{"id":20818,"date":"2026-05-13T08:02:03","date_gmt":"2026-05-13T08:02:03","guid":{"rendered":"https:\/\/any.run\/cybersecurity-blog\/?p=20818"},"modified":"2026-05-13T10:47:03","modified_gmt":"2026-05-13T10:47:03","slug":"soc-ready-reporting","status":"publish","type":"post","link":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/","title":{"rendered":"New SOC-Ready Reporting for\u00a0Faster\u00a0Triage, Escalation,\u00a0and\u00a0Incident\u00a0Response with ANY.RUN\u00a0"},"content":{"rendered":"\n<p>Successful SOC operations&nbsp;require&nbsp;more than&nbsp;accurate&nbsp;<a href=\"https:\/\/any.run\/cybersecurity-blog\/streamline-your-soc\/\" target=\"_blank\" rel=\"noreferrer noopener\">detections<\/a>.&nbsp;Instant access to context, clear conclusions,&nbsp;and&nbsp;operationally relevant insights allow incidents to move&nbsp;across&nbsp;workflows&nbsp;without delays:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>During&nbsp;alert&nbsp;triage, analysts need a quick threat overview to decide on the next steps.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Efficient&nbsp;incident&nbsp;response decisions demand&nbsp;clear, actionable context to rely on.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Swift&nbsp;incident&nbsp;reporting&nbsp;requires&nbsp;cross-tier visibility without the need for manual processing of raw technical data.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>Making <a href=\"https:\/\/any.run\/features\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=soc_ready_reporting&amp;utm_term=130526&amp;utm_content=linktosandboxlanding\" target=\"_blank\" rel=\"noreferrer noopener\">ANY.RUN\u2019s Interactive Sandbox<\/a> a part of your standard SOC workflow helps eliminate bottlenecks that occur along the incident lifecycle by contributing to the optimization of each process, decision, and report.<\/p>\n\n\n\n<p>SOC-ready Tier 1 reports turn&nbsp;complex sandboxing&nbsp;analysis into&nbsp;structured, decision-ready&nbsp;intelligence&nbsp;for&nbsp;faster, efficient&nbsp;triage, escalation, response,&nbsp;and&nbsp;reporting.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Executive Summary&nbsp;<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Whether&nbsp;operating&nbsp;as an internal SOC or delivering MDR&nbsp;and&nbsp;MSSP services, organizations need investigation&nbsp;workflows that scale efficiently under growing&nbsp;alert&nbsp;volumes.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>ANY.RUN\u2019s Interactive Sandbox with Tier 1 Reports helps standardize&nbsp;triage, escalation,&nbsp;and&nbsp;incident&nbsp;reporting by becoming a decision-support layer for your security operations.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Enterprise Suite&nbsp;teams&nbsp;can&nbsp;optimize&nbsp;sandbox investigations&nbsp;and&nbsp;reporting across the SOC at scale with unlimited Tier 1 report generation.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>The result is&nbsp;<a href=\"https:\/\/any.run\/cybersecurity-blog\/expanded-free-ti-plan\/\" target=\"_blank\" rel=\"noreferrer noopener\">faster&nbsp;investigations<\/a>,&nbsp;consistent&nbsp;escalations with less context lost,&nbsp;and&nbsp;optimized incident&nbsp;documentation for&nbsp;confident&nbsp;decisions&nbsp;and&nbsp;risk prioritization.&nbsp;<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\">Challenges&nbsp;SOC Teams Face Today&nbsp;&nbsp;<\/h2>\n\n\n\n<p>With SOC teams continuously investigating suspicious files, URLs,&nbsp;phishing pages,&nbsp;and&nbsp;malware samples, turning the resulting massive volume of technical findings into actionable operational context&nbsp;fast enough to support efficient&nbsp;response becomes the key challenge.&nbsp;<\/p>\n\n\n\n<p>The lack of standardized reporting leads to:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Slow&nbsp;triage due to&nbsp;excessive manual&nbsp;work&nbsp;for Tier 1&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Higher pressure on Tier 2\/3&nbsp;and&nbsp;incident&nbsp;response team&nbsp;due to lack on ready-to-apply context&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Context loss during escalations&nbsp;and&nbsp;critical delays occur&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Additional&nbsp;burden falling on SOC managers without clear visibility into incident&nbsp;severity&nbsp;and&nbsp;<a href=\"https:\/\/any.run\/cybersecurity-blog\/soc-business-success-cases-anyrun\/\" target=\"_blank\" rel=\"noreferrer noopener\">business<\/a>&nbsp;impact&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>ANY.RUN\u2019s Interactive Sandbox already simplifies malware&nbsp;and&nbsp;<a href=\"https:\/\/any.run\/cybersecurity-blog\/phishing-detection-steps-for-cisos\/\" target=\"_blank\" rel=\"noreferrer noopener\">phishing analysis<\/a>&nbsp;through interactive, real-time investigation.&nbsp;Now, with Tier 1 Reports&nbsp;and&nbsp;AI Summary,&nbsp;it supports decision-making&nbsp;and&nbsp;reporting acrossSOC operations.