June 14, 2023

© 2023 SOC Prime Inc.

All rights reserved. This product and documentation related are protected by copyright and distributed under licenses restricting their use, copying, distribution, and decompilation. No part of this product or documentation related may be reproduced in any form or by any means without the prior written authorization of SOC Prime. While every precaution has been taken in the preparation of this book, SOC Prime assumes no responsibility for errors or omissions. This publication and features described herein are subject to change without notice.

We've improved premium Sigma rule balance synchronization in the UI to ensure that when a Sigma rule is unlocked, the balance in the Account menu is decreased at once.

We've updated the CCM API Integration Tool to v3.1.2. The update includes a fix for the use of the unlock_rules parameter in the search input.

If you use the Tool, please download and install the latest version to ensure it works correctly.

We've added a Demo Investigation so that any user can explore Attack Detective capabilities right after registration, without having to set up an integration with their Data Plane.

The Demo Investigation includes Data Audit and Scan results for a demo environment.

In the Demo Investigation, you can explore most capabilities of Attack Detective:

Demo Investigation does not include access to the scanned Data Plane itself, so hunting with a query to validate a hit and providing feedback through Action Loop are not available.

Once you are ready to add an integration with your Data Plane and run an investigation in your own infrastructure, click Start Investigation.

After your first Investigation is finished, the Demo Investigation will disappear from the list of your investigations.

On the Blind Spots tab of the Data Audit, we've added another view to present potential gaps in security data.

The Tactic view shows potential issues with log sources broken down by MITRE ATT&CK® tactics and techniques.

We've added a new page called Data Audit. It lists all Data Audits conducted by your team and is available via the top navigation menu.

For each Data Audit, you can see its basic details and action buttons:

We've updated the details of the Investigations shown on the Investigations page.

Now, for each of your organization's Investigations you can see:

We've improved content preparation for scanning the Microsoft Sentinel Data Planes to ensure that relevant table names determined during Data Audit are used in the scan queries.

We've updated MITRE ATT&CK used in Attack Detective to v13.1.

Now, when a user who has signed up with a personal email opens a Sigma rule in the Cyber Threat Search Engine and clicks Explore More, they are redirected to Uncoder AI with this rule opened in search.

We've simplified and improved the looks of the Translate button.

We've expanded the clickable area on the product blocks so that clicking anywhere on the block opens the corresponding product.

To ensure a consistent style throughout the pages, we've updated the design of the Contact Sales modal shown in the Add-on section of the Pricing page.

We've updated the SOC Prime Threat Bounty Program Guide according to the latest Program terms and content development best practices.

We've redesigned and improved our API Guide to make it more convenient to use.

We've removed guides in Cyber Library related to deprecated content types.

With this release, we’ve made the following key bug fixes and improvements to enhance the user experience with the SOC Prime Platform: