soc

How to Analyze Phishing Email Headers: A Complete Guide for SOC Analysts

DFIR Platform + TheHive: Automated IOC Enrichment for Case Management

Integrate DFIR Platform's multi-source IOC enrichment API with TheHive as a Cortex analyzer. Python code examples, architecture walkthrough, and step-by-step setup for SOC teams.

DFIR Platform + Wazuh: Real-Time Alert Enrichment

Integrate DFIR Platform's IOC enrichment API with Wazuh for real-time alert enrichment. Includes integratord configuration, active response scripts, and example alert workflows for SOC teams.

DFIR Platform + Splunk: IOC Enrichment via Custom Search Commands

Build a Splunk custom search command that enriches IOCs via DFIR Platform API. Includes Python code, commands.conf configuration, packaging as a Splunk app, and example SPL queries.

VirusTotal API Alternative: Cheaper Multi-Source IOC Enrichment for Security Teams

How to Analyze Phishing Email Headers: A Complete Guide for SOC Analysts

Learn how to analyze phishing emails like a SOC analyst: trace delivery paths, verify SPF/DKIM/DMARC, detect spoofing, and automate header analysis.

VirusTotal API Alternative: Cheaper Multi-Source IOC Enrichment for Security Teams

VirusTotal is the industry standard for IOC enrichment, but its rate limits and enterprise pricing leave small and mid-size teams behind. Here's how DFIR Platform compares as a VirusTotal API alternative for SOC analysts and MSSPs.

IOC Enrichment Explained: Why Multi-Source Threat Intelligence Matters

Phishing Email Analysis Tools Compared (2026)

IOC Enrichment APIs: Free vs Paid Options for SOC Teams