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"541\" src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-12.54.02-1024x541.png\" alt=\"\" class=\"wp-image-20827\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-12.54.02-1024x541.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-12.54.02-300x158.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-12.54.02-768x406.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-12.54.02-1536x811.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-12.54.02-2048x1082.png 2048w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-12.54.02-370x195.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-12.54.02-270x143.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-12.54.02-740x391.png 740w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Phishing sample analysis in ANY.RUN Sandbox<\/em>&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<h2 class=\"wp-block-heading\">SOC-Ready Reporting Built&nbsp;Into&nbsp;the&nbsp;Analysis&nbsp;Workflow&nbsp;<\/h2>\n\n\n\n<p>New Tier 1 reports are&nbsp;integrated into SOC&nbsp;workflows&nbsp;through&nbsp;and&nbsp;offer&nbsp;complete, structured documents&nbsp;with operationally useful insights.&nbsp;<\/p>\n\n\n\n<p>Tier 1&nbsp;report includes:&nbsp;&nbsp;&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>A clear verdict on the analyzed sample&nbsp;&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>AI Summary&nbsp;featuring threat classification&nbsp;and&nbsp;executive summary&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Key IOCs&nbsp;and&nbsp;behavioral indicators&nbsp;&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><a href=\"https:\/\/any.run\/cybersecurity-blog\/mitre-ciso-risk-reduction\/\" target=\"_blank\" rel=\"noreferrer noopener\">MITRE ATT&amp;CK<\/a>&nbsp;mapping&nbsp;<\/li>\n<\/ul>\n\n\n\n<figure class=\"wp-block-video\"><video controls src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screen-Recording-2026-05-13-at-09.18.48.mov\"><\/video><\/figure>\n\n\n\n<p>They&nbsp;can be generated directly within the Interactive Sandbox in a single click, making sandbox analysis&nbsp;immediately&nbsp;usable across operational&nbsp;workflows.&nbsp;<\/p>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\nClarity for analysts. Visibility for decision-makers.<br>\n<span class=\"highlight\">Faster\u00a0response across the SOC.<\/span>\n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/any.run\/enterprise\/?utm_source=anyrunblog&#038;utm_medium=article&#038;utm_campaign=soc_ready_reporting&#038;utm_term=130526&#038;utm_content=linktoenterprise#contact-sales\" rel=\"noopener\" target=\"_blank\">\nOptimize\u00a0Your SOC Workflow\n<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<h3 class=\"wp-block-heading\">Use Case&nbsp;#1:&nbsp;Fast Threat Understanding&nbsp;for Tier 1&nbsp;During&nbsp;Triage&nbsp;<\/h3>\n\n\n\n<p>Via&nbsp;Tier 1 reports&nbsp;featuring AI Summaries, ANY.RUN\u2019s Interactive Sandbox&nbsp;provides&nbsp;immediate&nbsp;answers to the most&nbsp;critical&nbsp;questions&nbsp;that occur&nbsp;during&nbsp;<a href=\"https:\/\/any.run\/cybersecurity-blog\/alert-enrichment-soc-performance\/\" target=\"_blank\" rel=\"noreferrer noopener\">alert&nbsp;triage<\/a>:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Is the sample malicious?&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>What behavior&nbsp;indicates&nbsp;that?&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>What type of threat&nbsp;is involved?&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>What&nbsp;MITRE&nbsp;ATT&amp;CK&nbsp;TTPs&nbsp;and&nbsp;IOCs are&nbsp;present?&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li>Does the incident&nbsp;require escalation?&nbsp;<\/li>\n<\/ul>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"183\" src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.54.13-1024x183.png\" alt=\"\" class=\"wp-image-20834\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.54.13-1024x183.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.54.13-300x54.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.54.13-768x137.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.54.13-1536x275.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.54.13-370x66.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.54.13-270x48.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.54.13-740x132.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.54.13.png 1890w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Threat verdict&nbsp;and&nbsp;tags at the top of Tier 1 reports already provide key info on the analyzed object<\/em>&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<p>Instead of manually reviewing raw technical data to answer these questions with confidence,&nbsp;the&nbsp;sandbox provides this&nbsp;context automatically in the form of a ready-to-use report that covers all findings into a clear operational document&nbsp;for&nbsp;fast&nbsp;and&nbsp;substantiated decision-making.&nbsp;<\/p>\n\n\n\n<div class=\"wpdt-c row wpDataTableContainerSimpleTable wpDataTables wpDataTablesWrapper\n\"\n    >\n        <table id=\"wpdtSimpleTable-317\"\n           style=\"border-collapse:collapse;\n                   border-spacing:0px;\"\n           class=\"wpdtSimpleTable wpDataTable\"\n           data-column=\"2\"\n           data-rows=\"5\"\n           data-wpID=\"317\"\n           data-responsive=\"0\"\n           data-has-header=\"1\">\n\n                    <thead>        <tr class=\"wpdt-cell-row \" >\n                                <th class=\"wpdt-cell wpdt-bc-BEE9FD wpdt-tc-000000 wpdt-bold wpdt-merged-cell \"\n                     colspan=\"2\"  rowspan=\"1\"                     data-cell-id=\"A1\"\n                    data-col-index=\"0\"\n                    data-row-index=\"0\"\n                    style=\" width:100%;                    padding:10px;\n                    \"\n                    >\n                                        ANY.RUN\u2019s Interactive Sandbox & Tier 1 Reports\u00a0\u00a0                    <\/th>\n                                                    <\/tr>\n                    <tbody>        <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell wpdt-bold\"\n                                            data-cell-id=\"A2\"\n                    data-col-index=\"0\"\n                    data-row-index=\"1\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Operational\u00a0Impact\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-bold\"\n                                            data-cell-id=\"B2\"\n                    data-col-index=\"1\"\n                    data-row-index=\"1\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Business\u00a0Impact\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"A3\"\n                    data-col-index=\"0\"\n                    data-row-index=\"2\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Faster\u00a0alert\u00a0validation\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"B3\"\n                    data-col-index=\"1\"\n                    data-row-index=\"2\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Consistent\u00a0triage quality\u00a0\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"A4\"\n                    data-col-index=\"0\"\n                    data-row-index=\"3\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Reduced manual enrichment\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"B4\"\n                    data-col-index=\"1\"\n                    data-row-index=\"3\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Better <a class=\"wpdt-link-content\" href=\"https:\/\/any.run\/cybersecurity-blog\/soc-staff-shortage-burnout\/\"  rel=\"\" target=\"_blank\" data-cell-id=\"31\" data-link-url=\"https:\/\/any.run\/cybersecurity-blog\/soc-staff-shortage-burnout\/\" data-link-text=\"analyst productivity\" data-link-target=\"true\" data-link-nofollow=\"0\" data-link-noreferrer=\"0\" data-link-sponsored=\"0\" data-link-btn-status=\"0\" data-link-btn-class=\"\" data-link-content=\"wpdt-link-content\">analyst productivity<\/a>                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"A5\"\n                    data-col-index=\"0\"\n                    data-row-index=\"4\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Fewer unnecessary escalations\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"B5\"\n                    data-col-index=\"1\"\n                    data-row-index=\"4\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Reduced\u00a0operational\u00a0overhead\u00a0                    <\/td>\n                                        <\/tr>\n                    <\/table>\n<\/div><style id='wpdt-custom-style-317'>\ntable#wpdtSimpleTable-317{ table-layout: fixed !important; }\ntable#wpdtSimpleTable-317 td, table.wpdtSimpleTable317 th { white-space: normal !important; }\n.wpdt-bc-BEE9FD { background-color: #BEE9FD !important;}\n.wpdt-tc-000000 { color: #000000 !important;}\n<\/style>\n\n\n\n\n<h3 class=\"wp-block-heading\">Use Case&nbsp;#2:&nbsp;Easy Access to&nbsp;Context&nbsp;for&nbsp;Tier 2, Tier 3, IR teams&nbsp;&nbsp;<\/h3>\n\n\n\n<p>In case of an escalation, Tier 2 analysts&nbsp;and&nbsp;incident&nbsp;responders&nbsp;frequently&nbsp;need to reconstruct investigation context manually before&nbsp;proceeding&nbsp;with containment.&nbsp;<\/p>\n\n\n\n<p>Raw sandbox outputs take time to process&nbsp;and&nbsp;interpret,&nbsp;stretching&nbsp;investigation&nbsp;time&nbsp;and&nbsp;creating friction, as higher tiers&nbsp;essentially have&nbsp;to go back to&nbsp;triage stage for&nbsp;verification.&nbsp;<\/p>\n\n\n\n<p>With Tier 1 reports, analysts get&nbsp;a structured&nbsp;information to pass on at the early stage, making ANY.RUN\u2019s Interactive Sandbox more smoothly embedded into the entire investigation cycle,&nbsp;<a href=\"https:\/\/any.run\/cybersecurity-blog\/fortune-500-enterprise-success-story\/\" target=\"_blank\" rel=\"noreferrer noopener\">from&nbsp;triage to response<\/a>.&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"734\" src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.53-1024x734.png\" alt=\"\" class=\"wp-image-20831\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.53-1024x734.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.53-300x215.