12/9/2023 0 Comments Sigma threat huntingUncoder.IO is the online translator for SIEM saved searches, filters, queries, API requests, correlation and Sigma rules to help SOC Analysts, Threat Hunters and SIEM Engineers. Uncoder relies upon Sigma to act as a proverbial “rosetta stone”, enabling event schema resolution across platforms. Uncoder.io is SOC Prime’s free tool for SIEM search language conversion. Please reference the Importing Sigma Rules to Azure Sentinel blogpost to further understand what Sigma is and how to utilize the sigmac tool to import sigma rules into Azure Sentinel. The common analogy is that Sigma is “the log file equivalent of what Snort is to IDS and what YARA is for file-based malware detection.” Sigma acts as the proverbial “rosetta stone” for all platform-specific query languages and enables translation across a myriad of search languages. Sigma is an open source project to create a generic signature format for SIEM systems that enables analytic re-use and sharing. The second installment of this blog will provide the steps to configure the integration between Azure Sentinel and SOC Prime, which will empower you to expand your threat detection content by leveraging SOC Prime’s extensive threat detection marketplace. Today’s posts delves into the first point of the SOC Prime integration, the Uncoder.io service, which provides enterprises the ability to seamlessly convert Sigma rules to functional Azure Sentinel queries & rules. This is the first installment of a 3-part blog on Azure Sentinel’s integration with SOC Prime. We recently announced new exciting product updates and 3 rd party integrations including the integration with SOC Prime, with the intent to help enterprises stay on top of emerging security threats and reduce implementation time. As a cloud native SIEM solution, our innovation continues to help enterprises protect assets across distributed environments, analyze the growing volume of security data, and prioritize response to real threats.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |