How It Works The Uncoder AI API provides access to the platform’s core functionality, enabling integration into your existing CI/CD pipelines or other automated workflows. You can generate a secure API key with a custom name, access scope, expiration, and IP restrictions. Once activated, the API lets you: Translate and validate Sigma rules automatically Parse […]
How It Works Uncoder AI integrates native search across the entire SOC Prime Platform, including all repositories accessible via Threat Detection Marketplace. Detection engineers can instantly query through over 500,000 rules and queries — spanning 15+ community and proprietary sources — all categorized by language, platform, threat actor, and use case relevance. As shown in […]
How It Works Uncoder AI acts as a modern integrated development environment (IDE) tailored for detection engineers. At its core is a specialized code editor that supports writing and refining detection logic with precision and speed. The editor recognizes the detection language automatically and adapts syntax highlighting accordingly. Whether you’re working with Sigma or Roota, […]
How It Works Uncoder AI makes it easy to translate Sigma rules into detection formats used by 48 different platforms. Users simply select the desired output language—like Splunk, Sentinel, or CrowdStrike Falcon—and Uncoder AI instantly generates a syntactically valid detection in the chosen format. The translation happens entirely within SOC Prime’s infrastructure, ensuring privacy and […]
How It Works The MITRE ATT&CK framework is the gold standard for structuring detection logic by adversary techniques. But tagging Sigma rules manually with appropriate ATT&CK techniques is a time-consuming, detail-heavy task that requires expertise in both detection syntax and adversarial behavior mapping. Uncoder AI changes that by automatically predicting MITRE ATT&CK tags for Sigma […]
XE Group, likely a Vietnam-linked hacking collective that has been active in the cyber threat arena for over a decade is believed to be behind the exploitation of a couple of VeraCore zero-day vulnerabilities. During the latest campaign, adversaries weaponized VeraCore flaws tracked as CVE-2024-57968 and CVE-2025-25181 to deploy reverse shells and web shells, ensuring […]
Since a full-scale invasion of Ukraine, cybercriminal groups of russian origin have relentlessly targeted the Ukrainian state bodies and business sectors for espionage and destruction. Recently, cybersecurity researchers uncovered a massive cyber-espionage campaign exploiting a 7-Zip zero-day vulnerability to deliver SmokeLoader malware. The campaign’s ultimate objective was cyber espionage, intensifying the digital frontlines of the […]
Lumma Stealer, nefarious info-stealing malware, resurfaces in the cyber threat arena. Defenders recently uncovered an advanced adversary campaign distributing Lumma Stealer through GitHub infrastructure along with other malware variants, including SectopRAT, Vidar, and Cobeacon. Detect Lumma Stealer, SectopRAT, Vidar, Cobeacon Deployed via GitHub Lumma Stealer is a notorious data-stealing malware that extracts credentials, cryptocurrency wallets, […]
Financially motivated hackers are behind an ongoing malicious campaign targeting Poland and Germany. These phishing attacks aim to deploy multiple payloads, including Agent Tesla, Snake Keylogger, and a novel backdoor dubbed TorNet, which is delivered via PureCrypter malware. Detect TorNet Backdoor A significant rise in phishing campaigns, with a 202% increase in phishing messages over […]
Defenders shed light on a set of vulnerabilities in Ivanti Cloud Service Appliances (CSA) that can be chained for further exploitation. The latest joint alert by CISA and FBI notifies the global defender community of at least two exploit chains using Invanti vulnerabilities tracked as CVE-2024-8963, CVE-2024-9379, CVE-2024-8190, and CVE-2024-9380. Adversaries can take advantage of exploit […]