Detect attacks exploiting SimpleHelp RMM software using CVE-2024-57727 and other flaws by DragonForce actors with Sigma rules from SOC Prime Platform.

SOC Prime

13.06.2025

Convert Sigma DNS Rules to Cortex XSIAM with Uncoder AI | SOC Prime

Use Uncoder AI to convert Sigma DNS rules into Palo Alto Cortex XSIAM queries for Katz Stealer domain detection

SOC Prime

13.06.2025

CVE-2025-32711 Vulnerability: “EchoLeak” Flaw in Microsoft 365 Copilot Could Enable a Zero-Click Attack on an AI Agent | SOC Prime

Explore the CVE-2025-32711 analysis, causing a zero-click attack on an AI agent, with the details on SOC Prime blog and relevant Sigma rules.

SOC Prime

13.06.2025

Linux Syscall Threat Detection in Splunk with Uncoder AI | SOC Prime

Use Uncoder AI to convert Sigma syscall rules into Splunk SPL for detecting mknod-based persistence in Linux systems

SOC Prime

13.06.2025

Detect DNS Threats in Google SecOps: Katz Stealer Rule Conversion with Uncoder AI | SOC Prime

Translate Sigma DNS rules into Google SecOps UDM queries to detect Katz Stealer domain activity in enterprise environments.

SOC Prime

13.06.2025

From Sigma to SentinelOne: Detecting Password Access via Notepad with Uncoder AI | SOC Prime

Detect Notepad access to password files by translating Sigma rules into SentinelOne event queries using Uncoder AI

SOC Prime

13.06.2025

Cross-Platform Rule Translation: From Sigma to CrowdStrike with Uncoder AI | SOC Prime

Translate Sigma rules to CrowdStrike Endpoint Search with AI-powered accuracy for detecting suspicious Deno file activity.

SOC Prime

13.06.2025

AI-Powered Query Validation for Cortex XSIAM Detection | SOC Prime

Use Uncoder AI to validate and optimize Palo Alto Cortex XSIAM queries with AI-driven syntax and logic analysis.

SOC Prime

13.06.2025

Sigma-to-MDE Query Conversion: DNS Detection for Katz Stealer via Uncoder AI | SOC Prime

Detect Katz Stealer domains by converting Sigma DNS rules into Microsoft Defender for Endpoint queries using Uncoder AI

SOC Prime

13.06.2025

AI Validation for Sentinel Queries: Smarter KQL with Uncoder AI | SOC Prime

Automatically validate and optimize Microsoft Sentinel KQL detection logic using AI-generated analysis and performance tips.

SOC Prime

13.06.2025

Detect Linux Reconnaissance in Microsoft Sentinel with Sigma-to-KQL Conversion | SOC Prime

Convert Linux Sigma rules for sysinfo syscall into Microsoft Sentinel queries using Uncoder AI to catch discovery techniques

SOC Prime

12.06.2025

CVE-2025-33073: Windows SMB Client Zero-Day Lets Attackers Gain SYSTEM Privileges | SOC Prime

Explore CVE-2025-33073, a Windows SMB client elevation of privileges vulnerability, with overview and mitigation tips in the SOC Prime blog.

SOC Prime

12.06.2025

CVE-2025-33053 Exploitation: A Critical WebDAV Zero-Day RCE Vulnerability Actively Weaponized by Stealth Falcon APT Group | SOC Prime

Explore the details of CVE-2025-33053 vulnerability, an actively exploited zero-day flaw in WebDAV, with a deep analysis on SOC Prime blog.

SOC Prime

11.06.2025

How AI Can Be Used in Threat Detection | SOC Prime

Learn about AI threat detection, explore its benefits, concepts, and use cases, and discover how SOC Prime overcomes risks with ethical AI.

SOC Prime

07.06.2025

IOC Intelligence to Google SecOps: Automated Conversion with Uncoder AI | SOC Prime

Convert IOC-based threat reports into Google SecOps Query (UDM) rules with AI-powered detection logic generation.

SOC Prime

07.06.2025

CVE-2025-5419 Vulnerability: New Google Chrome Zero-Day Actively Exploited in the Wild | SOC Prime

Explore the details of CVE-2025-5419 vulnerability in Google Chrome V8 exploited in the wild, with an in-depth analysis on SOC Prime blog.

SOC Prime

06.06.2025

CVE-2025-20286 Vulnerability Exploitation: Critical Cisco ISE Flaw Affects AWS, Microsoft Azure, and OCI Cloud Deployments | SOC Prime

Check out details for CVE-2025-29927 vulnerability in Cisco ISE on AWS, Azure, and OCI cloud deployments, with a deep dive on SOC Prime blog.

SOC Prime

06.06.2025

IOC-to-CSQL Detection for Gamaredon Domains | SOC Prime

Uncoder AI builds CrowdStrike CSQL queries using DomainName conditions and validates syntax for CERT-UA#13738 IOCs.

SOC Prime

06.06.2025

AI-Validated Hostname Filtering for Chronicle Queries | SOC Prime

Uncoder AI analyzes and optimizes Google SecOps hostname queries for faster Chronicle UDM detection logic and field-level accuracy.

SOC Prime

06.06.2025

AI-Assisted Domain Detection Logic for Carbon Black in Uncoder AI | SOC Prime

Uncoder AI builds and validates Carbon Black Cloud queries using netconn_domain for CERT-UA#12463 IOCs.

SOC Prime

06.06.2025

URL-Based IOC Validation for Microsoft Defender KQL | SOC Prime

Uncoder AI verifies and optimizes Microsoft Defender KQL queries using RemoteUrl filtering for CERT-UA#11689 indicators.

SOC Prime

05.06.2025

AI-Generated MDE Queries from APT28 Clipboard Attacks | SOC Prime

Uncoder AI creates Microsoft Defender KQL using RemoteUrl conditions to detect domain IOCs from CERT-UA APT28 clipboard exploits.

SOC Prime

05.06.2025

Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI | SOC Prime

Uncoder AI builds Microsoft Sentinel queries targeting suspicious .zip filenames and known C2 domains like imgurl.ir for threat detection.

SOC Prime

05.06.2025

Instant Domain Matching Logic for Splunk via Uncoder AI | SOC Prime

Uncoder AI auto-generates Splunk SPL queries using dest_host logic for domain-based detection from CERT-UA threat reports.

SOC Prime

05.06.2025

Domain-Based IOC Detection for Carbon Black in Uncoder AI | SOC Prime

This Uncoder AI feature demonstrates automated generation of a VMware Carbon Black detection query based on domain-level indicators of compromise (IOCs) extracted from a threat report.

SOC Prime

05.06.2025

Full Detection Logic for LITERNAMAGER in Cortex XSIAM via Uncoder AI | SOC Prime

Uncoder AI converts LITERNAMAGER threat intel into Cortex XSIAM XQL covering process, registry, and C2 domains for layered detection.

SOC Prime

04.06.2025

CyberLock, Lucky_Gh0$t, and Numero Detection: Hackers Weaponize Fake AI Tool Installers in Ransomware and Malware Attacks | SOC Prime

Detect CyberLock, Lucky_Gh0$t ransomware, and Numero malware used in attacks that rely on fake AI tools with Sigma rules from SOC Prime.

SOC Prime

31.05.2025

APT41 Attack Detection: Chinese Hackers Exploit Google Calendar and Deliver TOUGHPROGRESS Malware Targeting Government Agencies | SOC Prime

Detect APT41 attacks abusing Google Calendar for C2 operations and TOUGHPROGRESS malware delivery with Sigma rules from SOC Prime Platform.

