AlphaSOC

Verified account

@alphasoc

Our technology reveals unknown threats hidden within your cloud, application, network, and endpoint logs.

San Francisco, CA

Joined January 2017

1K Following

1.9K Followers

1.1K Posts

1 day ago

Microsoft reports Miasma trojanized 32 @redhat-cloud-services npm packages to steal GitHub, cloud, and CI/CD credentials via preinstall hooks. AlphaSOC flags these malware and C2 patterns to protect customers. Read more here >> https://t.co/WEsCsbk5Ie

0

1

0

0

65

2 days ago

Got CrowdStrike Falcon? Process your raw FDR telemetry with AlphaSOC to deploy your own custom Sigma rules and supercharge your threat hunting. Read more here >> https://t.co/u2hDcbqcl5

0

1

0

0

36

3 days ago

Our engine highlights threats across GitHub and the other applications that your business relies on (e.g., 1Password, Jira, Okta, and Slack). AlphaSOC is free to evaluate for 30 days without restriction or obligation. Learn more here >> https://t.co/JMS064OAaC

alphasoc's tweet photo. Our engine highlights threats across GitHub and the other applications that your business relies on (e.g., 1Password, Jira, Okta, and Slack). AlphaSOC is free to evaluate for 30 days without restriction or obligation. Learn more here >> https://t.co/JMS064OAaC https://t.co/r1YcozWe0C

0

0

0

0

41

4 days ago

Download the AlphaSOC MITRE ATT&CK Navigator layer and explore the tactics and techniques covered by our in-built managed detections. Read more here >> https://t.co/DPC7Bq13uY

alphasoc's tweet photo. Download the AlphaSOC MITRE ATT&CK Navigator layer and explore the tactics and techniques covered by our in-built managed detections. Read more here >> https://t.co/DPC7Bq13uY https://t.co/KyTZuHtehX

0

0

0

0

43

Who to follow

Steve YARA Synapse Miller

@stvemillertime

AI threat intelligence @google writing & sharing on adversary tradecraft, malware, threat detection, AI-nexus intel and all things #yara

Nextron Systems

@nextronsystems

Managed Compromise Assessments #YARA #IOCs #DFIR #APT #Sigma - the home of @thor_scanner, ASGARD and the Aurora Agent

Verified account

We provide digital business risk platforms and community services. Since 2005, our reputation has remained unchallenged Check out our research @teamcymru_S2!

5 days ago

Interested to know what we've been working on lately? Check out our Changelog that describes the new product features and improvements >> https://t.co/37kpcv43pM

alphasoc's tweet photo. Interested to know what we've been working on lately? Check out our Changelog that describes the new product features and improvements >> https://t.co/37kpcv43pM https://t.co/g3HHVbAVj0

0

0

0

0

20

8 days ago

Microsoft reports a cryptojacking campaign abusing poisoned search results, ScreenConnect, and .NET utilities to deploy GPU miners. AlphaSOC flags these cryptomining and C2 patterns to protect customers. Read more here >> https://t.co/zYlHBR5Wn7

0

0

0

0

40

9 days ago

We process network telemetry to cover 70+ out-of-the-box detection use cases and highlight patterns including spear phishing, impersonation attacks, anonymizing circuit traffic (e.g. Tor and I2P) and cryptomining pool participation. Read more >> https://t.co/Eqck1JlwAS

alphasoc's tweet photo. We process network telemetry to cover 70+ out-of-the-box detection use cases and highlight patterns including spear phishing, impersonation attacks, anonymizing circuit traffic (e.g. Tor and I2P) and cryptomining pool participation. Read more >> https://t.co/Eqck1JlwAS https://t.co/selTzsLAGi

0

1

0

0

69

10 days ago

We track the most dangerous effective top-level domains (eTLDs) online by processing the indicators within our platform each month. Our feed is updated daily, and you can use it to instantly block traffic to statistically bad domains >> https://t.co/fPxzR5AlLt

alphasoc's tweet photo. We track the most dangerous effective top-level domains (eTLDs) online by processing the indicators within our platform each month. Our feed is updated daily, and you can use it to instantly block traffic to statistically bad domains >> https://t.co/fPxzR5AlLt https://t.co/wA1BD5cRcm

0

2

0

0

79

11 days ago

Our open source Network Flight Simulator (flightsim) utility can synthesize many malicious traffic patterns, including DGA, DNS tunneling, ICMP tunneling, and SSH exfiltration. Read more >> https://t.co/2tEPHsrbxp

0

1

0

0

47

12 days ago

Sending audit logs and telemetry to Cribl Stream? You can process those raw events using AlphaSOC via our native integration for Cribl and forward the findings in OCSF format on to your SIEM or Data Lake to reduce your costs. Read more here >> https://t.co/wWGkqxkHoE

alphasoc's tweet photo. Sending audit logs and telemetry to Cribl Stream? You can process those raw events using AlphaSOC via our native integration for Cribl and forward the findings in OCSF format on to your SIEM or Data Lake to reduce your costs. Read more here >> https://t.co/wWGkqxkHoE https://t.co/D9a98ks9Fv

0

4

0

0

172

15 days ago

Unit 42 reports TamperedChef clusters delivering malware through trojanized software installers used to compromise victims. AlphaSOC flags these malware and C2 patterns to protect customers. Read more here >> https://t.co/je9YxoEM87

0

2

0

0

64

16 days ago

Using Sigma rules for detection and hunting? Process your EDR telemetry (e.g., Defender for Endpoint, CrowdStrike Falcon, and SentinelOne) with AlphaSOC and deploy both community and custom Sigma detections outside of your SIEM. Read more here >> https://t.co/eIRQKwPVZo

alphasoc's tweet photo. Using Sigma rules for detection and hunting? Process your EDR telemetry (e.g., Defender for Endpoint, CrowdStrike Falcon, and SentinelOne) with AlphaSOC and deploy both community and custom Sigma detections outside of your SIEM. Read more here >> https://t.co/eIRQKwPVZo https://t.co/Pg5u5PUV1h

0

1

0

0

124

17 days ago

Want to flag anomalies within your AWS environment and overlay them with MITRE ATT&CK? We have extended our analytics engine to process CloudTrail logs and highlight 400+ threats. Here's a full list of detection use cases >> https://t.co/Eqck1JlwAS

alphasoc's tweet photo. Want to flag anomalies within your AWS environment and overlay them with MITRE ATT&CK? We have extended our analytics engine to process CloudTrail logs and highlight 400+ threats. Here's a full list of detection use cases >> https://t.co/Eqck1JlwAS https://t.co/l5vBODfmui

0

1

0

0

49

18 days ago

Need unparalleled visibility into your Azure environment and cloud workloads? AlphaSOC highlights privilege escalation, compromised workloads, hacked accounts, and data exfiltration. Evaluate our analytics engine for free >> https://t.co/I8peIONDkt

1

2

0

0

53

19 days ago

Our Analytics Engine supports detections across endpoints, cloud workloads, and SaaS applications! Process your CrowdStrike FDR telemetry and logs from AWS, GitHub, Slack, Okta, and other platforms to hunt threats. Dig into the docs here >> https://t.co/bYYw6pzgRe

alphasoc's tweet photo. Our Analytics Engine supports detections across endpoints, cloud workloads, and SaaS applications! Process your CrowdStrike FDR telemetry and logs from AWS, GitHub, Slack, Okta, and other platforms to hunt threats. Dig into the docs here >> https://t.co/bYYw6pzgRe https://t.co/FErEOM9pgJ

0

1

0

0

59

22 days ago

The DFIR Report details EtherRAT and TukTuk C2 activity ending in Gentleman ransomware deployment across compromised systems. AlphaSOC flags these ransomware and C2 patterns to protect customers. Read more here >> https://t.co/kDOFeroShz

0

2

0

0

79

23 days ago

Want to measure the efficacy of your threat detection stack with regard to cryptomining traffic? Use flightsim to generate Stratum traffic to known mining pool services online >> https://t.co/2tEPHsrbxp

0

2

0

0

50

24 days ago

Got Splunk? Our latest release adds MITRE ATT&CK mapping and enables teams to identify both known and unknown emerging threats. Use Network Behavior Analytics for Splunk to instantly process your network telemetry and solve 70+ detection use cases >> https://t.co/qnAgOMGVZr

alphasoc's tweet photo. Got Splunk? Our latest release adds MITRE ATT&CK mapping and enables teams to identify both known and unknown emerging threats. Use Network Behavior Analytics for Splunk to instantly process your network telemetry and solve 70+ detection use cases >> https://t.co/qnAgOMGVZr https://t.co/nQjr60Kbj2

0

1

0

0

52

25 days ago

Third-party VPNs are increasingly used by threat actors to exfiltrate data and evade controls. AlphaSOC provides defenders with visibility into these encrypted sessions, as shown >>

alphasoc's tweet photo. Third-party VPNs are increasingly used by threat actors to exfiltrate data and evade controls. AlphaSOC provides defenders with visibility into these encrypted sessions, as shown >> https://t.co/5qqsiP1ZTT

0

1

0

1

60

26 days ago

Lookalike domains (aka homoglyphs) are commonly used by threat actors in spearphishing campaigns. AlphaSOC flags these patterns in real-time to alert security teams and protect customers.

alphasoc's tweet photo. Lookalike domains (aka homoglyphs) are commonly used by threat actors in spearphishing campaigns. AlphaSOC flags these patterns in real-time to alert security teams and protect customers. https://t.co/HeiTNeLrBW

0

1

0

0

29

Last Seen Users on Sotwe

Trends for you

Most Popular Users