SOC Prime, a threat detection marketplace provider, has announced the Quick Hunt threat hunting module for its Detection as Code platform.
Quick Hunt supports one-click threat hunting capabilities, SOC Prime asserted. It lets security teams run threat queries in various security information and event management (SIEM) and endpoint detection and response (EDR) tools, including:
- CrowdStrike
- Elasticsearch
- Google Chronicle Security
- Humio
- Microsoft Defender Advanced Threat Protection (ATP)
- Microsoft Azure Sentinel
Quick Hunt recommends queries based on peer feedback collected from the SOC Prime's managed detection and response (MDR) and MSSP partners, the SOC Prime Lab and the global threat hunting community, SOC Prime indicated. From there, security teams can use Quick Hunt to access trending content tailored to their SIEM or EDR tools and explore ways to accelerate threat investigation and remediation.
In addition, Quick Hunt provides MITRE ATT&CK details, SOC Prime stated. As such, security teams can leverage Quick Hunt to identify cyberattack tactics, techniques and sub-techniques related to their queries.
Detection as Code users can leverage Quick Hunt to conduct unmetered hunts with Community queries starting Nov. 22, 2021, SOC Prime indicated. They can continue to do so until Dec. 31, 2021.
SOC Prime Raises $11 Million in Series A Funding, Partners with Cyderes
The Quick Hunt announcement comes after SOC Prime in October 2021 raised $11 million in Series A funding. SOC
Also, SOC Prime in January 2021 partnered with Cyderes, the security-as-a-service (SECaaS) division of Fishtech Group and a Top 250 MSSP. SOC Prime provides Cyderes customers with access to its threat detection content and allows them to use its threat detection marketplace to generate custom content based on their threat profiles, the company noted.
SOC Prime curates Sigma-based threat detection content from nearly 400 researchers, the company indicated. It delivers this content to more than 6,000 organizations globally.
