Automatically Pull Queries Tailored to Custom Data Schemas Directly Into Snowflake Environment At SOC Prime, we are committed to delivering Detection-as-Code operations embracing an innovation-driven approach to cybersecurity. In response to a rising trend across global organizations to transition to the cloud, SOC Primeās Detection as Code platform continuously broadens the support for next-gen cloud-based […]
Adjust Content Deployments to Non-Standard and Alternative Data Schemas At the core of SOC Primeās Detection as Code platform is the world’s largest library of SOC content. Rules are initially written in the Sigma language, a platform-agnostic rule format that allows leveraging the expertise of a global community of 23,000+ security experts. Then the Sigma […]
INTRODUCTION Many blue teams are using MITRE ATT&CKĀ® for advancement in the maturity of their detection and response. Blue teamās arsenal of EDR tools, event logs, and triage tools are all opening up the story of whatās occurring on endpoints. However, anomalies are normal and these alerts and data sources need to be triaged to […]
At SOC Prime, we actively broaden the support of open source projects and constantly enrich our SIEM and XDR stack with cloud-based solutions. Starting from 2020, we evolve the partnership with Chronicle, Google Cloudās security analytics platform, and expand our Detection as Code content base with new YARA-L 2.0 detection rules perfectly tailored to defend […]
To power the continuous threat coverage and promote customersā ability to stay up to date with the latest compatible SOC content, we are consistently improving the automation capabilities of our Detection as Code platform. The latest Threat Detection Marketplace version 4.7.0 ensures even more smooth content streaming directly to the security tool of your choice […]
On April 7, 2021, we released Threat Detection Marketplace version 4.7.0 to reinforce the existing capabilities of our Content-as-a-Service (CaaS) platform and fulfill the requests of our customers. With this latest update, weāve introduced a new login and signup page, provided Google Chronicle sorting option enhancements, extended the Calendly integration within Threat Detection Marketplace functionality, […]
To enhance the Threat Detection Marketplace support for Azure Sentinel and reinforce SOC Primeās collaboration with Microsoft, in April 2021, our Content-as-a-Service (CaaS) platform was added to the list of services available in Azure Marketplace. Get a Threat Detection Marketplace subscription to reach continuous threat coverage with 6K+ curated SOC content items tailored to the […]
Continuous Content Management Updates To boost your threat detection and response speed, we are constantly mastering our Continuous Content Management (CCM) module that enables automated SOC content streaming directly into the security solution of your choice. The latest Threat Detection Marketplace version 4.6.0 brings in major innovations to the CCM functionality, including the expanded list […]
On March 15, 2021, we announced the release of our Education Portal, a brand-new knowledge-sharing space for security performers that provides direct access to free cybersecurity resources, including how-to content guides and webinars hosted by the SOC Prime experts and our partners. Since then, the portal has acquired a new name of Cyber Library and […]
On March 24, 2021, we released version 4.6.0 of Threat Detection Marketplace to enhance the existing capabilities of our Detection as Code platform. With this latest upgrade, weāve launched the Calendly integration to provide on-the-fly communication with the Customer Success Team and added the ability for our customers to invite their colleagues and peers to […]