Content developed by you as a person or by eligible partner companies for the purpose of threat detection, threat hunting and incident response. In SIEM terms we are talking about Sigma Rules, correlation rules, queries, dashboards, parsers. In EDR & Endpoint Protection - Yara rules, Network Based detection - Snort rules. Attack simulation content for open-source instruments is also supported.
Content rewards are allocated based on Keys spent on your content by Customers. You get reward every time the content is unlocked, so even a single rule can generate multiple rewards and recurring revenue. The more content you contribute, the higher the reward!
Move the slider to see your profit for the Rules contributed per month
Sigma rules can be converted and applied to many log management or SIEM systems
By Florian Roth, Nextron Systems GmbH
SIGMA UI is a free open-source application based on the Elastic stack and Sigma Converter (sigmac)
By SOC Prime Inc.
The SANS webcast on Sigma contains a very good 20 min introduction to the project from minute 39 onward
By Justin Henderson and John Hubbard
A value analysis and step-by-step deployment of Sigma rules to ArcSight ESM & Logger
By Jordan Camba, SOC Prime Inc.
An article on how to build optimal Yara rules with a minimal chance of false positives
By Florian Roth, Nextron Systems
With Developer program for TDM you can get your content in front of 5000+ users from 2700+ organizations from 128 countries. We have created the 1st cross-platform cyber threat detection security marketplace in the world so that defenders can fight the adversaries together. SOC Prime has proven its capabilities many times by sprinting the cutting-edge detection content for threats like WannaCry, NotPetya as well as leveraging MITRE ATT&CK™ since 2016 for threat actor attribution. We know exactly how much hard work it goes into making the good rules, testing them and hunting for the next threat or exploitation technique.
Our mission is to help the security researchers with reaching to global customers and get rewarded for their work on regular basis. While SOC Prime handles the QA and sales, we want you to help us with content! If we talk numbers we get 2000+ content views and 700+ downloads per months. Top authors on TDM have 1000+ views and downloads of their content and receive special spotlight at the Leaderboards. Over 95% of the content is tagged with ATT&CK using the marketplace engine so that clients can see both technical and strategic value of the rules. See the most popular rules below.