IOC-to-CSQL Detection for Gamaredon Domains

How It Works This feature in Uncoder AI translates complex threat intelligence into structured CrowdStrike CSQL (CrowdStrike Search Query Language), enabling instant use within Falcon Endpoint Search. In this example, indicators from CERT-UA#13738 describe a Gamaredon (UAC-0173 / LITENKODER) campaign leveraging ZIP files and cloud-hosted payloads. Uncoder AI processes the report and outputs a valid, […] The post IOC-to-CSQL Detection for Gamaredon Domains appeared first on SOC Prime.