<ul><li>Uncoder AI feature generates KQL detection query for Microsoft Sentinel based on indicators from DarkCrystal RAT threat report.</li><li>Query searches logs for strings like 'Розпорядження.zip' and 'imgurl.ir' across all available data tables.</li><li>Uncoder AI extracts high-confidence indicators from threat reports, reducing manual IOC integration and query crafting workload for analysts.</li><li>Benefits include broad IOC discovery, accelerated detection engineering, and improved SOC efficiency for faster incident response and detection logic authoring.</li></ul>

Zip Archive & C2 Domain Detection in Microsoft Sentinel via Uncoder AI

Discover more