After investigating a number of alternatives, the industry-leading European bank invested in SOC Prime’s Threat Detection Marketplace to access cross-platform content across various SIEM language formats, including the company’s QRadar security solution. They chose the Premium subscription of Threat Detection Marketplace unlocking access to an impressive library of ready-to-made detection and response scenarios convertible to various platform formats and measured against 250+ ATT&CK Techniques. With SOC Prime, the company streamlined the development of detection content saving up to 600+ SOC Team hours in less than 6 months.
Stage 2 Security (S2) found it more reasonable to obtain scalable Detection as Code content from SOC Prime rather than fully manage security content development in-house. This enabled the company to essentially reduce the amount of dedicated Cyber Threat Intelligence and research specialists, focusing more on Incident Response, Threat Hunting, Penetration Testing and Content customization to meet the customer needs.
As Threat Detection Marketplace is a cloud-based Software as a Service (SaaS), its implementation is minimal, just requiring the company’s in-house SOC Team to configure the profiles for each client. The global SOC content library allows covering organization-specific threats and continuously keeping SIEMs updated on the latest detection and response scenarios. The magellan’s SOC Team can now search for detections much faster and more efficiently, leveraging curated content written by SOC Prime’s Content Team and Threat Bounty Program developers.
With the purchase of the Premium subscription to SOC Prime Threat Detection Marketplace, the company has unlocked potential for continuous security enhancement applying the unique rule set keenly focused on the telecom attack profile. Mapping content to the MITRE ATT&CK® framework has enabled the company to focus on threats the company anticipates most and significantly improve the overall detection quality.
Joining the SOC Prime Threat Detection Marketplace community has helped UKRSIBBANK to obtain threat detection content without the need to hire an in-house team of threat hunters. Leveraging the Premium Threat Detection Marketplace subscription, UKRSIBBANK has gained an external team of seasoned security professionals who are constantly researching the situation on the market from the cyber-attack perspective. By gaining access to the SOC Prime’s Content as a Service (CaaS) platform, the company has reduced time for detection and mitigation of threats.
In order to extend the existing scalable and innovative log management based on Elasticsearch with SIEM functionalities and detection mechanisms, evoila GmbH was looking for a suitable cybersecurity vendor to do this. The company quickly came across SOC Prime, which was perfectly fitting for the industry-specific needs. Access to the curated and verified content enabled evoila to map the most up-to-date attack vectors directly to the company’s service. With SOC Prime, evoila enhanced their Managed Security Services significantly reducing MTTD.
SOC Prime helps organizations in various industry sectors boost their cyber defense capabilities. Establishing partnership with SOC Prime has helped the European telecom industry leader save time on the SIEM system management and increase the productivity of the company’s InfoSec department. Leveraging the SOC Prime’s product has taken SIEM management to the new level, making it more efficient and streamlined.
SOC Prime has helped the European industry-leading Managed Security Services Provider (MSSP) enhance its SOC enabling the delivery of high-quality security operations to the company’s customers in the areas of Log Management, Security Monitoring, Technical Compliance Monitoring, and Security Analytics. With SOC Prime, the company has managed to constantly keep track of the customers' vulnerabilities and SIEM issues via real-time dashboards and assess the log quality. By automating the majority of administrative tasks, the European MSSP has reduced downtime, errors, and false positives generated by the SIEM in use and saved time on threat detection and incident prevention.