How It Works Uncoder AI integrates native search across the entire SOC Prime Platform, including all repositories accessible via Threat Detection Marketplace. Detection engineers can instantly query through over 500,000 rules and queries — spanning 15+ community and proprietary sources — all categorized by language, platform, threat actor, and use case relevance. As shown in […]

The post Search Threat Detection Marketplace from Uncoder AI appeared first on SOC Prime.

In recent years, the surge in cyber-attacks has been fueled by the expansion of Initial Access Broker (IABs) that trade access to breached networks. In 2023, security researchers revealed a widespread breach targeting critical infrastructure organizations orchestrated by a highly advanced threat group known as “ToyMaker,” which operated as an IAB. Hackers leverage exposed internet-facing […]

The post ToyMaker Activity Detection: Initial Access Brokers Compromise Hosts in Critical Infrastructure Organizations via SSH and File Transfer Utilities appeared first on SOC Prime.

How It Works Uncoder AI acts as a modern integrated development environment (IDE) tailored for detection engineers. At its core is a specialized code editor that supports writing and refining detection logic with precision and speed. The editor recognizes the detection language automatically and adapts syntax highlighting accordingly. Whether you’re working with Sigma or Roota, […]

The post Convenient Detection Code Editor for Uncoder AI appeared first on SOC Prime.

How It Works Platform-specific rules or queries—such as those written in Splunk, Sentinel, or other supported formats—can now be automatically transformed into Roota format using Uncoder AI. This isn’t just a format switch; it’s a context-rich conversion process that layers metadata critical to operational success. Once a user clicks the Supercharge button, Uncoder AI processes […]

The post Supercharge Detection Content into Roota Format with AI appeared first on SOC Prime.

How It Works Uncoder AI makes it easy to translate Sigma rules into detection formats used by 48 different platforms. Users simply select the desired output language—like Splunk, Sentinel, or CrowdStrike Falcon—and Uncoder AI instantly generates a syntactically valid detection in the chosen format. The translation happens entirely within SOC Prime’s infrastructure, ensuring privacy and […]

The post Translate from Sigma into 48 Languages appeared first on SOC Prime.

How It Works Understanding the steps adversaries take during an attack can be critical for detection logic and defense prioritization. Uncoder AI introduces a new capability: transforming raw threat intelligence—such as blog posts, reports, or technical descriptions—into a visual Attack Flow. As shown in the interface screenshot, the system ingests narrative input about a campaign […]

The post Uncoder AI Visualizes Threat Behavior with Automated Attack Flow appeared first on SOC Prime.

How It Works The MITRE ATT&CK framework is the gold standard for structuring detection logic by adversary techniques. But tagging Sigma rules manually with appropriate ATT&CK techniques is a time-consuming, detail-heavy task that requires expertise in both detection syntax and adversarial behavior mapping. Uncoder AI changes that by automatically predicting MITRE ATT&CK tags for Sigma […]

The post Uncoder AI Automates MITRE ATT&CK Tagging in Sigma Rules appeared first on SOC Prime.

How It Works In fast-paced detection engineering, syntax mistakes and structural oversights happen — especially when working across multiple platforms or under tight response deadlines. Catching and fixing these issues manually is tedious, time-consuming, and often overlooked. With Uncoder AI’s Syntax and Structure Validation, detection authors can now validate their rules — both syntactically and […]

The post Let AI Catch the Bugs: Uncoder AI Validates Detection Rule Syntax and Logic appeared first on SOC Prime.

How It Works Threat reports often contain valuable Indicators of Compromise (IOCs) — hashes, IP addresses, domain names — that security teams need to operationalize quickly. But manually copying and converting them into queries for platforms like Microsoft Sentinel is slow, error-prone, and distracting from real response. Uncoder AI eliminates this bottleneck by automatically extracting […]

The post From IOCs to Queries: How Uncoder AI Automates Threat Intelligence Action appeared first on SOC Prime.

How It Works Writing detection rules often starts with a question: What am I trying to find, and under what conditions? But even the best threat intel reports don’t come prepackaged in platform-ready syntax. Uncoder AI’s Custom Prompt Generation bridges that gap. This feature allows users to input natural language descriptions of the behavior they […]

The post Custom AI Prompting in Uncoder AI Enables On-Demand Detection Generation appeared first on SOC Prime.