Tag: How to

Overcoming Data Schema Complexity
Overcoming Data Schema Complexity for Your SIEM & XDR with the SOC Prime’s Continuous Content Management Module

Security monitoring teams can bypass significant efforts tied to event data normalization by directly deploying schema-aware detection rules with the SOC Prime’s Continuous Content Management module. Today’s cybersecurity landscape is overwhelmed with SIEM systems, EDR, NTDR & SOAR tools, next-gen XDR solutions, and innovative approaches navigating businesses through technology bottlenecks. Organizations tend to keep up […]

Read More
Uncoder CTI
Uncoder CTI: Step-by-step Guidelines

SOC Prime is thrilled to announce that Uncoder CTI, introduced with the release of the SOC Prime platform for collaborative cyber defense, is now available for public use at https://cti.uncoder.io/. From now, threat intelligence analysts and threat hunters regardless of their experience in the field can try on-the-spot IOC-based hunting for threats using Uncoder CTI. […]

Read More
Enable Continuous Content Management with the SOC Prime Platform

With the release of the SOC Prime Platform for collaborative cyber defense, threat hunting, and threat discovery, the capabilities to fully automate detection content streaming have been also taken to a new level. Now, the Continuous Content Management module is available to all users registered on the SOC Prime Platform with a corporate email address, […]

Read More
Azure Sentinel Definitive Guide: Diving In Microsoft’s Cloud Platform

Gain insights into the comprehensive Azure Sentinel overview and find out why Microsoft’s platform stands out from other popular SIEMs and how to smoothly get started to boost cyber defense capabilities. There is a growing trend toward moving from legacy on-premise security solutions to the cloud, which allows organizations to reduce costs on the infrastructure, […]

Read More
Creating Google Chronicle Rules in Your Environment

Step-by-Step Guidelines SOC Prime continuously evolves partnership with Chronicle to provide Threat Detection Marketplace users leveraging Google Cloud’s security analytics platform with curated YARA-L 2.0 detections tailored to hunt out threats at Google speed. Currently, our Detection as Code platform offers 500+ Community YARA-L rules written by the SOC Prime Team. Also, Chronicle customers can […]

Read More
Creating Microsoft Azure Sentinel Rules in Your SIEM Instance

SOC Prime Threat Detection Marketplace provides access to 6,000+ Microsoft Azure Sentinel detections, including Queries, Rules, Functions, and Incident Response Playbooks mapped directly to MITRE ATT&CK® to match your organization-specific needs. You can seamlessly find the most relevant detections by applying the Microsoft sorting option and deploy content in a matter of clicks to your […]

Read More
SOC Prime Integration with Microsoft Azure Sentinel, New Features

All SOC Prime Team is currently working remotely (hope you do the same) but such conditions didn’t influence our effectiveness and striving to improve Threat Detection Marketplace (TDM) platform. In this blog we’re thrilled to announce SOC Prime’s 4 new TDM features that come thanks to our 3d party integration with Microsoft Azure Sentinel, which […]

Read More
Elastic for Security Analysts. Part 1: Searching Strings.

Purpose: With Elastic increasing their foothold in the cybersecurity space through the speed and scalability of their solution, we expect more new Elastic users. These users will approach Elastic armed with an intuition built from experience with other platforms and SIEMs. Often this intuition will be directly challenged after a few searches in Elastic. The […]

Read More
Short-Cutting the Threat Hunting Process

Why Short-Cut The Threat Hunting Process? As with any security operations endeavor, we want to balance efficacy and efficiency to produce the best results with the smallest amount of resources. Unfortunately, Threat Hunting is often seen as a ‘luxury’, reserved only for the most advanced sec-ops teams with ample budgets to fund expert resources and […]

Read More
SOC Prime Threat Detection Marketplace – Getting Ready to Explore

SOC Prime Threat Detection Marketplace (SOC Prime TDM) is a community-based library of relevant and actionable threat detection content that has been uniting cybersecurity content authors to stand on the defensive of cyberspace to deliver the best content to the community for more than five years already. SOC Prime TDM provides ready-made tested Rule Packs, […]

Read More