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.53-768x550.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.53-1536x1100.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.53-370x265.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.53-270x193.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.53-740x530.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.53.png 1890w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>Clear breakdown of&nbsp;detected&nbsp;MITRE ATT&amp;CK TTPs inside Tier 1 report<\/em>&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<div class=\"wpdt-c row wpDataTableContainerSimpleTable wpDataTables wpDataTablesWrapper\n\"\n    >\n        <table id=\"wpdtSimpleTable-316\"\n           style=\"border-collapse:collapse;\n                   border-spacing:0px;\"\n           class=\"wpdtSimpleTable wpDataTable\"\n           data-column=\"2\"\n           data-rows=\"5\"\n           data-wpID=\"316\"\n           data-responsive=\"0\"\n           data-has-header=\"1\">\n\n                    <thead>        <tr class=\"wpdt-cell-row \" >\n                                <th class=\"wpdt-cell wpdt-bc-BEE9FD wpdt-tc-000000 wpdt-bold wpdt-merged-cell \"\n                     colspan=\"2\"  rowspan=\"1\"                     data-cell-id=\"A1\"\n                    data-col-index=\"0\"\n                    data-row-index=\"0\"\n                    style=\" width:100%;                    padding:10px;\n                    \"\n                    >\n                                        ANY.RUN\u2019s Interactive Sandbox & Tier 1 Reports\u00a0\u00a0                    <\/th>\n                                                    <\/tr>\n                    <tbody>        <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell wpdt-bold\"\n                                            data-cell-id=\"A2\"\n                    data-col-index=\"0\"\n                    data-row-index=\"1\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Operational\u00a0Impact\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-bold\"\n                                            data-cell-id=\"B2\"\n                    data-col-index=\"1\"\n                    data-row-index=\"1\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Business\u00a0Impact\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"A3\"\n                    data-col-index=\"0\"\n                    data-row-index=\"2\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Reduced friction during handoffs\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"B3\"\n                    data-col-index=\"1\"\n                    data-row-index=\"2\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Better\u00a0collaboration\u00a0between teams\u00a0\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"A4\"\n                    data-col-index=\"0\"\n                    data-row-index=\"3\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        No context lost in the process\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"B4\"\n                    data-col-index=\"1\"\n                    data-row-index=\"3\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Full visibility for\u00a0decision-makers\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"A5\"\n                    data-col-index=\"0\"\n                    data-row-index=\"4\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Accelerated investigation pipeline\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"B5\"\n                    data-col-index=\"1\"\n                    data-row-index=\"4\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Optimized operations across tiers\u00a0\u00a0                    <\/td>\n                                        <\/tr>\n                    <\/table>\n<\/div><style id='wpdt-custom-style-316'>\ntable#wpdtSimpleTable-316{ table-layout: fixed !important; }\ntable#wpdtSimpleTable-316 td, table.wpdtSimpleTable316 th { white-space: normal !important; }\n.wpdt-bc-BEE9FD { background-color: #BEE9FD !important;}\n.wpdt-tc-000000 { color: #000000 !important;}\n<\/style>\n\n\n\n\n<h3 class=\"wp-block-heading\">Use Case&nbsp;#3:&nbsp;Immediate Clarity for&nbsp;Decision-Makers&nbsp;<\/h3>\n\n\n\n<p>SOC managers, Heads of SOC,&nbsp;and&nbsp;CISOs&nbsp;don\u2019t&nbsp;have time to review every technical artifact associated with an incident.&nbsp;Traditional&nbsp;reports may&nbsp;contain&nbsp;too many&nbsp;low-level&nbsp;details,&nbsp;whereas&nbsp;security leaders must assess&nbsp;the&nbsp;general&nbsp;business impact&nbsp;and&nbsp;urgency of a&nbsp;threat.&nbsp;<\/p>\n\n\n\n<p>ANY.RUN\u2019s Interactive Sandbox&nbsp;optimizes&nbsp;the&nbsp;hand-off&nbsp;workflow with a&nbsp;concise overview of the analysis in operational language suitable for leadership.&nbsp;<\/p>\n\n\n\n<p>With AI Summary as part of the structure, the report explains what happened, why the object is malicious, which&nbsp;assets&nbsp;or systems&nbsp;may be&nbsp;at risk.&nbsp;&nbsp;<\/p>\n\n\n\n<p>As a result, analysis outputs become standardized&nbsp;and&nbsp;practical,&nbsp;making&nbsp;them&nbsp;immediately&nbsp;usable for decision-making&nbsp;and&nbsp;internal communication.&nbsp;<\/p>\n\n\n\n<div class=\"wpdt-c row wpDataTableContainerSimpleTable wpDataTables wpDataTablesWrapper\n\"\n    >\n        <table id=\"wpdtSimpleTable-315\"\n           style=\"border-collapse:collapse;\n                   border-spacing:0px;\"\n           class=\"wpdtSimpleTable wpDataTable\"\n           data-column=\"2\"\n           data-rows=\"5\"\n           data-wpID=\"315\"\n           data-responsive=\"0\"\n           data-has-header=\"1\">\n\n                    <thead>        <tr class=\"wpdt-cell-row \" >\n                                <th class=\"wpdt-cell wpdt-bc-BEE9FD wpdt-tc-000000 wpdt-bold wpdt-merged-cell \"\n                     colspan=\"2\"  rowspan=\"1\"                     data-cell-id=\"A1\"\n                    data-col-index=\"0\"\n                    data-row-index=\"0\"\n                    style=\" width:100%;                    padding:10px;\n                    \"\n                    >\n                                        ANY.RUN\u2019s Interactive Sandbox & Tier 1 Reports\u00a0\u00a0                    <\/th>\n                                                    <\/tr>\n                    <tbody>        <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell wpdt-bold\"\n                                            data-cell-id=\"A2\"\n                    data-col-index=\"0\"\n                    data-row-index=\"1\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Operational\u00a0Impact\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell wpdt-bold\"\n                                            data-cell-id=\"B2\"\n                    data-col-index=\"1\"\n                    data-row-index=\"1\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Business\u00a0Impact\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"A3\"\n                    data-col-index=\"0\"\n                    data-row-index=\"2\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Faster\u00a0incident\u00a0understanding\u00a0\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"B3\"\n                    data-col-index=\"1\"\n                    data-row-index=\"2\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Better executive visibility\u00a0\n\u00a0\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"A4\"\n                    data-col-index=\"0\"\n                    data-row-index=\"3\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Easier communication between teams\u00a0\u00a0\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"B4\"\n                    data-col-index=\"1\"\n                    data-row-index=\"3\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Faster\u00a0prioritization through clarity\u00a0                    <\/td>\n                                        <\/tr>\n                            <tr class=\"wpdt-cell-row \" >\n                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"A5\"\n                    data-col-index=\"0\"\n                    data-row-index=\"4\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Consistent\u00a0incident\u00a0documentation\u00a0                    <\/td>\n                                                <td class=\"wpdt-cell \"\n                                            data-cell-id=\"B5\"\n                    data-col-index=\"1\"\n                    data-row-index=\"4\"\n                    style=\"                    padding:10px;\n                    \"\n                    >\n                                        Stronger operational governance\u00a0                    <\/td>\n                                        <\/tr>\n                    <\/table>\n<\/div><style id='wpdt-custom-style-315'>\ntable#wpdtSimpleTable-315{ table-layout: fixed !important; }\ntable#wpdtSimpleTable-315 td, table.wpdtSimpleTable315 th { white-space: normal !important; }\n.wpdt-bc-BEE9FD { background-color: #BEE9FD !important;}\n.wpdt-tc-000000 { color: #000000 !important;}\n<\/style>\n\n\n\n\n<h2 class=\"wp-block-heading\">Hands-On Case: Generating a Response-Ready Report on&nbsp;a&nbsp;Phishing&nbsp;Attack&nbsp;<\/h2>\n\n\n\n<p><a href=\"https:\/\/app.any.run\/tasks\/2763d751-0061-4d05-b599-172d63ff6854?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=soc_ready_reporting &amp;utm_term=130526&amp;utm_content=linktoservice\" target=\"_blank\" rel=\"noreferrer noopener\">View analysis<\/a>&nbsp;<\/p>\n\n\n\n<p>In this&nbsp;phishing investigation, the&nbsp;Tier 1 report&nbsp;provides a clear, operational overview of the&nbsp;entire attack chain, helping&nbsp;both&nbsp;analysts&nbsp;and&nbsp;leadership&nbsp;quickly understand&nbsp;the&nbsp;threat&nbsp;severity&nbsp;and&nbsp;required&nbsp;response actions.