Tag: IOC

Access Uncoder AI Functionality via API
Access Uncoder AI Functionality via API

How It Works The Uncoder AI API provides access to the platform’s core functionality, enabling integration into your existing CI/CD pipelines or other automated workflows. You can generate a secure API key with a custom name, access scope, expiration, and IP restrictions. Once activated, the API lets you: Translate and validate Sigma rules automatically Parse […]

Read More
Hot OSINT Indicators
Hot OSINT Indicators

How It Works The “Hot OSINT Indicators” tab within Uncoder AI extends the built-in Threat Detection Marketplace search with continuously updated TLP:CLEAR threat intelligence. This data is sourced from publicly disclosed CERT-UA reports and is presented in a structured, query-ready format for immediate operational use. The interface allows users to filter through IOCs categorized by […]

Read More
From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action
From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action

How It Works Threat reports often contain valuable Indicators of Compromise (IOCs) — hashes, IP addresses, domain names — that security teams need to operationalize quickly. But manually copying and converting them into queries for platforms like Microsoft Sentinel is slow, error-prone, and distracting from real response. Uncoder AI eliminates this bottleneck by automatically extracting […]

Read More
Practical Guide to Converting IOCs to SIEM Queries with Uncoder AI
Practical Guide to Converting IOCs to SIEM Queries with Uncoder AI

What are IOCs, and what is their role in cybersecurity?  In cybersecurity operations, Indicators of Compromise — such as IP addresses, file hashes, domains, and URLs — serve as crucial forensic evidence for identifying malicious activities within the organization’s network. These artifacts are essential to enabling security teams to detect potential cyber threats. To leverage […]

Read More
What Is Threat Intelligence?
What Is Threat Intelligence?

At least for two decades, we have been witnessing relentless changes in the threat landscape towards growth and sophistication, with both rough actors and state-sponsored collectives devising sophisticated offensive campaings against organizations globally. In 2024, adversaries, on average, proceed with 11,5 attacks per minute. Simultaneously, it takes 277 days for SecOps teams to detect and […]

Read More
The Prime Hunt v1.4.2: Chronicle Security Support & Mail Templates for Streamlined IOC Sharing
The Prime Hunt v1.4.2: Chronicle Security Support & Mail Templates for Streamlined IOC Sharing

In January 2023, SOC Prime launched The Prime Hunt, an open-source browser add-on acting as a single platform-agnostic UI for threat hunters, regardless of a security solution in use. For over one year since The Prime Hunt launch, we have been working on the tool enhancements, broadening the supported technology stack and adding handy features […]

Read More
SOC Prime Now Supports OpenCTI Integration
SOC Prime Now Supports OpenCTI Integration

To enhance global collaborative cyber defense by enabling Detection as Code practices, SOC Prime continuously broadens the support for open-source cybersecurity solutions. We are thrilled to announce a new integration with OpenCTI, an open-source modular Cyber Threat Intelligence platform that aggregates and visualizes information on cyber threats. Through contribution to this CTI platform, SOC Prime […]

Read More