Blog

Interview with Developer: Ariel Millahuel

We took another interview with one of the participants in SOC Prime’s Developer Program (https://my.socprime.com/en/tdm-developers). We want to introduce to you Ariel Millahuel. Ariel, could you please introduce yourself and tell us about your Threat Hunting experience? I’m Ariel Millahuel from Buenos Aires, Argentina and I’m 30 years old. I started in the Threat Hunting […]

Read more
Interview with Developer: Adam Swan

We continue our series of interviews with participants of the Developer Program (https://my.socprime.com/en/tdm-developers), threat hunters and cybersecurity enthusiasts to introduce you to these wonderful people who are searching the web for relevant threats and create unique content for their detection. Meet SOC Prime’s Senior Threat Hunting Engineer – Adam Swan. Adam, tell us a bit […]

Read more
Short-Cutting the Threat Hunting Process

Why Short-Cut The Threat Hunting Process? As with any security operations endeavor, we want to balance efficacy and efficiency to produce the best results with the smallest amount of resources. Unfortunately, Threat Hunting is often seen as a ‘luxury’, reserved only for the most advanced sec-ops teams with ample budgets to fund expert resources and […]

Read more
Interview with Developer: Nate Guagenti

Meet Nate Guagenti Over a decade, Nate has both deployed and engineered network and endpoint SIEMs that have scaled to multiple-TB/day of ingest, while simultaneously using and training others on the deployed solution. As Nate has worked in all facets of IT, he adds the unique experience of someone who has performed both endpoint and network […]

Read more
Interview with Developer: Thomas Patzke

We keep interviewing the developers of our Threat Bounty Program  (https://my.socprime.com/en/tdm-developers) to encourage cybersecurity professionals to develop more Sigma rules, share their threat-detection content and build a stronger community. The previous interview is here https://socprime.com/blog/interview-with-developer-florian-roth/ Meet Thomas Patzke Thomas is one of the most inspiring experts in the cybersecurity community who has 13+ years of […]

Read more
Threat Detection Marketplace – Getting Ready to Explore

Threat Detection Marketplace is a community-based library of relevant and actionable threat detection content that has been uniting cybersecurity content authors to stand on the defensive of cyberspace to deliver the best content to the community for five years already. TDM provides ready-made tested Rule Packs, SIGMA rules, parsers, natively integrating applications as well as […]

Read more
Interview with Developer: Florian Roth

We keep writing a series of interviews with participants of the Developer Program (https://my.socprime.com/en/tdm-developers). The previous interview is here: https://socprime.com/blog/interview-with-developer-lee-archinal/ Meet Florian Roth.  Florian Roth is CTO of Nextron Systems GmbH. He is the creator of APT Scanner THOR – Scanner for Attacker Activity and Hack Tools and the developer of the Nextron’s most comprehensive handcrafted […]

Read more
Threat Hunting Basics: Getting Manual

The purpose of this blog is to explain the necessity for manual (non-alert based) analysis methods in threat hunting. An example of effective manual analysis via aggregations/stack counting is provided. Automation Is Necessary Automation is absolutely critical and as threat hunters we must automate where possible as much as possible. However, automation is built on […]

Read more
Continuous Compliance as a Code P1: Sigma

Compliance has always been a sort of Reactive process since standards are long, take tons of effort and a while to update, even more time to implement and the audit process happens once a year. Coming from the SIEM world I was dealing with Compliance through a prism of canned reports which usually return empty […]

Read more
Interview with Developer: Lee Archinal

We are starting a series of interviews with participants of the Developer Program (https://my.socprime.com/en/tdm-developers) to introduce you to these wonderful people who are searching the web for relevant threats and create unique content for their detection. Meet Lee Archinal! Hello Lee, hope you are inspired enough today to write a bit about yourself and your […]

Read more