&nbsp;<\/p>\n\n\n\n<p>AI Summary further structures the findings into operationally relevant context suitable for&nbsp;triage, escalation,&nbsp;and&nbsp;internal communication:&nbsp;<\/p>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"685\" src=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.31-1024x685.png\" alt=\"\" class=\"wp-image-20832\" srcset=\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.31-1024x685.png 1024w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.31-300x201.png 300w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.31-768x514.png 768w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.31-1536x1027.png 1536w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.31-370x247.png 370w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.31-270x181.png 270w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.31-740x495.png 740w, https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2026\/05\/Screenshot-2026-05-12-at-13.53.31.png 1890w\" sizes=\"(max-width: 1024px) 100vw, 1024px\" \/><figcaption class=\"wp-element-caption\"><em>AI Summary providing a clear, structured overview of the threat<\/em>&nbsp;<\/figcaption><\/figure><\/div>\n\n\n<p>The&nbsp;AI&nbsp;summary highlights the&nbsp;detection of a&nbsp;<a href=\"https:\/\/any.run\/cybersecurity-blog\/macos-clickfix-amos-attack\/\" target=\"_blank\" rel=\"noreferrer noopener\">ClickFix<\/a>&nbsp;phishing technique, followed by PowerShell execution with Execution Policy bypass attempts used to launch malicious activity on the host. It also outlines payload delivery behavior,&nbsp;subsequent&nbsp;system modifications,&nbsp;and&nbsp;persistence attempts through Windows Registry changes.&nbsp;<\/p>\n\n\n\n<p>Instead of manually reconstructing the attack flow from raw sandbox telemetry, analysts receive a ready-to-use interpretation of the incident&nbsp;that can&nbsp;immediately&nbsp;support escalation&nbsp;and&nbsp;response&nbsp;workflows.&nbsp;<\/p>\n\n\n\n<p>The complete attack chain, behavioral indicators,&nbsp;and&nbsp;resulting conclusions are already structured for operational use&nbsp;and&nbsp;are ready for further processing: escalation, IR hand-off,&nbsp;and&nbsp;containment.&nbsp;<\/p>\n\n\n\n<!-- Regular Banner START -->\n<div class=\"regular-banner\">\n<!-- Text Content -->\n<p class=\"regular-banner__text\">\nTurn sandbox analysis into confident\u00a0SOC decisions<br>\n\nwith <span class=\"highlight\">interactive investigations\u00a0<\/span>and\u00a0<span class=\"highlight\">refined reporting<\/span>\n\n<\/p>\n<!-- CTA Link -->\n<a class=\"regular-banner__link\" id=\"article-banner-regular\" href=\"https:\/\/any.run\/enterprise\/?utm_source=anyrunblog&#038;utm_medium=article&#038;utm_campaign=soc_ready_reporting&#038;utm_term=130526&#038;utm_content=linktoenterprise#contact-sales\" rel=\"noopener\" target=\"_blank\">\nPower Your SOC with ANY.RUN<\/a>\n<\/div>\n<!-- Regular Banner END -->\n<!-- Regular Banner Styles START -->\n\n<style>\n.regular-banner {\ndisplay: flex;\ntext-align: center;\nflex-direction: column;\nalign-items: center;\ngap: 1.5rem;\nwidth: 100%;\npadding: 2rem;\nmargin: 1.5rem 0;\nborder-radius: 0.5rem;\nfont-family: 'Catamaran Bold';\nmargin-inline: auto;\nbackground: rgba(32, 168, 241, 0.1);\nborder: 1px solid rgba(75, 174, 227, 0.32);\n}\n\n.regular-banner__text {\nfont-size: 1.5rem;\nmargin: 0;\n}\n\n.highlight {\ncolor: #ea2526;\n}\n\n.regular-banner__link {\npadding: 0.5rem 1.5rem;\nfont-weight: 500;\ntext-decoration: none;\nborder-radius: 0.5rem;\ncolor: #FFFFFF;\nbackground-color: #1491D4;\ntext-align: center;\ntransition: all 0.2s ease-in;\n}\n\n.regular-banner__link:hover {\nbackground-color: #68CBFF;\ncolor: white;\n}\n<\/style>\n<!-- Regular Banner Styles END -->\n\n\n\n<h2 class=\"wp-block-heading\">From Analysis to Action:&nbsp;Faster&nbsp;Escalations, Response,&nbsp;and&nbsp;Reporting&nbsp;<\/h2>\n\n\n\n<p>The new Tier 1 reports&nbsp;featuring&nbsp;AI Summary deliver direct operational value across the SOC:&nbsp;<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Faster&nbsp;Triage<\/strong>: Tier 1 analysts can quickly understand&nbsp;the nature of the threat&nbsp;and&nbsp;make confident&nbsp;decisions on whether to close or escalate&nbsp;alerts.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Streamlined Escalation Process<\/strong>: Tier 2&nbsp;and&nbsp;IR teams receive well-structured context instead of raw data, reducing handoff time&nbsp;and&nbsp;miscommunication.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Accelerated Incident&nbsp;Response<\/strong>: Teams gain rapid visibility into attack behavior,&nbsp;helping reduce Mean Time to Respond (MTTR).&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>Improved Internal Reporting<\/strong>: SOC managers&nbsp;and&nbsp;CISOs get consistent, professional summaries that are easy to read&nbsp;and&nbsp;share with stakeholders.&nbsp;<\/li>\n<\/ul>\n\n\n\n<ul class=\"wp-block-list\">\n<li><strong>More Consistent&nbsp;Performance<\/strong>: Standardized reports reduce quality variation between analysts&nbsp;and&nbsp;lower the risk of human error.&nbsp;<\/li>\n<\/ul>\n\n\n\n<p>Unlimited access is available for&nbsp;Enterprise Suite&nbsp;and&nbsp;Hunter plans. Free plan users have a shared limit of 5 generations for both the Tier 1 report&nbsp;and&nbsp;AI Summary.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">Conclusion&nbsp;<\/h2>\n\n\n\n<p>ANY.RUN\u2019s new Tier 1 reports&nbsp;and&nbsp;AI Summary convert sandbox analysis outputs into structured, operationally ready documents that support every stage of the incident&nbsp;lifecycle, from&nbsp;initial&nbsp;triage to executive visibility.&nbsp;<\/p>\n\n\n\n<p>Embedding Interactive Sandbox directly into a SOC&nbsp;workflow&nbsp;strengthens&nbsp;overall security operations maturity by allowing for&nbsp;faster&nbsp;and&nbsp;more confident&nbsp;decision-making across processes.&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">About ANY.RUN&nbsp;<\/h2>\n\n\n\n<p><a href=\"https:\/\/any.run\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=soc_ready_reporting&amp;utm_term=130526&amp;utm_content=linktolanding\" target=\"_blank\" rel=\"noreferrer noopener\">ANY.RUN<\/a>&nbsp;delivers cybersecurity solutions designed to support real-world SOC operations. They&nbsp;help&nbsp;security teams understand&nbsp;threats&nbsp;faster, make informed decisions,&nbsp;and&nbsp;operationalize threat intelligence across&nbsp;detection, investigation,&nbsp;and&nbsp;response&nbsp;workflows.&nbsp;<\/p>\n\n\n\n<p>The&nbsp;company\u2019s solutions include&nbsp;<a href=\"https:\/\/any.run\/features\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=soc_ready_reporting&amp;utm_term=130526&amp;utm_content=linktosandboxlanding\" target=\"_blank\" rel=\"noreferrer noopener\">Interactive Sandbox<\/a>&nbsp;for&nbsp;enterprise-grade malware analysis, as well as ANY.RUN\u2019s Threat Intelligence with its modules&nbsp;<a href=\"https:\/\/any.run\/threat-intelligence-lookup\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=soc_ready_reporting&amp;utm_term=130526&amp;utm_content=linktotilookuplanding\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence Lookup<\/a>&nbsp;and&nbsp;<a href=\"https:\/\/any.run\/threat-intelligence-feeds\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=soc_ready_reporting&amp;utm_term=130526&amp;utm_content=linktotifeedslanding\" target=\"_blank\" rel=\"noreferrer noopener\">Threat Intelligence Feeds,<\/a>&nbsp;providing continuously updated intelligence based on live attack analysis.&nbsp;<\/p>\n\n\n\n<p>Used by over 15,000 organizations&nbsp;and&nbsp;600,000 security professionals&nbsp;worldwide, ANY.RUN is&nbsp;<a href=\"https:\/\/any.run\/compliance\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=soc_ready_reporting&amp;utm_term=130526&amp;utm_content=linktocompliance\" target=\"_blank\" rel=\"noreferrer noopener\">SOC 2 Type II certified,<\/a>&nbsp;ensuring strong security controls&nbsp;and&nbsp;protection of customer data.&nbsp;<\/p>\n\n\n\n<p><a href=\"https:\/\/any.run\/enterprise\/?utm_source=anyrunblog&amp;utm_medium=article&amp;utm_campaign=soc-ready-reporting&amp;utm_term=130526&amp;utm_content=linktoenterprise#contact-sales\" target=\"_blank\" rel=\"noreferrer noopener\">Request access to ANY.RUN\u2019s solutions \u2192<\/a>&nbsp;&nbsp;<\/p>\n\n\n\n<h2 class=\"wp-block-heading\">FAQ&nbsp;<\/h2>\n\n\n\n<div class=\"schema-faq wp-block-yoast-faq-block\"><div class=\"schema-faq-section\" id=\"faq-question-1778658461932\"><strong class=\"schema-faq-question\">What\u00a0are\u00a0SOC-ready reports in ANY.RUN?\u00a0<\/strong> <p class=\"schema-faq-answer\">SOC-ready reports are sandbox analysis summaries that provide operational context for\u00a0faster\u00a0triage, escalation, incident\u00a0response,\u00a0and\u00a0internal reporting.\u00a0<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1778658466921\"><strong class=\"schema-faq-question\">Are Tier 1 reports\u00a0designed\u00a0only for Tier 1 analysts?\u00a0<\/strong> <p class=\"schema-faq-answer\">No. While Tier 1 reports are designed to accelerate initial\u00a0triage, they also support Tier 2, Tier 3, incident\u00a0response teams, SOC managers,\u00a0and\u00a0CISOs by providing structured operational context, standardized reporting,\u00a0and\u00a0fast visibility into threat severity\u00a0and\u00a0business impact.\u00a0<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1778658471305\"><strong class=\"schema-faq-question\">What is included in ANY.RUN Tier 1 reports?\u00a0<\/strong> <p class=\"schema-faq-answer\">Tier 1 reports include a threat verdict, AI Summary,\u00a0MITRE ATT&amp;CK mapping, behavioral indicators,\u00a0and\u00a0IOCs generated directly from Interactive Sandbox analysis.\u00a0<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1778658476040\"><strong class=\"schema-faq-question\">How does AI Summary improve incident\u00a0response?\u00a0<\/strong> <p class=\"schema-faq-answer\">AI Summary converts technical sandbox findings into concise operational explanations that help analysts\u00a0and\u00a0decision-makers quickly assess threat severity,\u00a0business impact,\u00a0and\u00a0required\u00a0response actions.\u00a0<\/p> <\/div> <div class=\"schema-faq-section\" id=\"faq-question-1778658481726\"><strong class=\"schema-faq-question\">Can ANY.RUN reports support SOC\u00a0and\u00a0MDR\u00a0workflows?\u00a0<\/strong> <p class=\"schema-faq-answer\">Yes. ANY.RUN\u2019s SOC-ready reporting helps standardize\u00a0triage, escalation,\u00a0and\u00a0investigation\u00a0workflows across internal SOC, MDR,\u00a0and\u00a0MSSP teams.