In January 2023, SOC Prime launched The Prime Hunt, an open-source browser add-on acting as a single platform-agnostic UI for threat hunters, regardless of a security solution in use. For over one year since The Prime Hunt launch, we have been working on the tool enhancements, broadening the supported technology stack and adding handy features […]
Managed Detection and Response (MDR) providers operate in a realm where maintaining the integrity of client security is paramount despite the constantly evolving threat landscape and 24/7 attack risk. Always fighting on the frontline, the majority of MDR providers are seeking innovative ways to address ever-growing technical debt, overcome the risks of client SLA breach, […]
This guide describes how to deploy Content Packs for QRadar based on the recommended example of the āSOC Prime – Sigma Custom Event Propertiesā content item available on the SOC Prime Platform. This recommended Content Pack contains extended Custom Event Properties used in Sigma translations.Ā Note:SOC Prime recommends installing the Sigma Custom Event Properties Content […]
In February 2023, SOC Prime launched its Discord server community connecting aspiring cybersecurity enthusiasts and seasoned experts in a single place. The community serves as the worldās largest open-source hub for Threat Hunters, CTI and SOC Analysts, and Detection Engineers ā anyone having a genuine passion for cybersecurity. Currently, our Discord server hosts over 1,500 […]
Threat detection engineering (DE) is more complex than it might seem initially. It goes far beyond the detection of events or abnormal activities. The DE process includes detecting states and conditions, which is often more applicable to incident response or digital forensics. As Florian Roth mentions in his blog, the definition of detection engineering āshould […]
Simplify Threat Investigation with a Single UI for All Threat Hunters, Right Within Your Browser SOC Prime launches The Prime Hunt, an open-source browser extension for threat hunting that acts as the industry-first platform-agnostic UI for all threat hunters, no matter what SIEM or EDR they use. The tool enables security engineers to quickly convert, […]
SOC Primeās Detection as Code platform, the world’s largest and most advanced platform for collaborative cyber defense, integrates with 25+ SIEM, EDR, and XDR formats and continuously broadens the support for cloud-based cybersecurity solutions. We are thrilled to announce SOC Primeās integration with LimaCharlie enabling security professionals to obtain the most relevant detection content tailored […]
Security monitoring teams can bypass significant efforts tied to event data normalization by directly deploying schema-aware detection rules with the SOC Primeās Continuous Content Management module. Todayās cybersecurity landscape is overwhelmed with SIEM systems, EDR, NTDR & SOAR tools, next-gen XDR solutions, and innovative approaches navigating businesses through technology bottlenecks. Organizations tend to keep up […]
With the release of the SOC Prime Platform for collaborative cyber defense, threat hunting, and threat discovery, the capabilities to fully automate detection content streaming have been also taken to a new level. Now, the Continuous Content Management module is available to all users registered on the SOC Prime Platform with a corporate email address, […]
Technical Highlights of the New SOC Prime Platform On September 14th, SOC Prime launches the platform for collaborative cyber defense, threat hunting, and threat discovery. The platform helps to detect threats easier, faster, and simpler by leveraging the de facto industry standard for Detection as Code languages (Sigma and Yara-L), the cutting-edge dynamically prioritized MITRE […]