Blog

Interview with Developer: Osman Demir

We present to your attention new interview with the participant in SOC Prime’s Developer Program (https://my.socprime.com/en/tdm-developers). Meet Osman Demir. Tell us a bit about yourself and your experience in threat-hunting. Hello, I’m Osman Demir. I live in Istanbul, Turkey, and I’m 25 years old. I finished my education in Computer Engineering in 2017, and I […]

Read more
SOC Prime Provides Healthcare Organizations With Free SIEM Content For COVID19 Phishing Attacks Detection

In times of the global pandemic, we are witnessing increasing cyber attacks using COVID19 for Phishing. Even more concerning is that Healthcare organizations around the world are being targeted during a time their resources and time are needed on saving lives. Effective March 26, 2020 SOC Prime is providing at no charge to any Healthcare […]

Read more
COVID-19 | Coronavirus Phishing

Introduction COVID-19 / Coronavirus phishing is on the uptick and will likely remain a primary theme/lure for many months to come. This blog post makes recommendations as far as COVID-19 specific phishing and other threats brought on by increased teleworking.

Read more
Elastic for Security Analysts. Part 1: Searching Strings.

Purpose: With Elastic increasing their foothold in the cybersecurity space through the speed and scalability of their solution, we expect more new Elastic users. These users will approach Elastic armed with an intuition built from experience with other platforms and SIEMs. Often this intuition will be directly challenged after a few searches in Elastic. The […]

Read more
SIEM Fundamentals (Part 1): First and Foremost, A Data Collection Problem

Introduction The goal of this series is to put readers in the right mindset when thinking about SIEM and describe how to set themselves up for success. While I’m not a Data Scientist and don’t claim to be, I can confidently say that expecting results in security analytics without first having “good data” to work with is folly. This is why […]

Read more
Interview with Developer: Ariel Millahuel

We took another interview with one of the participants in SOC Prime’s Developer Program (https://my.socprime.com/en/tdm-developers). We want to introduce to you Ariel Millahuel. Ariel, could you please introduce yourself and tell us about your Threat Hunting experience? I’m Ariel Millahuel from Buenos Aires, Argentina and I’m 30 years old. I started in the Threat Hunting […]

Read more
Interview with Developer: Adam Swan

We continue our series of interviews with participants of the Developer Program (https://my.socprime.com/en/tdm-developers), threat hunters and cybersecurity enthusiasts to introduce you to these wonderful people who are searching the web for relevant threats and create unique content for their detection. Meet SOC Prime’s Senior Threat Hunting Engineer – Adam Swan. Adam, tell us a bit […]

Read more
Short-Cutting the Threat Hunting Process

Why Short-Cut The Threat Hunting Process? As with any security operations endeavor, we want to balance efficacy and efficiency to produce the best results with the smallest amount of resources. Unfortunately, Threat Hunting is often seen as a ‘luxury’, reserved only for the most advanced sec-ops teams with ample budgets to fund expert resources and […]

Read more
Interview with Developer: Nate Guagenti

Meet Nate Guagenti Over a decade, Nate has both deployed and engineered network and endpoint SIEMs that have scaled to multiple-TB/day of ingest, while simultaneously using and training others on the deployed solution. As Nate has worked in all facets of IT, he adds the unique experience of someone who has performed both endpoint and network […]

Read more
Interview with Developer: Thomas Patzke

We keep interviewing the developers of our Threat Bounty Program  (https://my.socprime.com/en/tdm-developers) to encourage cybersecurity professionals to develop more Sigma rules, share their threat-detection content and build a stronger community. The previous interview is here https://socprime.com/blog/interview-with-developer-florian-roth/ Meet Thomas Patzke Thomas is one of the most inspiring experts in the cybersecurity community who has 13+ years of […]

Read more