Our technology reveals unknown threats hidden within your cloud, application, network, and endpoint logs.
Joined January 2017
- Tweets 1,130
- Following 1,004
- Followers 1,920
- Likes 19
880 Photos and videos
Huntress reports a .NET loader using malspam and a five-stage chain to evade defenses and establish C2. AlphaSOC flags these malware delivery and C2 traffic patterns to protect customers. Read more here >> huntress.com/blog/malspam-to…
1
32
Want to check whether your threat detection stack can flag C2 beacons, anonymizing circuit traffic, cryptomining, DNS tunneling, and other threats? Use our free, open source adversary simulation tool to instantly evaluate your coverage >> github.com/alphasoc/flightsi…
1
31
AlphaSOC processes telemetry from EDR platforms, cloud infrastructure, identity providers, and SaaS applications to flag anomalies and threats. Dive into our docs for more details >> docs.alphasoc.com
2
25
Want to hunt threats and flag anomalies within your Slack audit logs? Instantly process them with AlphaSOC and 40 out-of-the-box detections. You can define your own custom Sigma rules too. Read more here >> docs.alphasoc.com/detections…
1
25
Microsoft reports Miasma trojanized 32 @redhat-cloud-services npm packages to steal GitHub, cloud, and CI/CD credentials via preinstall hooks. AlphaSOC flags these malware and C2 patterns to protect customers. Read more here >> microsoft.com/en-us/security…
2
77
Got CrowdStrike Falcon? Process your raw FDR telemetry with AlphaSOC to deploy your own custom Sigma rules and supercharge your threat hunting. Read more here >> alphasoc.com/crowdstrike
1
47
Our engine highlights threats across GitHub and the other applications that your business relies on (e.g., 1Password, Jira, Okta, and Slack). AlphaSOC is free to evaluate for 30 days without restriction or obligation. Learn more here >> alphasoc.com
1
45
Download the AlphaSOC MITRE ATT&CK Navigator layer and explore the tactics and techniques covered by our in-built managed detections. Read more here >> docs.alphasoc.com/detections…
1
53
Interested to know what we've been working on lately? Check out our Changelog that describes the new product features and improvements >> alphasoc.com/changelog/
1
22
Microsoft reports a cryptojacking campaign abusing poisoned search results, ScreenConnect, and .NET utilities to deploy GPU miners. AlphaSOC flags these cryptomining and C2 patterns to protect customers. Read more here >> microsoft.com/en-us/security…
1
42
We process network telemetry to cover 70 out-of-the-box detection use cases and highlight patterns including spear phishing, impersonation attacks, anonymizing circuit traffic (e.g. Tor and I2P) and cryptomining pool participation. Read more >> docs.alphasoc.com/detections…
2
71
We track the most dangerous effective top-level domains (eTLDs) online by processing the indicators within our platform each month. Our feed is updated daily, and you can use it to instantly block traffic to statistically bad domains >> feeds.alphasoc.net/bad-etlds…
2
81
Our open source Network Flight Simulator (flightsim) utility can synthesize many malicious traffic patterns, including DGA, DNS tunneling, ICMP tunneling, and SSH exfiltration. Read more >> github.com/alphasoc/flightsi…
1
49
Sending audit logs and telemetry to Cribl Stream? You can process those raw events using AlphaSOC via our native integration for Cribl and forward the findings in OCSF format on to your SIEM or Data Lake to reduce your costs. Read more here >> alphasoc.com/cribl
4
174
Unit 42 reports TamperedChef clusters delivering malware through trojanized software installers used to compromise victims. AlphaSOC flags these malware and C2 patterns to protect customers. Read more here >> unit42.paloaltonetworks.com/…
2
65
Using Sigma rules for detection and hunting? Process your EDR telemetry (e.g., Defender for Endpoint, CrowdStrike Falcon, and SentinelOne) with AlphaSOC and deploy both community and custom Sigma detections outside of your SIEM. Read more here >> docs.alphasoc.com/detections…
1
125
Want to flag anomalies within your AWS environment and overlay them with MITRE ATT&CK? We have extended our analytics engine to process CloudTrail logs and highlight 400 threats. Here's a full list of detection use cases >> docs.alphasoc.com/detections…
1
50
Need unparalleled visibility into your Azure environment and cloud workloads? AlphaSOC highlights privilege escalation, compromised workloads, hacked accounts, and data exfiltration. Evaluate our analytics engine for free >> alphasoc.com/azure
1
2
54
Our Analytics Engine supports detections across endpoints, cloud workloads, and SaaS applications! Process your CrowdStrike FDR telemetry and logs from AWS, GitHub, Slack, Okta, and other platforms to hunt threats. Dig into the docs here >> docs.alphasoc.com/
1
60