SOC Prime Provides Healthcare Organizations With Free SIEM Content For COVID19 Phishing Attacks Detection

In times of the global pandemic, we are witnessing increasing cyber attacks using COVID19 for Phishing. Even more concerning is that Healthcare organizations around the world are being targeted during a time their resources and time are needed on saving lives. Effective March 26, 2020 SOC Prime is providing at no charge to any Healthcare organisation in the world, the security content and rules for the proactive detection of phishing. This is now instantly available for free to 48 Hospitals and Pharmaceutical organizations in the United States and a total of 55 Healthcare organizations worldwide. All of these named organizations will have free access activated the next time they sign in to the community version of SOC Prime’s Threat Detection Marketplace.

Activate your existing cyber defenses and focus on the physical realm.

Detection content is supported for the most common cyber defense systems, specifically Security Information and Event Management (SIEM) and log analytics platforms worldwide, such as Splunk and Elasticsearch. If you are using a warm tube ArcSight or good ol’ Qradar, the detections are also available via search APIs such as keyword, full-text, and AQL queries. Healthcare providers using cloud-native SIEMs are supported for SumoLogic as well as Microsoft Azure Sentinel. We also support EDR solutions such as CarbonBlack, CrowdStrike, Microsoft Windows Defender ATP, Microsoft Sysmon, as well as Endgame / Elastic Endpoint. Rules and queries can be deployed in seconds and are ready for early threat detection in minutes without intervening with any endpoint or remote works systems.

 

How to get started?

You can register for community access to SOC Prime Threat Detection Marketplace at https://tdm.socprime.com

For organizational guidance, security awareness, mitigation advisory and MITRE ATT&CK mapping, refer to blog post by Adam Swan, our Senior Threat Hunting Engineer: https://socprime.com/en/blog/covid-19-coronavirus-phishing/

 

So what is included exactly for any Healthcare organization in the world?

  • 500+ TTP-based Phishing detection rules in Sigma, Elastic, ArcSight, Splunk, Microsoft Sentinel, Qradar, SumoLogic, CarbonBlack and other languages
  • Free API access for 60 days for automation
  • Free Custom Data Schema Mapper access for 60 days
  • 4 one-hour Customer Success sessions over Zoom to speed up onboarding

The real deal to secure the global healthcare sector in minutes. No strings attached.

Our content will directly increase detection capabilities of what you have in place by improving algorithms. The detection quality increase we observe is an order of magnitude. We deliver a real TTP (Tactics, Techniques, Procedures) and Behavior detection arsenal straight to the SIEM you have today. This is not a free trial, this is free content for defending your organizations from phishing. The least we can do to help is share our knowledge. Please invite your peers in the industry too. Stay safe.