, most likely from infostealer logs.&nbsp;<\/p>\n\n\n\n<p>These logs effectively hand attackers the keys to the company kingdom. Estelle will be sharing real-life examples of successful infections and the methods attackers use to infect people&#8217;s devices.<\/p>\n\n\n\n<p>Ahead of her session at MSP GLOBAL 2025, we asked Estelle and colleague Stephanie Monaghan, Director, Channel &amp; Alliances, EMEA, at Flare, how MSPs can turn the tide on this type of breach and what proactive defense looks like.<\/p>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"MSP GLOBAL \u2013 What MSPs must know about infostealer logs\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/jNxV2eTuTSQ?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top has-base-color has-text-color has-link-color wp-elements-c7cdb1aafcbeb3b79b7e8fdbc729ee25 is-layout-flow wp-block-column-is-layout-flow\" style=\"border-radius:8px;padding-top:0px;padding-bottom:0px;flex-basis:66px\">\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"512\" height=\"512\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png\" alt=\"MSPGlobal\" class=\"wp-image-12195\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png 512w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1-150x150.png 150w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<h3 class=\"wp-block-heading has-medium-font-size wp-container-content-164459c7 cfs-article-inner-heading\" id=\"what-are-infostealer-logs\" style=\"margin-top:0px;margin-left:0px;font-style:normal;font-weight:600;line-height:1.3\">What are infostealer logs?<\/h3>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns are-vertically-aligned-top is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66px\">\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"1000\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg\" alt=\"\" class=\"wp-image-12377\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg 1000w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-150x150.jpg 150w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-768x768.jpg 768w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<p>Infostealer logs are a type of malware, and it&#8217;s basically hungry for data. Hence the name. It&#8217;s information stealer malware. When it infects a device, it will go and grab anything that could be a valuable piece of data: credentials, access, files, photos you would have on the computer, crypto wallets, browsing history, and then it builds up a kind of a numerical dossier on the identity of the user of that device. And then it&#8217;s either sold, or it&#8217;s used for further exploitation.<\/p>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top has-base-color has-text-color has-link-color wp-elements-c7cdb1aafcbeb3b79b7e8fdbc729ee25 is-layout-flow wp-block-column-is-layout-flow\" style=\"border-radius:8px;padding-top:0px;padding-bottom:0px;flex-basis:66px\">\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"512\" height=\"512\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png\" alt=\"MSPGlobal\" class=\"wp-image-12195\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png 512w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1-150x150.png 150w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<h3 class=\"wp-block-heading has-medium-font-size wp-container-content-164459c7 cfs-article-inner-heading\" id=\"what-information-do-they-contain-and-where-do-they-show-up\" style=\"margin-top:0px;margin-left:0px;font-style:normal;font-weight:600;line-height:1.3\">What sort of information do they contain, and more importantly, where do they show up?<\/h3>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns are-vertically-aligned-top is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66px\">\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"1000\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg\" alt=\"\" class=\"wp-image-12377\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg 1000w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-150x150.jpg 150w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-768x768.jpg 768w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<p>An infostealer log is a report on the user&#8217;s identity on the web\u2014so anything that has been visited on the browsing history, any passwords saved in that browser, any file, you can have the list of software from that computer. If it\u2019s a personal device and you have photos on the desktop, they will be taken as well. And they\u2019re very hungry for crypto wallets. Anything that could be valuable will be exfiltrated, either on a web server that is hosted by the threat actor itself or sometimes even on messaging apps like Telegram.<\/p>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top has-base-color has-text-color has-link-color wp-elements-c7cdb1aafcbeb3b79b7e8fdbc729ee25 is-layout-flow wp-block-column-is-layout-flow\" style=\"border-radius:8px;padding-top:0px;padding-bottom:0px;flex-basis:66px\">\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"512\" height=\"512\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png\" alt=\"MSPGlobal\" class=\"wp-image-12195\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png 512w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1-150x150.png 150w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<h3 class=\"wp-block-heading has-medium-font-size wp-container-content-164459c7 cfs-article-inner-heading\" id=\"what-danger-does-this-pose-to-corporations-and-larger-organizations\" style=\"margin-top:0px;margin-left:0px;font-style:normal;font-weight:600;line-height:1.3\">What kind of danger does this pose to corporations and larger organizations?<\/h3>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns are-vertically-aligned-top is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66px\">\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"1000\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg\" alt=\"\" class=\"wp-image-12377\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg 1000w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-150x150.jpg 150w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-768x768.jpg 768w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<p>The key here is to understand that with access, you can enter by the front door. If a threat actor has his hands on corporate access to your company, they don&#8217;t need to put in the effort, skill or even money to build a technical exploit to enter your company via a vulnerability because they have the key to the front door.<\/p>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top has-base-color has-text-color has-link-color wp-elements-c7cdb1aafcbeb3b79b7e8fdbc729ee25 is-layout-flow wp-block-column-is-layout-flow\" style=\"border-radius:8px;padding-top:0px;padding-bottom:0px;flex-basis:66px\">\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"512\" height=\"512\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png\" alt=\"MSPGlobal\" class=\"wp-image-12195\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png 512w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1-150x150.png 150w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<h3 class=\"wp-block-heading has-medium-font-size wp-container-content-164459c7 cfs-article-inner-heading\" id=\"the-keys-to-the-kingdom\" style=\"margin-top:0px;margin-left:0px;font-style:normal;font-weight:600;line-height:1.3\">The keys to the kingdom!<\/h3>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns are-vertically-aligned-top is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66px\">\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"1000\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg\" alt=\"\" class=\"wp-image-12377\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg 1000w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-150x150.jpg 150w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-768x768.jpg 768w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<p>Yes, exactly! So they can enter and wreak as much havoc as they can with the access they have. We have now entered the \u201clogging in\u201d age of cybercrime instead of breaking in, which is a huge turnaround.<\/p>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top has-base-color has-text-color has-link-color wp-elements-c7cdb1aafcbeb3b79b7e8fdbc729ee25 is-layout-flow wp-block-column-is-layout-flow\" style=\"border-radius:8px;padding-top:0px;padding-bottom:0px;flex-basis:66px\">\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"512\" height=\"512\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png\" alt=\"MSPGlobal\" class=\"wp-image-12195\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png 512w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1-150x150.png 150w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<h3 class=\"wp-block-heading has-medium-font-size wp-container-content-164459c7 cfs-article-inner-heading\" id=\"how-do-LLMs-assist-with-cyber-threat-intelligence\" style=\"margin-top:0px;margin-left:0px;font-style:normal;font-weight:600;line-height:1.3\">How do LLMs assist with cyber threat intelligence?<\/h3>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns are-vertically-aligned-top is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66px\">\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"1000\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg\" alt=\"\" class=\"wp-image-12377\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg 1000w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-150x150.jpg 150w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-768x768.jpg 768w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<p>LLMs are very powerful. As humans, when we see text or data, we need to read it, and it requires effort and focus for the task to be efficient. It&#8217;s very time consuming to read everything or to understand an infostealer log at first glance. So LLMs can be very powerful if you train them well. They can help do the heavy lifting of cyber threat intelligence analysis.<\/p>\n\n\n\n<p>That then frees up time for analysis, so humans can spend their time wisely on the deeper analysis to understand more complex patterns. So it&#8217;s a very powerful tool, but it&#8217;s not the solution to replace humans. We still need analysts in the loop.<\/p>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top has-base-color has-text-color has-link-color wp-elements-c7cdb1aafcbeb3b79b7e8fdbc729ee25 is-layout-flow wp-block-column-is-layout-flow\" style=\"border-radius:8px;padding-top:0px;padding-bottom:0px;flex-basis:66px\">\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"512\" height=\"512\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png\" alt=\"MSPGlobal\" class=\"wp-image-12195\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png 512w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1-150x150.png 150w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<h3 class=\"wp-block-heading has-medium-font-size wp-container-content-164459c7 cfs-article-inner-heading\" id=\"how-is-the-threat-landscape-evolving-and-which-methods-are-you-seeing-utilized-the-most\" style=\"margin-top:0px;margin-left:0px;font-style:normal;font-weight:600;line-height:1.3\">How is the threat landscape evolving, and which methods are you seeing utilized the most?