Advancing Our Shared Understanding of Adversary TTPs and Empowering Defenders
Boston, MA—SOC Prime, provider of the world’s largest and most advanced platform for collective cyber defense, today announced it has become the MITRE ATT&CK® Benefactor, supporting the evolution of the ATT&CK framework to empower research into emerging threats and promote knowledge sharing on a global scale. SOC Prime’s role as a Benefactor aligns with its vision of sustaining a collective cyber defense system based on global threat intelligence, crowdsourcing, zero-trust, and extended by generative AI, enabling organizations to preempt attacks before they strike.
SOC Prime has been actively leveraging ATT&CK in threat detection practices and initial cyber attack attribution to facilitate its adoption as the industry benchmark while advocating the value of the framework at the EU MITRE ATT&CK Community Workshops since its inception.
The increased sophistication, an exponential rise in volumes, and a disastrous impact of cyber attacks relying on constantly evolving adversary toolkits fuel the need for cutting-edge technologies backed by collective industry expertise. SOC Prime is genuinely honored to become an ATT&CK Benefactor, fostering the framework adoption and its enhanced maturity to help the global cybersecurity community proactively defend against any cyber attack and outspeed adversaries before they have the capability to strike.
Andrii Bezverkhyi, Founder and CEO of SOC Prime
As MITRE ATT&CK sets the ground for global industry collaboration serving a unified framework to categorize and analyze cyber attacks, SOC Prime introduces it as a key pillar of the collective defense engine. Such an approach facilitates solving the practical challenges of talent shortage, proactive defense readiness improvement alongside automated and custom threat hunting scenarios.
Coupled with SOC Prime’s technology and its collection of over 12,000 Sigma and Roota rules, ATT&CK is at the core of remote Hunt Forward Operations capabilities delivered to the private sector, which mirrors the cutting-edge approach used by public sector defense agencies. SOC Prime relies on ATT&CK as a common ground for understanding and collaboration with over 34 MDR partners that provide the first and often the last line of defense to large and small enterprises worldwide.
SOC Prime invented the whole concept of tagging Sigma rules with MITRE ATT&CK and applied it to the public NotPetya investigation and the first-pass attribution in 2017. At the very first MITRE ATT&CK EU Community workshop in 2018 in Luxembourg, we solidified the concept into practice with the support of like-minded cyber defense practitioners.
Sigma and ATT&CK, the two open-source standards, have empowered hundreds of researchers to describe adversary behavior, while Uncoder IO and SOC Prime Platform made it easy and private to share the TTP context with peers in 45 major SIEM, EDR, and Data Lake detection languages. SOC Prime is committed to evolving collective cyber defense as a driving force to outsmart and outpace the coordinated efforts of offensive forces. By relying on the industry-first platform for collective cyber defense, security teams continuously exchange threat intelligence and defense practices to gain an advantage against adversaries. Backed by Threat Detection Marketplace, Uncoder AI, and Attack Detective, SOC Prime provides the fastest possible way to describe the latest adversarial capabilities, an ability to detect them, and intelligence to improve defenses before attacks take place.
As a Benefactor, SOC Prime will actively contribute to sustaining and propelling ATT&CK while helping the global community proactively thwart attacks and outpace adversaries.
About MITRE ATT&CK
MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, government, and the cybersecurity product and service community. With the creation of ATT&CK, MITRE is fulfilling its mission to solve problems for a safer world—by bringing communities together to develop more effective cybersecurity. ATT&CK is open and available to any person or organization for use at no charge. Learn more at https://attack.mitre.org/.
About SOC Prime
Headquartered in Boston, SOC Prime operates the world’s largest and most advanced platform for collective cyber defense based on global threat intelligence, crowdsourcing, zero-trust, and AI. SOC Prime’s innovation, backed by cutting-edge technology leveraging Roota, Sigma, MITRE ATT&CK® as benchmarks for collective cyber defense, is recognized by independent research companies, credited by the leading SIEM, EDR, Data Lake vendors & MDR providers, and trusted by 9,000+ organizations, including 42% of Fortune 100 and 21% of Forbes Global 2000, 14 CERTs, and 90 public sector and defense organizations in key NATO countries. SOC Prime is backed by DNX Ventures, Streamlined Ventures, and Rembrandt Venture Partners, having received $11.5M in funding in October 2021. Flexible subscriptions ensure that both organizations and individual operators can benefit from SOC Prime’s curated detection content and enhanced cyber defense capabilities. For more information, visit https://socprime.com or follow us on LinkedIn & Twitter.