Tag: Threat Detection Marketplace

Meet New SOC Prime Platform for Collaborative Cyber Defense

From Threat Detection Marketplace to the Industry-Wide Collaboration for Better Cyber Defense When starting SOC Prime, we had a dream to make threat detection easier, faster, and simpler globally. This called for innovation on a technical level, with a key focus on attack behavior. Therefore, since 2016, the SOC Prime team has customized the MITRE […]

Read More
SOC Prime’s Innovation for Collaborative Cyber Defense

Technical Highlights of the New SOC Prime Platform On September 14th, SOC Prime launches the platform for collaborative cyber defense, threat hunting, and threat discovery. The platform helps to detect threats easier, faster, and simpler by leveraging the de facto industry standard for Detection as Code languages (Sigma and Yara-L), the cutting-edge dynamically prioritized MITRE […]

Read More
Microsoft Exchange ProxyShell Attack
Microsoft Exchange ProxyShell Attack Detection

Thousands of Microsoft Exchange servers remain vulnerable to ProxyShell remote code execution vulnerabilities despite the patches issued in April-May. To make things even worse, security researchers are observing a significant spike in scans for vulnerable Exchange servers, after the technical overview of the ProxyShell attack was revealed at the Black Hat conference on August 4-5, […]

Read More
interview Onur Atali
Interview with Threat Bounty Developer: Onur Atali

Meet the latest newscast about the SOC Prime Developers community! Today we want to introduce Onur Atali, a keen developer contributing to our Threat Bounty Program since June 2021. Onur is an active content creator, concentrating his efforts on Sigma rules. You can refer to Onur’s detections of the highest quality and value in Threat […]

Read More
Threat Detection Marketplace Version 4.15.0 Is Released

On July 28, 2021, SOC Prime released the latest Threat Detection Marketplace version 4.15.0 introducing new features and improvements for a more insightful platform experience. This update brings in a number of content quality enhancements to Azure Sentinel, Chronicle Security, Splunk, the Elastic Stack, and SentinelOne, adds to a more streamlined search experience on the […]

Read More
Azure Sentinel Definitive Guide: Diving In Microsoft’s Cloud Platform

Gain insights into the comprehensive Azure Sentinel overview and find out why Microsoft’s platform stands out from other popular SIEMs and how to smoothly get started to boost cyber defense capabilities. There is a growing trend toward moving from legacy on-premise security solutions to the cloud, which allows organizations to reduce costs on the infrastructure, […]

Read More
Latest Updates to Continuous Content Management Module

To keep your SIEM constantly updated with the cutting-edge compatible SOC content and skyrocket your threat detection speed, the SOC Prime Team is continuously advancing the Continuous Content Management (CCM) module for Threat Detection Marketplace. The latest platform releases (4.11.0 – 4.14.0) introduce a list of major enhancements to the CCM functionality that ensures smooth […]

Read More
DevilsTongue Detection
DevilsTongue Spyware Detection

Israeli spyware firm Candiru supplied zero-day exploits to the nation-baked actors globally, Microsoft and Citizen Lab revealed. According to the analysis, Candiru leveraged previously unknown zero-day bugs in Windows and Chrome to power its high-end spyware dubbed DevilsTongue. Although DevilsTongue was marketed as a “mercenary software” facilitating surveillance operations for government agencies, it was identified […]

Read More
HiveNightmare (CVE-2021-36934) detection
Detect HiveNightmare (CVE-2021-36934) Exploitation Attempts

July 2021 proceeds to be a really hot and tough month in terms of the loud cybersecurity events. While the world of cyber is still recovering from PrintNighmare vulnerability (CVE-2021-1675), Kaseya supply chain attack, and SolarWinds Serv-U zero-day (CVE-2021-35211), Windows has officially announced a new notorious flaw within its products. A recently disclosed HiveNightmare (aka […]

Read More
Threat Detection Marketplace Version 4.14.0 Is Released

On July 14, 2021, SOC Prime released Threat Detection Marketplace version 4.14.0 to enhance the platform capabilities and deliver an even more streamlined experience to our customers. With this latest update, we introduce the ability to deploy Azure Sentinel Workbooks and Sumo Logic CSE Rules, add more content quality enhancements to Azure Sentinel, Chronicle Security, […]

Read More