October 11, 2022
© 2022 SOC Prime Inc.
All rights reserved. This product and documentation related are protected by copyright and distributed under licenses restricting their use, copying, distribution, and decompilation. No part of this product or documentation related may be reproduced in any form or by any means without the prior written authorization of SOC Prime. While every precaution has been taken in the preparation of this book, SOC Prime assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.
New Subscription Plans
With this release, we've launched a new subscription plan model that changes the availability of content as well as platform modules and features.
The new model will apply to all newly registered users. Existing users with a Community plan have also been automatically switched to the new model. Existing users with an Enterprise or On Demand subscription plan continue to enjoy their current plans with no changes until the end of the subscription. Afterward, they'll be able to choose a plan under the new model.
Content Availability Changes
Waiting Time
Newly published premium Sigma rules (previously referred to as on-demand Sigma rules) become available for unlocking only after a waiting time:
Community | On Demand | Enterprise |
3 days | 2 days | 1 day or instantly* |
* Organizations with an Enterprise plan have an instant access option. All newly released Sigma rules become available for use right at the time of their release.
Premium Sigma Rule Balance
Similar to On Demand plans, Enterprise plans now also can access the premium Sigma rules within the predefined amount included in the plan.
If an organization needs more rules than was included in its Enterprise plan, it can easily buy additional incremental top-ups by contacting our Sales.
Modules & Features Availability Changes
All users keep access to the core modules (Advanced Search, Detection Engineering, and MITRE ATT&CK®) that enable content search and consumption. While there are no changes to the MITRE ATT&CK module, the complete set of filters in Advanced Search and Detection Engineering is now available only under an Enterprise subscription.
We've made significant changes to the availability of the modules under Automation and Analytics. Accordingly, the availability of features enabled by the restricted modules has also changed.
CONTENT |
|
|
|
Advanced Search | Basic filters | Basic filters | All filters |
Detection Engineering | Basic filters | Basic filters | All filters |
MITRE ATT&CK | ✔ | ✔ | ✔ |
HUNT |
|
|
|
Quick Hunt | – | Add-on | ✔ |
Uncoder CTI | Limited | Limited/Full as add-on | ✔ |
AUTOMATE |
|
|
|
Continuous Content Management | – | – | ✔ |
Custom Field Mapping | – | 1 profile | ✔ |
Search Profiles | – | 1 profile | ✔ |
Integration Environments | – | 1 environment | ✔ |
ANALYTICS |
|
|
|
Leaderboards | ✔ | ✔ | ✔ |
Log Source Coverage | – | Limited (top 3 log sources) | ✔ |
MITRE ATT&CK Coverage | – | Limited (top 3 tactics) | ✔ |
Dashboard | – | Limited | ✔ |
To compare the new plans, go to the updated Upgrade page.
Exclusive Access to a Single Sigma Rule
We've added the self-serve capability to instantly get exclusive access to a single newly released Sigma rule that is not yet available under your subscription plan. The feature is added to all plans.
Open the code tab of a Sigma rule with the Wait to Unlock status. To unlock the rule, click Get Exclusive Access.
A payment modal with Stripe integration appears. After the payment is complete, the Sigma rule and all its available translations are automatically unlocked for all users from your organization for the period of 1 year.
New Naming
We've renamed on-demand Sigma rules to premium Sigma rules to avoid confusion about the rules being available only under an On Demand plan.
Tooltip for Sigma Rule Balance
We've added a tooltip for the Sigma rule balance. For users with a Community plan, it additionally explains how often we top up the balance.