Loading . . .

Privacy

Trust, transparency, and privacy are the core values when it comes to the security operations, processes, and procedures the companies seek to obtain from their partnership with SOC Prime.

GDPR Сompliance

As a GDPR-compliant organization, we are dedicated to protecting the privacy of our customer data. The data we collect about our users is protected by GDPR controls. SOC Prime does not store any user data on a perpetual basis and does not share it with any third parties except for third-party processors with whom we have signed data processing agreements that help us provide and improve our services to the end users. We collect the user data within the scope of the GDPR regulations driven by a single purpose to improve the platform experience and thus, follow our mission to enable collective cyber defense against attacks of any sophistication.

According to GDPR, we are compliant with “the right to erasure” (“right to be forgotten”), which states that users can demand to have their personal data erased if they have withdrawn their consent or object data processing. Upon the user erasure request, we are responsible for telling our processors to delete the related Personally Identifiable Information (PII) data, both from productive live systems and backup archives.

Privacy and Ownership Concerns

Obtaining detection content from third-party vendors involves granting full access to the organization’s SIEM or XDR environment, including the data sources and alert outcomes, which raises high concerns about data privacy protection. At SOC Prime, we have adopted our own content development maturity aimed at mitigating the privacy risks of our customers. Along with the data privacy imperative, SOC Prime recognizes and respects content ownership and Intellectual Property rights. Detection content made in the customer’s infrastructure based on the customer’s logs shall belong to the customer only.

Data privacy protection and ownership concerns guide our development procedures and are reflected in SOC Prime’s products that process user data. The in-house SOC Prime Team runs all the projects powered by our collective cyber defense platform, which ensures privacy protection and no access for third parties to the platform functionality. All the data is encrypted by industry standards — data at rest by the AES-256 encryption algorithm and in transit by the TLS 1.2 protocol. SOC Prime’s information security practices, policies, operations, and procedures meet the relevant standards for secure data management, which is reflected in the dedicated Service Organization Control (SOC) 2 Type II auditor’s report.

To protect user data and handle privacy challenges, the Threat Detection Marketplace sticks to the following best practices:

  • One-time password (OTP) and multi-factor authentication options
  • Single Sign-On (SSO) authentication & role-based access control (RBAC)
  • Security logging (audit trail)
  • Overall Rating A+ according to Qualys SSL Labs
  • Hosted on Amazon AWS
  • Web Application Firewall (WAF) protection

Threat Detection Marketplace

Powered by SOC Prime Platform for collective cyber defense, Threat Detection Marketplace is the world’s largest library of behavior-based Sigma rules and native rules for SIEM, EDR, and Data Lakes, enriched with tailored intelligence, documented and mapped to the MITRE ATT&CK® framework.

Get Started Learn more

Attack Detective

Attack Detective is an industry-first SaaS serving a real-time, researched, and packaged threat detection & hunting capability to quickly identify and tackle cyber threats before they escalate. It provides real-time data and content audits for comprehensive threat visibility and improved detection coverage, equips security teams with low-noise and high-quality rules for alerting, and enables automated threat hunting.

Get Started Learn more

Attack Detective is built on the Zero Trust Architecture (ZTA) milestones enabling organizations to risk-optimize their cybersecurity posture.

  • One-time password (OTP) and multi-factor authentication options
  • Queries data in its native location avoiding data duplication or distribution and possible permission inconsistency.
  • Clear segregation between the control plane and the data plane according to NIST 800-207
  • Single Sign-On (SSO) authentication & role-based access control (RBAC)
  • Security logging (audit trail)
  • Hosted on Amazon AWS
  • Web Application Firewall (WAF) protection
  • Overall Rating A+ according to Qualys SSL Labs
  • One-time password (OTP) and multi-factor authentication options
  • Single Sign-On (SSO) authentication & role-based access control (RBAC)
  • Security logging (audit trail)
  • Hosted on Amazon AWS
  • Web Application Firewall (WAF) protection
  • Overall Rating A+ according to Qualys SSL Labs

No data sharing with third parties or AI

Uncoder AI

Uncoder AI acts as a single IDE for detection engineering enabling seamless algorithm creation, exchange, translation and improvement in a trusted environment. Using Uncoder AI, security professionals can create, customize, and translate detection code into multiple SIEM, EDR, XDR, and Data Lake native languages or open-source language formats like Roota & Sigma. Additionally, Uncoder AI delivers relevant CTI, provides detection engineering context, and ensures triage information enrichment.

Get Started Learn more

Uncoder IO

Uncoder IO is an open-source version of its AI co-pilot version Uncoder AI. It acts as a fast, private, and easy-to-use online translation engine supporting conversion of Sigma & Roots rules into multiple SIEM, EDR, and Data Lake query formats. Additionally, Uncoder IO supports IOC packaging from any non-binary format such as PDF, text, STIX, or OpenIOC into performance-optimized queries tailored to your security stack in use.

Get Started Learn more
  • Fully anonymous: no registration, no authentication, no logging
  • All data kept session-based, stored in memory, no presence on server disks
  • Full reimage every 24h
  • Overall Rating A+ according to Qualys SSL Labs
  • Microservice-based architecture and Amazon AWS hosting
  • Based on the community-verified project “sigmac”
  • Fully anonymous: no logging, no third-party access to user data
  • Relevant access rights and permissions for each security analytics per each SIEM, EDR, or Data Lake platform via existing authentication and authorization mechanisms

The Prime Hunt

The Prime Hunt is an open-source browser extension that acts as the industry-first platform-agnostic UI for all threat hunters, no matter what SIEM or EDR they use. The tool enables security engineers to quickly convert, apply, and customize detection code across the widest stack of SIEM and EDR — directly within their Chrome, Firefox, or Edge browser.

Get Started

Start Now to Secure Your Tomorrow

Empower your cybersecurity maturity with the complete product suite for AI-powered Detection Engineering, Automated Threat Hunting and Detection Stack Validation to smartly resolve your cybersecurity challenges with a single end-to-end workflow.

Request a demo Start now
SOC planet