We are happy to announce that we have hit another major milestone on the way to delivering continuous security intelligence to the worldwide community. In a strong collaboration between the SOC Prime Team and our Threat Bounty Developer Program members, at the beginning of March 2021, we reached the number of 100,000 Detection and Response rules available in Threat Detection Marketplace.Ā
Currently, we provide Detection as Code operations to more than 5,000 organizations and the latest threat context to 13,800+ people around the globe, enabling behavior-based detection of the critical exploits, attack tools, or techniques. Our content-as-a-service (CaaS) platform provides enrichment, integration, and automation algorithms to support security performers while translating big data, logs, and cloud telemetry into cybersecurity signals. Over 300 authors contribute to our SOC content library on a daily basis, boosting the joint efforts in combating emerging threats.Ā
The hyperdrive pace of detection and the continuous threat coverage is possible thanks to our Threat Bounty members who craft and upload detections while keeping abreast of the latest security trends. Notably, last year saw impressive growth of our Threat Bounty Program. The number of community developers doubled, welcoming more trusted experts and seasoned threat content developers to the Threat Detection Marketplace community. Their contribution delivered three times as much content as compared to the year of 2019, allowing us to reach 100,000 curated cross-tool detections that can be applied to more than 20+ SIEM, EDR, and NTDR language formats.Ā
To support the community efforts and the exchange of threat hunting experience, in 2020, we launched a dedicated Slack space that facilitates live discussions amongst SOC Analysts, SIEM Administrators, DevOps, Threat Hunters, Detection Engineers, and any InfoSec practitioners involved. We believe that chats for bug reporting and here-and-now talks help security enthusiasts in their battle against the existing challenges. You can now join this Slack space right from Threat Detection Marketplace to get even closer to our threat hunting community. Read our blog post on the latest Threat Detection Marketplace release (version 4.4.3) where you can find more information on the Slack community and the most recent platform enhancements.Ā
While extending the number of SOC content items, we also broaden the detection capabilities with support for the cloud-native language format. Right now we can speak Microsoft Azure Sentinel, Google Chronicle Security, Sumo Logic, Humio, and Elastic Cloud. 30,000+ cross-platform on-the-fly translations are now available for these cloud-native environments.Ā
To enable proactive exploit detection, our SOC Prime Team and Threat Bounty developers are constantly keeping an eye on ever-changing attack vectors to deliver detections even earlier than the patch release or just a couple of days after patching. Check out our most recent blog post covering the zero-day vulnerabilities in Microsoft Exchange Server exploited in the wild and download free Sigma rules developed by the SOC Prime Team in collaboration with Microsoft to spot the potential malicious activity in the server.Ā
Subscribe to our industry-leading Threat Detection Marketplace platform to supercharge your cyber defense capabilities and unleash the full potential of SecOps teams. Our CaaS platform allows reducing the MTTD and MTTR while boosting ROI for the most popular security solutions in use by streaming cross-platform detections directly to the SIEM, EDR, and NTDR tools of your choice. Are you eager to join our community of security professionals and contribute to the threat hunting initiatives? Become a member of Threat Bounty Program, craft your own detection content, and get rewarded for your input.
