Continuously Stream Selected Detection Content from the SOC Prime Platform to Your GitHub Repository SOC Prime launches integration with GitHub, enabling security engineers to automatically push prioritized detection content directly to a private GitHub repository. By enabling this capability, teams can stream detection algorithms that match predefined criteria and their current security needs to the […]
Insights into Proactive Threat Detection & Automated Threat Hunting in the Era of Security Data Lakes On May 30, 2023, SOC Prime, provider of the foremost platform for collective cyber defense, announced its support for Amazon Security Lake. For a one-year period since the integration release, SOC Prime has helped organizations supercharge threat detection and […]
In January 2023, SOC Prime launched The Prime Hunt, an open-source browser add-on acting as a single platform-agnostic UI for threat hunters, regardless of a security solution in use. For over one year since The Prime Hunt launch, we have been working on the tool enhancements, broadening the supported technology stack and adding handy features […]
SOC Prime is committed to fostering collective cyber defense based on global threat intelligence, crowdsourcing, zero-trust, and extended by generative AI, enabling organizations to preempt attacks before they strike. One of the key pillars of collective cyber defense is active contribution to open-source projects that sets the ground for global industry collaboration by promoting knowledge […]
Part 2: Environment-Dependent Terms Overview of Series This is part 2 of a multi-part series that will cover frequent mistakes SOC Prime observes regularly in SIGMA. We will cover everything from common rule logic errors to common schema problems, and even some more obscure “gotchas” to think about. Some of these ideas will extend beyond […]
Adversaries behind a cross-platform BianLian ransomware target businesses in Australia, North America, and the UK, attacking multiple industries, including media and entertainment, healthcare, education, and manufacturing. The ransomware strain first surfaced in December 2021 and, according to recent reports, is currently undergoing active development. BianLian Ransomware Gang has already compromised at least 20 companies; however, […]
Lots of children break things not because they are little evil creatures but because they are curious about “how it’s made.” Eventually, some of those children grow up and become Cybersecurity Analysts. They do basically the same but in an adult world. Malware analysis is the process of studying a malware sample to understand what […]
Cyber Threat Hunting is a novel approach to Threat Detection which is aimed at finding cyber threats within an enterprise’s network before they do any harm. This includes deliberately looking for weak spots as well as any signs of ongoing attacks within a digital infrastructure. Threat Hunting is more complex than passive Threat Detection and […]
A good threat hunting hypothesis is key to identifying weak spots in an organization’s digital infrastructure. Just learn to ask the right questions, and you will get the answers that you’re looking for. In this blog post, we review a proactive threat hunting methodology: Hypothesis-Driven Threat Hunting. Let’s dive right in! Detect & Hunt Explore […]
In our series of guides on Threat Hunting Basics, we’ve already covered multiple topics, from techniques and tools threat hunting teams use to the certifications for professionals and beginners. But what makes good Cyber Hunting, and how can you evaluate it? One of the ways to measure the effectiveness of the hunting procedures is by […]