Skip to main content

Overview

AlphaSOC's escalating findings process is a key step in its security analytics pipeline, focusing on delivering actionable security alerts to users or integrating them into external systems for further action. After analyzing telemetry data, AlphaSOC generates findings — insights into potential threats — and escalates them using flexible formats and transport methods. This overview outlines how AlphaSOC ensures these findings reach your security workflows efficiently.

Supported Formats

AlphaSOC provides findings in standardized formats to ensure compatibility with various security tools and platforms:

  • Open Cybersecurity Schema Framework (OCSF) Detection Finding schema: An open-source, vendor-agnostic standard.
  • Legacy v1.EventAlert: AlphaSOC's proprietary JSON format.
  • Custom formats: Available upon request to meet specific integration needs.

These formats cater to diverse integration needs, allowing you to choose the one that best fits your systems and requirements.

Supported Transports

AlphaSOC provides multiple transport methods to deliver findings seamlessly into your environment:

  • AlphaSOC REST API: For pull or webhook-based access.
  • AlphaSOC Web Console: A built-in interface for reviewing alerts.
  • Amazon EventBridge: Real-time event delivery for AWS-based workflows (on-premise only).
  • Amazon S3: Store findings in an S3 bucket for archival and analysis.
  • Cribl: Integrate with Cribl Stream using a REST collector for flexible processing.
  • Google BigQuery: Store and query findings in BigQuery for advanced analytics.
  • Kafka: Stream findings to a Kafka topic for real-time processing.

These options ensure compatibility with a wide range of infrastructures, from cloud-native setups to on-premise deployments.

Custom Requirements

If your preferred transport method or format isn’t listed, AlphaSOC is ready to collaborate with you to develop a custom solution tailored to your needs. Whether you require integration with a unique system or a specialized delivery mechanism, our team can assist. Contact us at support@alphasoc.com to discuss your requirements and get started.