<\/h3>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns are-vertically-aligned-top is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66px\">\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"1000\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg\" alt=\"\" class=\"wp-image-12377\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg 1000w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-150x150.jpg 150w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-768x768.jpg 768w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<p>&nbsp;From a criminology point of view, cybercrime is very much about opportunity. So anything that&#8217;s available and that&#8217;s low effort will always be used more than something more technical and more demanding.&nbsp;<\/p>\n\n\n\n<p>And it&#8217;s exactly what we see. Infostealer logs fit into that movement because they\u2019re often sold or even published on channels, and you can get them for free. Why would a contractor go and spend time and skills to build something to break in when they can just get something for free and then go on about their day?<\/p>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top has-base-color has-text-color has-link-color wp-elements-c7cdb1aafcbeb3b79b7e8fdbc729ee25 is-layout-flow wp-block-column-is-layout-flow\" style=\"border-radius:8px;padding-top:0px;padding-bottom:0px;flex-basis:66px\">\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"512\" height=\"512\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png\" alt=\"MSPGlobal\" class=\"wp-image-12195\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png 512w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1-150x150.png 150w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<h3 class=\"wp-block-heading has-medium-font-size wp-container-content-164459c7 cfs-article-inner-heading\" id=\"in-your-view-what-does-effective-protection-and-monitoring-and-remediation-look-like\" style=\"margin-top:0px;margin-left:0px;font-style:normal;font-weight:600;line-height:1.3\">In your view, what does effective protection and monitoring and remediation look like?<\/h3>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns are-vertically-aligned-top is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66px\">\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"383\" height=\"383\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1580293139215-2.jpeg\" alt=\"\" class=\"wp-image-12380\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1580293139215-2.jpeg 383w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1580293139215-2-150x150.jpeg 150w\" sizes=\"auto, (max-width: 383px) 100vw, 383px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<p>For an MSP or an MSSP, effective protection, monitoring and remediation would be a scenario where the MSP can detect threats and prevent them from impacting customer systems, customer data, and the day-to-day running of the customer business. They would be able to alert a customer to any potential issues, and if required they would also be able to remediate this issue using things like pre-configured workflows.&nbsp;<\/p>\n\n\n\n<p>When our MSP and MSSPs offer Flare as a service to their customers, we integrate with whatever SIEM or SOAR technology they are using, and they often add a \u201cservice wrap\u201d around the solution. Some may run Flare as a standalone continuous threat exposure management service, whereas others would run it as part of their existing SOC or MDR service to give their customers an extra layer of protection.<\/p>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top has-base-color has-text-color has-link-color wp-elements-c7cdb1aafcbeb3b79b7e8fdbc729ee25 is-layout-flow wp-block-column-is-layout-flow\" style=\"border-radius:8px;padding-top:0px;padding-bottom:0px;flex-basis:66px\">\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"512\" height=\"512\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png\" alt=\"MSPGlobal\" class=\"wp-image-12195\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png 512w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1-150x150.png 150w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<h3 class=\"wp-block-heading has-medium-font-size wp-container-content-164459c7 cfs-article-inner-heading\" id=\"what-would-your-number-one-piece-of-advice-be-to-MSPs-to-prevent-the-initial-infection-in-customer-systems\" style=\"margin-top:0px;margin-left:0px;font-style:normal;font-weight:600;line-height:1.3\">What would your number one piece of advice be to MSPs to prevent the initial infection in customer systems?