SOC Prime announced that the SOC Prime CCM App for Splunk has been vetted for the Splunk Cloud Platform, enabling security teams to stream real-time relevant content from the SOC Prime Threat Detection Marketplace to both on-premises and cloud-based Splunk environments.
Powered by SOC Prime’s Detection as Code platform, the Threat Detection Marketplace provides access to over 6,000 Splunk alerts and queries. Security professionals will now be able to stream the most relevant content into Splunk environments with the Continuous Content Management (CCM) module and the SOC Prime CCM App for Splunk.
As a result, Splunk users will be able to improve their threat detection and response time, tag company-specific vulnerabilities to automatically find SOC content matching the company’s threat profile, and save time and resources associated with content research and manual deployment.
“In the wake of a constantly changing threat landscape, keeping an organization’s Splunk environment up to date on the latest detection algorithms can be a never-ending task for security professionals,” said Andrii Bezverkhyi, founder and CEO at SOC Prime. “With SOC Prime’s Continuous Content Management capabilities, security professionals can now automate that cumbersome process, ensuring that relevant threat detection content will never be missed. That will allow customers to redeploy security resources, shifting their focus from hunting for threats to securing their enterprise.”
Leveraging the SOC Prime’s app now available for Splunk Cloud customers, threat detections can be automatically deployed based on a preferred recurring schedule, saving time on manual configurations. Community users of SOC Prime’s Detection as Code platform can also use the app to pull the latest threat detection content to Splunk.