SOC Prime

29.05.2025

AI-Generated Carbon Black Detection Rule for DarkCrystal RAT Campaign | SOC Prime

Use Uncoder AI to detect CERT-UA DarkCrystal RAT via Carbon Black rules matching hashes, URLs, and process names

SOC Prime

28.05.2025

AI-Powered SPL Rule Generation for WRECKSTEEL IOC Detection | SOC Prime

Generate Splunk SPL rules using Uncoder AI for CERT-UA WRECKSTEEL, detecting PowerShell download cradles and IOC-linked traffic

SOC Prime

28.05.2025

BadSuccessor Detection: Critical Windows Server Vulnerability Can Compromise Any User in Active Directory | SOC Prime

Detect BadSuccessor attacks exploiting a Windows Server 2025 vulnerability, leading to full AD compromise, with Sigma rules from SOC Prime.

SOC Prime

27.05.2025

AI-Powered IOC Parsing for WRECKSTEEL Detection in CrowdStrike | SOC Prime

Analyze WRECKSTEEL via CrowdStrike EQL with Uncoder AI’s IOC mapping, detection logic breakdown, and execution chain analysis

SOC Prime

27.05.2025

IOC-to-Query Conversion for SentinelOne in Uncoder AI | SOC Prime

Uncoder AI auto-generates SentinelOne DNS queries from APT28 IOCs like mail.zhblz.com, enabling fast, case-insensitive threat detection.

SOC Prime

27.05.2025

AI-Generated SentinelOne DNS Query for WRECKSTEEL Detection | SOC Prime

Use Uncoder AI to generate DNS IOC queries for SentinelOne based on CERT-UA WRECKSTEEL campaign indicators

SOC Prime

24.05.2025

IOC-to-Query Generation for Google SecOps (Chronicle) in Uncoder AI | SOC Prime

Quickly turn IOCs into Chronicle UDM queries with Uncoder AI. Detect phishing domains fast in Google SecOps.

SOC Prime

24.05.2025

AI-Driven IOC Conversion for Palo Alto Cortex XSIAM Queries | SOC Prime

Auto-generate Cortex XSIAM detection logic from CERT-UA WRECKSTEEL IOCs with Uncoder AI to detect PowerShell-based downloaders

SOC Prime

24.05.2025

IOC Query Generation for Microsoft Sentinel in Uncoder AI | SOC Prime

This feature of Uncoder AI provides instant conversion of threat intelligence into ready-to-use Microsoft Sentinel KQL queries. The example shown is based on a real-world report — CERT-UA#11689, linked to APT28 — involving clipboard-based PowerShell loaders and credential theft via fake domains.

SOC Prime

23.05.2025

Detect APT28 Attacks: russian GRU Unit 26156 Targets Western Logistics and Technology Companies Coordinating Aid to Ukraine in a Two-Year Hacking Campaign | SOC Prime

Detect APT28 aka GRU-backed Unit 26156 against Western Logistics and tech companies with Sigma rules from SOC Prime Platform.

SOC Prime

21.05.2025

ELPACO-Team Ransomware Attack Detection: Hackers Exploit Atlassian Confluence Vulnerability (CVE-2023-22527) to Gain RDP Access and Enable RCE | SOC Prime

Detect CVE-2023-22527 exploitation for RDP access and RCE to drop ELPACO-team ransomware using Sigma rules from SOC Prime Platform.

SOC Prime

20.05.2025

CVE-2025-4427 and CVE-2025-4428 Detection: Ivanti EPMM Exploit Chain Leading to RCE | SOC Prime

Detect CVE-2025-4427 and CVE-2025-4428 exploit chain affecting Ivanti EPMM software to gain RCE with a Sigma rule from SOC Prime Platform.

home›SOC Prime›Software

SOC Prime - Software

Detect SimpleHelp RMM Vulnerability Exploitation: CISA Warns of Threat Actors Abusing Unpatched Flaws for Persistent Access and Ransomware Deployment | SOC Prime

Convert Sigma DNS Rules to Cortex XSIAM with Uncoder AI | SOC Prime

CVE-2025-32711 Vulnerability: “EchoLeak” Flaw in Microsoft 365 Copilot Could Enable a Zero-Click Attack on an AI Agent | SOC Prime

Linux Syscall Threat Detection in Splunk with Uncoder AI | SOC Prime

Detect DNS Threats in Google SecOps: Katz Stealer Rule Conversion with Uncoder AI | SOC Prime

From Sigma to SentinelOne: Detecting Password Access via Notepad with Uncoder AI | SOC Prime

Cross-Platform Rule Translation: From Sigma to CrowdStrike with Uncoder AI | SOC Prime

AI-Powered Query Validation for Cortex XSIAM Detection | SOC Prime

Sigma-to-MDE Query Conversion: DNS Detection for Katz Stealer via Uncoder AI | SOC Prime

AI Validation for Sentinel Queries: Smarter KQL with Uncoder AI | SOC Prime

Detect Linux Reconnaissance in Microsoft Sentinel with Sigma-to-KQL Conversion | SOC Prime

CVE-2025-33073: Windows SMB Client Zero-Day Lets Attackers Gain SYSTEM Privileges | SOC Prime

CVE-2025-33053 Exploitation: A Critical WebDAV Zero-Day RCE Vulnerability Actively Weaponized by Stealth Falcon APT Group | SOC Prime

How AI Can Be Used in Threat Detection | SOC Prime

IOC Intelligence to Google SecOps: Automated Conversion with Uncoder AI | SOC Prime

CVE-2025-5419 Vulnerability: New Google Chrome Zero-Day Actively Exploited in the Wild | SOC Prime

CVE-2025-20286 Vulnerability Exploitation: Critical Cisco ISE Flaw Affects AWS, Microsoft Azure, and OCI Cloud Deployments | SOC Prime

IOC-to-CSQL Detection for Gamaredon Domains | SOC Prime

AI-Validated Hostname Filtering for Chronicle Queries | SOC Prime

AI-Assisted Domain Detection Logic for Carbon Black in Uncoder AI | SOC Prime

URL-Based IOC Validation for Microsoft Defender KQL | SOC Prime

AI-Generated MDE Queries from APT28 Clipboard Attacks | SOC Prime

Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI | SOC Prime

Instant Domain Matching Logic for Splunk via Uncoder AI | SOC Prime

Domain-Based IOC Detection for Carbon Black in Uncoder AI | SOC Prime

Full Detection Logic for LITERNAMAGER in Cortex XSIAM via Uncoder AI | SOC Prime

CyberLock, Lucky_Gh0$t, and Numero Detection: Hackers Weaponize Fake AI Tool Installers in Ransomware and Malware Attacks | SOC Prime

APT41 Attack Detection: Chinese Hackers Exploit Google Calendar and Deliver TOUGHPROGRESS Malware Targeting Government Agencies | SOC Prime

AI-Generated Carbon Black Detection Rule for DarkCrystal RAT Campaign | SOC Prime

AI-Powered SPL Rule Generation for WRECKSTEEL IOC Detection | SOC Prime

BadSuccessor Detection: Critical Windows Server Vulnerability Can Compromise Any User in Active Directory | SOC Prime

AI-Powered IOC Parsing for WRECKSTEEL Detection in CrowdStrike | SOC Prime

IOC-to-Query Conversion for SentinelOne in Uncoder AI | SOC Prime

AI-Generated SentinelOne DNS Query for WRECKSTEEL Detection | SOC Prime

IOC-to-Query Generation for Google SecOps (Chronicle) in Uncoder AI | SOC Prime

AI-Driven IOC Conversion for Palo Alto Cortex XSIAM Queries | SOC Prime

IOC Query Generation for Microsoft Sentinel in Uncoder AI | SOC Prime

Detect APT28 Attacks: russian GRU Unit 26156 Targets Western Logistics and Technology Companies Coordinating Aid to Ukraine in a Two-Year Hacking Campaign | SOC Prime

ELPACO-Team Ransomware Attack Detection: Hackers Exploit Atlassian Confluence Vulnerability (CVE-2023-22527) to Gain RDP Access and Enable RCE | SOC Prime

CVE-2025-4427 and CVE-2025-4428 Detection: Ivanti EPMM Exploit Chain Leading to RCE | SOC Prime

home
›
SOC Prime
›
Software