<\/h3>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns are-vertically-aligned-top is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66px\">\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"383\" height=\"383\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1580293139215-1.jpeg\" alt=\"\" class=\"wp-image-12379\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1580293139215-1.jpeg 383w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1580293139215-1-150x150.jpeg 150w\" sizes=\"auto, (max-width: 383px) 100vw, 383px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<p>It&#8217;s not a matter of if someone gets infected, it&#8217;s a matter of when. You have to look at some of the huge names in the industries that are being breached. Effective antivirus and effective MDR is something that may help to prevent the infection. But I think it&#8217;s more important to have a plan in place of what is going to happen when you&#8217;re infected because ultimately, it will happen.<\/p>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top has-base-color has-text-color has-link-color wp-elements-c7cdb1aafcbeb3b79b7e8fdbc729ee25 is-layout-flow wp-block-column-is-layout-flow\" style=\"border-radius:8px;padding-top:0px;padding-bottom:0px;flex-basis:66px\">\n<figure class=\"wp-block-image size-large is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"512\" height=\"512\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png\" alt=\"MSPGlobal\" class=\"wp-image-12195\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1.png 512w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fav_mspg-1-150x150.png 150w\" sizes=\"auto, (max-width: 512px) 100vw, 512px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<h3 class=\"wp-block-heading has-medium-font-size wp-container-content-164459c7 cfs-article-inner-heading\" id=\"whats-the-key-message-or-benefit-that-MSPs-will-take-away-from-your-session-at-MSP-GLOBAL\" style=\"margin-top:0px;margin-left:0px;font-style:normal;font-weight:600;line-height:1.3\">What&#8217;s the key message or benefit that MSPs will take away from your session at MSP GLOBAL?<\/h3>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns are-vertically-aligned-top is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66px\">\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1000\" height=\"1000\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg\" alt=\"\" class=\"wp-image-12377\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile.jpg 1000w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-150x150.jpg 150w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/profile-768x768.jpg 768w\" sizes=\"auto, (max-width: 1000px) 100vw, 1000px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<p>The key message here is that one infection can trigger a chain reaction. MSPs must understand how impactful a single infection from even a personal device can impact an organization. Most infections happen from a willing user&#8217;s action\u2014a click on something or downloading suspicious malware.&nbsp;<\/p>\n\n\n\n<p>We want to spread the awareness about how an infection happens, and what the psychological tricks are by threat actors to infect most people, so MSPs know and recognize the danger before it arises.<\/p>\n<\/div>\n<\/div>\n\n\n\n<div class=\"wp-block-columns are-vertically-aligned-top is-layout-flex wp-container-core-columns-is-layout-780494b0 wp-block-columns-is-layout-flex\" style=\"margin-top:var(--wp--preset--spacing--large);margin-bottom:var(--wp--preset--spacing--large)\">\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\" style=\"flex-basis:66px\">\n<figure class=\"wp-block-image size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"383\" height=\"383\" src=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1580293139215.jpeg\" alt=\"\" class=\"wp-image-12378\" style=\"width:50px\" srcset=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1580293139215.jpeg 383w, https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1580293139215-150x150.jpeg 150w\" sizes=\"auto, (max-width: 383px) 100vw, 383px\" \/><\/figure>\n<\/div>\n\n\n\n<div class=\"wp-block-column is-vertically-aligned-top is-layout-flow wp-block-column-is-layout-flow\">\n<p>For an MSP who may not already offer security services, it will give them a deeper understanding of the security challenges that customers face.&nbsp;<\/p>\n\n\n\n<p>For MSSPs in particular, it will help them understand the challenges that lie within the dark and clear web, how a service wrap that they develop around Flare can enhance their existing SOC and MDR offerings, and help them mitigate and offer a more proactive approach to their managed service.<\/p>\n<\/div>\n<\/div>\n\n\n\n<figure class=\"wp-block-embed is-type-video is-provider-youtube wp-block-embed-youtube wp-embed-aspect-16-9 wp-has-aspect-ratio\"><div class=\"wp-block-embed__wrapper\">\n<iframe loading=\"lazy\" title=\"MSP GLOBAL - Inside an infostealer log\" width=\"500\" height=\"281\" src=\"https:\/\/www.youtube.com\/embed\/b09vDqVwcAc?feature=oembed\" frameborder=\"0\" allow=\"accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share\" referrerpolicy=\"strict-origin-when-cross-origin\" allowfullscreen><\/iframe>\n<\/div><\/figure>\n\n\n\n<p><em>Cybercriminals are using the path of least resistance to maximize their profitability. Join Estelle at The Elevator Stage on Thursday October 23, 10:20am to 10:30am as she shows how corporate credentials got into an infostealer log, revealing recurring lures, malware distribution methods, and social engineering methods with real-world examples of successful infection campaigns from click to compromise.<\/em><\/p>\n\n\n\n<p><a href=\"https:\/\/mspglobal.com\/blog\/category\/msp-global\/#newsletter\" target=\"_blank\" rel=\"noreferrer noopener\">Sign up for MSP GLOBAL newsletter<\/a> for your free registration code, saving \u20ac399.