SOC Prime announced the availability of Quick Hunt, a module powered by SOC Prime’s Detection as Code platform that delivers one-click threat hunting capabilities to security teams across the world.
With access to the SOC Prime Threat Detection Marketplace, Quick Hunt allows security teams to hunt for threats by running a query in their SIEM or EDR, enabling the capability to hunt for threats for beginners and improving the efficiency for seasoned experts. Quick Hunt delivers recommended queries based on the peer-driven feedback collected from the SOC Prime Lab, MDR and MSSP partners, and the global threat hunting community. Security teams can instantly reach trending content tailored for their SIEM and EDR shaving seconds off threat investigation.
Quick Hunt provides support for industry-leading SIEM and EDR technologies, including Microsoft Azure Sentinel, Google Chronicle Security, Humio, Splunk, Elasticsearch, CrowdStrike, and Microsoft Defender ATP. Threat hunters can seamlessly switch between platforms and start searching for threats in the selected environment.
“Organizations across the world are stretched thin as they struggle to build security teams that are up to the task of quickly identifying and mitigating the biggest threats to their business,” said Andrii Bezverkhyi, founder and CEO at SOC Prime. “Our Quick Hunt module harnesses the power of the world’s largest and most diverse cybersecurity community in a way that can make anyone a prolific threat hunter.”
The Quick Hunt module is available as part of SOC Prime’s Detection as Code platform, which curates and delivers relevant detection content from nearly 400 researchers, allowing security practitioners to pull over 130,000 various detections into their existing SIEM and EDR platforms.
The SOC Prime Threat Detection Marketplace currently delivers nearly 5,000 hunting queries from the extensive SOC content repository, including the top-rated queries recognized by peer experts and commonly used by the global community of threat hunters. By adding one-click threat hunting capabilities delivered by Quick Hunt, SOC Prime is making it easier than ever before for security teams to effectively identify the most relevant threats to their business.
Quick Hunt also delivers relevant MITRE ATT&CK® details, enabling security teams to drill down to tactics, techniques, and sub-techniques related to the selected query, as well as external threat intelligence platforms, media mentions, OSINT, GitHub links to OST, and external vulnerability knowledge based on CVE ID.
Beginning on November 22, as part of Cyber Monday deal, SOC Prime users will be able to conduct unmetered hunts with Community queries using the Quick Hunt module through the end of the year.
Credit: Source link