To enhance the Threat Detection Marketplace support for Azure Sentinel and reinforce SOC Prime’s collaboration with Microsoft, in April 2021, our Content-as-a-Service (CaaS) platform was added to the list of services available in Azure Marketplace. Get a Threat Detection Marketplace subscription to reach continuous threat coverage with 6K+ curated SOC content items tailored to the Azure Sentinel cloud-native SIEM. Also, you can enable our Continuous Content Management (CCM) module for Threat Detection Marketplace to automatically stream new and updated detections directly into your Azure Sentinel environment.
Threat Detection Marketplace Integration with Azure Sentinel
Starting from 2020, SOC Prime is constantly expanding the Threat Detection Marketplace support for Azure Sentinel to help organizations boost their cyber defense capabilities. Our Detection as Code platform enables full Continuous Integration (CI) / Continuous Delivery (CD) workflow for cyber defense operations by providing seamless deployment and customization of Azure-specific cross-tool SOC content like Queries, Rules, Functions, and Incident Response Playbooks mapped to the MITRE ATT&CK®framework.
Security performers, including CISOs, SOC Managers, Detection Engineers, and Threat Hunters can speed up the threat detection lifecycle and increase their team productivity by optimizing rule and query building with custom use cases for Azure Sentinel matching the company’s threat profile and tailored to the specific cybersecurity role.
Currently, Threat Detection Marketplace offers over 6K pieces of exclusive detection content for the Azure Sentinel SIEM. You can either manually deploy SOC items relevant to the needs of your organization or apply a fully automated content management system with our CCM module powered by Threat Detection Marketplace and enabled by Azure Sentinel’s API. By integrating CCM into the daily workflow, SecOps teams can seamlessly deliver strategic detection objectives by streaming curated SOC content directly into their Azure Sentinel environment. Particularly, by using the CCM module security operation team members can:
- Speed Up Threat Detection Lifecycle
- Automatically Populated Dynamic Content Lists (Queries, Rules, Functions)
- Scheduled Content Push
- Streamline Rule Management
- Centralized Rule Management Interface (Inventory, History)
- Modular Rule Deployment Presets & Configurations (Filters, Presets)
To help security performers delve into what Threat Detection Marketplace offers for Azure Sentinel, earlier this year, we announced the extension of the Community access for Azure Sentinel users. Customers can now download the Premium content generally available only for paid subscribers alongside possessing regular Community advantages.
Start Your Azure Sentinel Journey with Threat Detection Marketplace
To smoothly get started, join the Cyber Library to gain direct access to cybersecurity knowledge for free and explore how-to content deployment guides for the Azure Sentinel language format.
For security practitioners who would like to professionally leverage the SOC Prime’s offerings for their Azure Sentinel environment, Threat Detection Marketplace provides a number of subscription options. Organizations can choose a plan tailored to their business needs and aimed at boosting the cyber defense potential for the Azure Sentinel cloud-native technologies.
Searching for the best SOC content compatible with your SIEM, EDR, and NTDR solutions in use? Get a subscription to our Threat Detection Marketplace and obtain 100K+ detection and response rules easily convertible to various language formats. The content base enriches every day thanks to the joint efforts of our international community of 300+ security performers. Enjoy coding and eager to contribute to the industry-first SOC content library? Join our Threat Bounty Program!
