We are thrilled to announce SOC Prime’s participation in the Tenth EU MITRE ATT&CK® Community Workshop taking place in Brussels on 7 October 2022. The upcoming event will host cybersecurity professionals around the globe who will provide insights into best industry practices and share their unique use cases of leveraging the MITRE ATT&CK framework for […]
August ‘22 Publications In August, 151 Sigma rules submitted by Threat Bounty Program members passed the SOC Prime acceptance validation and were released on the SOC Prime Platform. Totally, 313 rules were declined during the review’s first iteration for different reasons, including content quality, the detection value of the suggested code, full of partial duplication […]
July ‘22 Updates During the previous month, we introduced several improvements to content validation and Sigma Rules Bot for Threat Bounty, released a number of blog articles providing an extended context to the threat detection rules published by Threat Bounty Program members, and worked in close cooperation with content authors on improving the already existing […]
SOC Prime, Inc., provider of the world’s largest and most advanced threat detection marketplace, pioneer of Detection as Code, and the biggest commercial contributor to the generic Sigma rule language, today announced the appointment of a renowned industry veteran, Paul J. “P.J.” Bihuniak, as Chief Operating Officer (COO) to strengthen the company’s executive team. Paul […]
On July 6, 2022, SOC Prime introduced a Smoking Guns Sigma Rules list enabling the organization of any scale to proactively detect cyber-attacks, perform Threat Hunting for the latest adversarial TTPs, and get a tactical defense advantage for their business during the global cyber war. SOC Prime’s Detection as Code platform users are now equipped […]
June ‘22 Updates This June we introduced several significant updates related to SOC Prime’s Threat Bounty Program to acknowledge the contribution of the Program members and smooth their experience with Sigma rules creation. Now, all SOC Prime users can access detailed information about Threat Bounty authors’ achievements on a dedicated page. Also, the beta version […]
Automatically Pull Queries Tailored to Custom Data Schemas Directly Into Snowflake Environment At SOC Prime, we are committed to delivering Detection-as-Code operations embracing an innovation-driven approach to cybersecurity. In response to a rising trend across global organizations to transition to the cloud, SOC Prime’s Detection as Code platform continuously broadens the support for next-gen cloud-based […]
Instantly Explore the Executable Binary References Linked to Sigma Rules for More Insightful Contextual Information SOC Prime has recently released integration for its cyber threats search engine with EchoTrail.io database. Now, SOC Prime users can streamline threat investigation with the comprehensive information about executable binaries (filenames or hashes) launched on Windows, accessible right from our […]
To enhance global collaborative cyber defense by enabling Detection as Code practices, SOC Prime continuously broadens the support for open-source cybersecurity solutions. We are thrilled to announce a new integration with OpenCTI, an open-source modular Cyber Threat Intelligence platform that aggregates and visualizes information on cyber threats. Through contribution to this CTI platform, SOC Prime […]
In May 2022, the members of SOC Prime Threat Bounty Program contributed 184 unique detections to the Detection as Code platform. The published detections help the global cyber community timely detect emerging threats such as the APT29 phishing campaign, BlackByte Ransomware attack, Microsoft SharePoint RCE (CVE-2022-29108), and many others. The information about the recent detections […]