The Prime Hunt 作者: SOC Prime, Inc.
SOC Prime’s open-source browser extension for more efficient threat hunting with one UI for different SIEMs/EDRs
5 位使用者5 位使用者
必須使用 Firefox 才能使用此擴充套件
擴充套件後設資料
關於此擴充套件
The Prime Hunt is a browser extension designed for threat hunting and developed as an open-source project on GitHub (https://github.com/socprime/the-prime-hunt). It's licensed under the Apache License version 2.0. The Prime Hunt introduces a One UI idea to simplify and speed up the investigation process regardless of the SIEMs or EDR in use. This is useful both for threat hunters starting off their careers and for seasoned professionals. The former can master the different security platforms and query languages faster, learning the right methodology from the very beginning, while the latter benefit from a streamlined workflow.
One UI for different technologies mirrors the concept of Sigma as a single language for cybersecurity. Sigma rules can be translated into multiple platform formats. This extension helps any threat hunter easily run and tune Sigma rule translations in those platforms, ensuring the community is Sigma-enabled. Meanwhile, sharing query hits (coming soon) helps the entire community measure and consolidate the MITRE ATT&CK® technique prevalence and rule quality.
With The Prime Hunt, you can easily see what accounts and assets are affected by the suspicious activity your query detects. Filter for or filter out query results by any field values with one click or look for all events related to them. Easily drill down to any CTI or any other sources that can help you in the investigation.
One UI for different technologies mirrors the concept of Sigma as a single language for cybersecurity. Sigma rules can be translated into multiple platform formats. This extension helps any threat hunter easily run and tune Sigma rule translations in those platforms, ensuring the community is Sigma-enabled. Meanwhile, sharing query hits (coming soon) helps the entire community measure and consolidate the MITRE ATT&CK® technique prevalence and rule quality.
With The Prime Hunt, you can easily see what accounts and assets are affected by the suspicious activity your query detects. Filter for or filter out query results by any field values with one click or look for all events related to them. Easily drill down to any CTI or any other sources that can help you in the investigation.
由 1 位評論者給出 0 分
權限與資料了解更多
必要權限:
- 存取您所有網站中的資料
更多資訊
1.4.5 版的發行公告
We've introduced the following updates:
- Added the capability to open the query in Uncoder AI
- Improved the functionality of saving queries in a custom repository on the SOC Prime Platform:
- Multiple tag selection is supported when saving query metadata
- The link in the successful saving message now opens the custom repository on the SOC Prime Platform where the query has been saved to
- Added the Clear button on the Query tab to remove the value from the Query field
- Added the capability to open the query in Uncoder AI
- Improved the functionality of saving queries in a custom repository on the SOC Prime Platform:
- Multiple tag selection is supported when saving query metadata
- The link in the successful saving message now opens the custom repository on the SOC Prime Platform where the query has been saved to
- Added the Clear button on the Query tab to remove the value from the Query field
SOC Prime, Inc. 製作的更多擴充套件
目前沒有評分- 目前沒有評分
- 目前沒有評分
- 目前沒有評分
- 目前沒有評分
- 目前沒有評分