Documentation Index
Fetch the complete documentation index at: https://docs.socdefenders.ai/llms.txt
Use this file to discover all available pages before exploring further.
The SOC Defenders news feed aggregates cybersecurity articles from 30+ sources into a single, continuously updated stream. You can narrow the feed to exactly the signals that matter to your team using a combination of category, severity, IOC presence, threat actor, industry, and technique filters — all without leaving the page.
Filtered results update in real time. As new articles are ingested, they appear immediately in your current filtered view without requiring a page refresh.
Feed views
At the top of the feed, three views let you control how articles are ranked:
- Hot — articles gaining the most engagement right now, weighted by recency and votes
- New — articles in chronological order, newest first
- Top — all-time highest-voted articles
Switch between views at any time; your active filters carry over.
Filter categories
Use the Category filter to focus the feed on a specific domain of security coverage. Categories are grouped into four areas:
Threats & Attacks
| Category | Coverage |
|---|
| Attacks & Breaches | Reported incidents, data breaches, and intrusion campaigns |
| Vulnerabilities | Disclosed CVEs, advisories, and patch releases |
| Threat Intelligence | IOC feeds, APT reports, and actor tracking |
| Malware | Malware analysis, ransomware, and malicious tooling |
Defense & Protection
| Category | Coverage |
|---|
| Cloud Security | Cloud misconfigurations, CSP advisories, and cloud-native attacks |
| Endpoint Security | EDR, AV, and host-based threat coverage |
| Network Security | Firewall, IDS/IPS, and network-layer threats |
| Identity & Access | IAM, credential attacks, and authentication weaknesses |
| Application Security | Web app vulnerabilities, SAST/DAST, and API security |
| Data Security | DLP, encryption, and data exfiltration reporting |
Operations & Compliance
| Category | Coverage |
|---|
| Security Operations | SOC tooling, detection engineering, and threat hunting |
| Incident Response | IR playbooks, breach timelines, and post-mortems |
| Compliance & Risk | Regulatory updates, frameworks, and risk management |
Emerging Technologies
| Category | Coverage |
|---|
| AI/ML Security | Adversarial ML, LLM attacks, and AI-assisted threats |
| IoT & OT Security | Industrial control systems, embedded device vulnerabilities |
Severity filter
Filter articles by the CVSS severity of referenced vulnerabilities:
- Critical — CVSS 9.0–10.0
- High — CVSS 7.0–8.9
- Medium — CVSS 4.0–6.9
- Low — CVSS 0.1–3.9
Use the CVSS score range slider to set a precise minimum and maximum score (0.0–10.0) when you need finer control than the broad severity bands.
IOC filtering
Toggle Has IOCs to show only articles from which SOC Defenders has extracted indicators of compromise — including IP addresses, domains, and file hashes. This is useful when you want to feed results directly into your detection pipeline or IOC enrichment workflow.
Articles without extracted IOCs remain visible by default; enabling the filter hides them.
Additional filters
| Filter | What it does |
|---|
| Threat Actors | Limit the feed to articles mentioning a specific threat actor or APT group |
| Date | Set a date range to focus on recent activity or historical campaigns |
| Industry | Show articles relevant to a specific sector (maps to CISA Critical Infrastructure categories) |
| MITRE ATT&CK | Filter by tactic or technique ID (e.g., T1059, TA0001) |
| Technology | Narrow results to articles covering a specific vendor, product, or platform |
| CVE Search | Search for articles referencing a specific CVE ID |
Article actions
Each article in the feed exposes the following actions:
- View — open the full article detail page, including AI summary, IOCs, and discussion
- Save — add the article to your Saved Articles list for later review
- Share — copy a direct link to the article
- Comment — jump to the discussion thread on the article page