<\/p>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Estelle Ruellan is a Threat Intelligence Researcher at Flare, bringing a blend of mathematics and criminology to her work in the cybersecurity space. She specializes in applying LLMs to cybercrime data and transforming the data into clear, actionable visualizations for partners.&nbsp; At MSP GLOBAL 2025, she\u2019ll be talking about how corporate credentials end up on [&hellip;]<\/p>\n","protected":false},"author":31,"featured_media":12381,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"mark_post_sync":false,"footnotes":""},"categories":[1514],"tags":[],"class_list":["post-12376","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-interviews"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v24.2 (Yoast SEO v27.3) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>What MSPs must know about infostealer logs, with Flare&#039;s Estelle Ruellan<\/title>\n<meta name=\"description\" content=\"Learn how infostealer logs leak corporate credentials\u2014and why MSPs must spot and block the \u201ckeys to the kingdom\u201d, in this expert interview.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"What MSPs must know about infostealer logs, with Flare&#039;s Estelle Ruellan\" \/>\n<meta property=\"og:description\" content=\"What MSPs must know about infostealer logs, with Flare&#039;s Estelle Ruellan\" \/>\n<meta property=\"og:url\" content=\"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/\" \/>\n<meta property=\"og:site_name\" content=\"MSP GLOBAL BLOG\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/profile.php?id=100089083200946\" \/>\n<meta property=\"article:published_time\" content=\"2025-08-20T12:39:13+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2025-10-01T11:03:06+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1000026597_2.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"1200\" \/>\n\t<meta property=\"og:image:height\" content=\"539\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Francesca Cotton\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:site\" content=\"@MSPglobalevent\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Francesca Cotton\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"10 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\\\/\"},\"author\":{\"name\":\"Francesca Cotton\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\"},\"headline\":\"What MSPs must know about infostealer logs, with Flare&#8217;s Estelle Ruellan\",\"datePublished\":\"2025-08-20T12:39:13+00:00\",\"dateModified\":\"2025-10-01T11:03:06+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\\\/\"},\"wordCount\":1223,\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/1000026597_2.jpg\",\"articleSection\":[\"Interviews\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\\\/\",\"name\":\"What MSPs must know about infostealer logs, with Flare's Estelle Ruellan\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/1000026597_2.jpg\",\"datePublished\":\"2025-08-20T12:39:13+00:00\",\"dateModified\":\"2025-10-01T11:03:06+00:00\",\"description\":\"Learn how infostealer logs leak corporate credentials\u2014and why MSPs must spot and block the \u201ckeys to the kingdom\u201d, in this expert interview.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/mspglobal.com\\\/blog\\\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\\\/#primaryimage\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/1000026597_2.jpg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/1000026597_2.jpg\",\"width\":1200,\"height\":539},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Interviews\",\"item\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/category\\\/interviews\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"What MSPs must know about infostealer logs, with Flare&#8217;s Estelle Ruellan\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"name\":\"MSP INSIGHTS - The MSP GLOBAL Blog\",\"description\":\"The latest news for MSPs and Tech Experts.\",\"publisher\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#organization\",\"name\":\"MSP GLOBAL\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/MSP-GLOBAL-BLOG.svg\",\"width\":536,\"height\":63,\"caption\":\"MSP GLOBAL\"},\"image\":{\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/www.facebook.com\\\/profile.php?id=100089083200946\",\"https:\\\/\\\/x.com\\\/MSPglobalevent\",\"https:\\\/\\\/www.linkedin.com\\\/company\\\/mspglobalevent\\\/\",\"https:\\\/\\\/www.instagram.com\\\/mspglobalevent\\\/\"],\"ownershipFundingInfo\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\",\"actionableFeedbackPolicy\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/imprint\\\/\"},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/#\\\/schema\\\/person\\\/93fec8f66d570471e04e31ae8b5c3b96\",\"name\":\"Francesca Cotton\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/wp-content\\\/uploads\\\/cropped-fran-cotton-scaled-2-96x96.jpg\",\"caption\":\"Francesca Cotton\"},\"description\":\"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.\",\"url\":\"https:\\\/\\\/mspglobal.com\\\/blog\\\/author\\\/francesca-cotton\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"What MSPs must know about infostealer logs, with Flare's Estelle Ruellan","description":"Learn how infostealer logs leak corporate credentials\u2014and why MSPs must spot and block the \u201ckeys to the kingdom\u201d, in this expert interview.