May 17, 2023

© 2023 SOC Prime Inc.

All rights reserved. This product and documentation related are protected by copyright and distributed under licenses restricting their use, copying, distribution, and decompilation. No part of this product or documentation related may be reproduced in any form or by any means without the prior written authorization of SOC Prime. While every precaution has been taken in the preparation of this book, SOC Prime assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.

We've renamed Carbon Black to VMware Carbon Black to be consistent with the current official naming.

Also, we've added support for the EDR version of Carbon Black. Now, there are two formats of translations available for this platform: Cloud and EDR, with response-legacy and wildcard-enabled alternative translation configs for EDR.

For Elastic translations, we've removed redundant quotes in .text based fields corresponding to Sigma rule fields that include modifiers and have values combined by the OR operator.

We've made all alternative translation configs present for Splunk Query also available for Splunk Alert.

We've moved Presets, Filters, and API from CCM to Platform Settings. Now, all configurations that work across the SOC Prime Platform live in Platform Settings.

Additionally, Presets, Filters, and API pages were restyled to get the look and feel consistent with those of other pages in Platform Settings.

In particular, edit and delete actions are now implemented as separate icons.

Also, on the Search Profiles page, we've updated the switch name from Use in Search to Make Default to better convey the function of the switch.

We've added the possibility to set a custom investigation period. To do it, on the Start New Investigation screen:

Note that the investigation period cannot exceed 90 days.

We've added two new views on the Blind Spots tab. They present the same information about gaps that has been available in the Data Components view but break it down in a different way:

We've optimized the displaying of the investigation result to ensure it shows the accurate data after the start or end date of the investigation was updated.

On the Visibility tab of the Data Audit, we've added visualization of content from TDM available to the user's company according to the identified log sources. Now, you can easily see how much relevant content is offered on the TDM, and what part of it you can use in your investigation.

To improve the UI and keep the presentation of data clear, we've removed the Detections and Techniques columns.

We've improved the wording of several errors and warnings displayed after running the automatic Sigma rule validation checks.

We've added a landing page describing our current partner programs for universities and the opportunities SOC Prime offers to higher education institutions.

We've aligned buttons in the lower three blocks on the Pricing page ensuring they are positioned at the same height.

We've updated our main Cookie Policy and the Cookie Policy for Uncoder.IO. Also, we've added several cookies to the Cookie Settings list.

We've updated the Community button replacing Slack with Discord, and introduced minor color updates to make the general look more consistent with the SOC Prime Platform colors.

We've updated the Platform Guides according to the new functionality on the SOC Prime Platform.

With this release, we’ve made the following key bug fixes and improvements to enhance the user experience with the SOC Prime Platform: