Skip to main content
NCSS 2023

8 -10 APRIL 2025

NEC BIRMINGHAM

News

xxx

18 Apr 2024

Socura announces DRAE: the Detection Rule Automation Engine

Socura Stand: 5/N26

Socura helps businesses monitor, detect, prevent, and respond to cyber incidents, including critical infrastructure providers and NHS trusts. These businesses cannot accept any disruption due to a breach, and Socura’s new Detection Rule Automation Engine (DRAE) ensures fast, consistent, and effective deployment of threat detection rules to reduce coverage gaps – resulting in reduced attacker dwell time and better security outcomes.

Many security teams struggle with detection rule management and translation. They are time-consuming requirements which prevent resources being allocated to more proactive tasks that ensure businesses stay ahead of evolving threats. DRAE is designed to simplify the management and translation of detection rules across different SIEM and EDR platforms. It automates laborious manual tasks that would traditionally take hours, in less than five minutes. This can free security teams to focus on critical threat analysis.

DRAE provides multi-platform detection content translation and deployment, seamlessly translating Sigma rules into many different languages. To reduce the risk of security gaps, rules are automatically kept up to date across all SIEM platforms. DRAE also offers customisation options to match customers’ specific SIEM platform configurations and maintains a complete history of rule changes and revisions for audit and compliance purposes. The tool can be used to group rules with similar objectives, and to validate translated rules to ensure their accuracy and compatibility.

DRAE helps Socura customers align with industry best practices, as defined by the MITRE ATT&CK framework, and leverages DeTTECT’s mapping capabilities and gap analysis.

DRAE is a free enhancement to the service for all Socura MDR customers that will be rolling out throughout 2024.

“I can’t overstate the impact of DRAE for our business, and for our customers,” said Socura CTO, Jamie Brummell. “It’s like swapping from an English-French dictionary to Google Translate. Suddenly, everything is translated and deployed all at once, with a fraction of the team’s time and effort. DRAE allows our security analysts to skip the manual process of rule management and translation and dedicate more time to proactive security tasks like threat hunting. Our customers will see the benefit too, in terms of improved detection and wider deployment of security rules. It offers an immediate demonstration of where gaps exist and how they are being plugged. Every month they have with DRAE, they should see fewer and fewer gaps in their defences.

View all News
Loading

The Safety & Security Event Series

FSEHSENational Cyber Security ShowPSO LiveTSEThe Workplace Event