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/","og_locale":"en_US","og_type":"article","og_title":"What MSPs must know about infostealer logs, with Flare's Estelle Ruellan","og_description":"What MSPs must know about infostealer logs, with Flare's Estelle Ruellan","og_url":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/","og_site_name":"MSP GLOBAL BLOG","article_publisher":"https:\/\/www.facebook.com\/profile.php?id=100089083200946","article_published_time":"2025-08-20T12:39:13+00:00","article_modified_time":"2025-10-01T11:03:06+00:00","og_image":[{"width":1200,"height":539,"url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1000026597_2.jpg","type":"image\/jpeg"}],"author":"Francesca Cotton","twitter_card":"summary_large_image","twitter_creator":"@MSPglobalevent","twitter_site":"@MSPglobalevent","twitter_misc":{"Written by":"Francesca Cotton","Est. reading time":"10 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/#article","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/"},"author":{"name":"Francesca Cotton","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96"},"headline":"What MSPs must know about infostealer logs, with Flare&#8217;s Estelle Ruellan","datePublished":"2025-08-20T12:39:13+00:00","dateModified":"2025-10-01T11:03:06+00:00","mainEntityOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/"},"wordCount":1223,"publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1000026597_2.jpg","articleSection":["Interviews"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/","url":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/","name":"What MSPs must know about infostealer logs, with Flare's Estelle Ruellan","isPartOf":{"@id":"https:\/\/mspglobal.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/#primaryimage"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/#primaryimage"},"thumbnailUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1000026597_2.jpg","datePublished":"2025-08-20T12:39:13+00:00","dateModified":"2025-10-01T11:03:06+00:00","description":"Learn how infostealer logs leak corporate credentials\u2014and why MSPs must spot and block the \u201ckeys to the kingdom\u201d, in this expert interview.","breadcrumb":{"@id":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/#primaryimage","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1000026597_2.jpg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/1000026597_2.jpg","width":1200,"height":539},{"@type":"BreadcrumbList","@id":"https:\/\/mspglobal.com\/blog\/what-msps-must-know-about-infostealer-logs-with-estelle-ruellan\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/mspglobal.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Interviews","item":"https:\/\/mspglobal.com\/blog\/category\/interviews\/"},{"@type":"ListItem","position":3,"name":"What MSPs must know about infostealer logs, with Flare&#8217;s Estelle Ruellan"}]},{"@type":"WebSite","@id":"https:\/\/mspglobal.com\/blog\/#website","url":"https:\/\/mspglobal.com\/blog\/","name":"MSP INSIGHTS - The MSP GLOBAL Blog","description":"The latest news for MSPs and Tech Experts.","publisher":{"@id":"https:\/\/mspglobal.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/mspglobal.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/mspglobal.com\/blog\/#organization","name":"MSP GLOBAL","url":"https:\/\/mspglobal.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/MSP-GLOBAL-BLOG.svg","width":536,"height":63,"caption":"MSP GLOBAL"},"image":{"@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/profile.php?id=100089083200946","https:\/\/x.com\/MSPglobalevent","https:\/\/www.linkedin.com\/company\/mspglobalevent\/","https:\/\/www.instagram.com\/mspglobalevent\/"],"ownershipFundingInfo":"https:\/\/mspglobal.com\/blog\/imprint\/","actionableFeedbackPolicy":"https:\/\/mspglobal.com\/blog\/imprint\/"},{"@type":"Person","@id":"https:\/\/mspglobal.com\/blog\/#\/schema\/person\/93fec8f66d570471e04e31ae8b5c3b96","name":"Francesca Cotton","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","url":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","contentUrl":"https:\/\/mspglobal.com\/blog\/wp-content\/uploads\/cropped-fran-cotton-scaled-2-96x96.jpg","caption":"Francesca Cotton"},"description":"Francesca is an experienced copywriter, copy editor and journalist with a background in B2B content across the finance, food and technology sectors, as well as in luxury ecommerce and consumer publishing. As part of the Cloudfest and MSP Global writing team, Francesca uses her journalism background to get to the heart of industry trends and stories to deliver insightful and compelling content and commentaries.","url":"https:\/\/mspglobal.com\/blog\/author\/francesca-cotton\/"}]}},"_links":{"self":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12376","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/users\/31"}],"replies":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/comments?post=12376"}],"version-history":[{"count":5,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12376\/revisions"}],"predecessor-version":[{"id":12448,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/posts\/12376\/revisions\/12448"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media\/12381"}],"wp:attachment":[{"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/media?parent=12376"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/categories?post=12376"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/mspglobal.com\/blog\/wp-json\/wp\/v2\/tags?post=12376"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}