\u00a0<\/p> <\/div> <\/div>\n\n\n\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Successful SOC operations&nbsp;require&nbsp;more than&nbsp;accurate&nbsp;detections.&nbsp;Instant access to context, clear conclusions,&nbsp;and&nbsp;operationally relevant insights allow incidents to move&nbsp;across&nbsp;workflows&nbsp;without delays:&nbsp; Making ANY.RUN\u2019s Interactive Sandbox a part of your standard SOC workflow helps eliminate bottlenecks that occur along the incident lifecycle by contributing to the optimization of each process, decision, and report. SOC-ready Tier 1 reports turn&nbsp;complex sandboxing&nbsp;analysis into&nbsp;structured, decision-ready&nbsp;intelligence&nbsp;for&nbsp;faster, [&hellip;]<\/p>\n","protected":false},"author":2,"featured_media":20845,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[9],"tags":[57,10,34],"class_list":["post-20818","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-service-updates","tag-anyrun","tag-cybersecurity","tag-malware-analysis"],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v20.10 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>SOC-Ready Reports for\u00a0Faster\u00a0Investigations by ANY.RUN<\/title>\n<meta name=\"description\" content=\"Improve operational continuity across tiers\u00a0and\u00a0processes with new Tier 1 reports within ANY.RUN\u2019s Interactive Sandbox.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"ANY.RUN\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/\"},\"author\":{\"name\":\"ANY.RUN\",\"@id\":\"https:\/\/any.run\/\"},\"headline\":\"New SOC-Ready Reporting for\u00a0Faster\u00a0Triage, Escalation,\u00a0and\u00a0Incident\u00a0Response with ANY.RUN\u00a0\",\"datePublished\":\"2026-05-13T08:02:03+00:00\",\"dateModified\":\"2026-05-13T10:47:03+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/\"},\"wordCount\":1842,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"keywords\":[\"ANYRUN\",\"cybersecurity\",\"malware analysis\"],\"articleSection\":[\"Service Updates\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#respond\"]}]},{\"@type\":[\"WebPage\",\"FAQPage\"],\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/\",\"name\":\"SOC-Ready Reports for\u00a0Faster\u00a0Investigations by ANY.RUN\",\"isPartOf\":{\"@id\":\"https:\/\/any.run\/\"},\"datePublished\":\"2026-05-13T08:02:03+00:00\",\"dateModified\":\"2026-05-13T10:47:03+00:00\",\"description\":\"Improve operational continuity across tiers\u00a0and\u00a0processes with new Tier 1 reports within ANY.RUN\u2019s Interactive Sandbox.\",\"breadcrumb\":{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#breadcrumb\"},\"mainEntity\":[{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658461932\"},{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658466921\"},{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658471305\"},{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658476040\"},{\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658481726\"}],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Service Updates\",\"item\":\"https:\/\/any.run\/cybersecurity-blog\/category\/service-updates\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"New SOC-Ready Reporting for\u00a0Faster\u00a0Triage, Escalation,\u00a0and\u00a0Incident\u00a0Response with ANY.RUN\u00a0\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN&#039;s Cybersecurity Blog\",\"description\":\"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.\",\"publisher\":{\"@id\":\"https:\/\/any.run\/\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/any.run\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"url\":\"https:\/\/any.run\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"contentUrl\":\"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg\",\"width\":1,\"height\":1,\"caption\":\"ANY.RUN\"},\"image\":{\"@id\":\"https:\/\/any.run\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/www.any.run\/\",\"https:\/\/twitter.com\/anyrun_app\",\"https:\/\/www.linkedin.com\/company\/30692044\",\"https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/any.run\/\",\"name\":\"ANY.RUN\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/any.run\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g\",\"caption\":\"ANY.RUN\"},\"url\":\"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658461932\",\"position\":1,\"url\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658461932\",\"name\":\"What\u00a0are\u00a0SOC-ready reports in ANY.RUN?\u00a0\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"SOC-ready reports are sandbox analysis summaries that provide operational context for\u00a0faster\u00a0triage, escalation, incident\u00a0response,\u00a0and\u00a0internal reporting.\u00a0\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658466921\",\"position\":2,\"url\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658466921\",\"name\":\"Are Tier 1 reports\u00a0designed\u00a0only for Tier 1 analysts?\u00a0\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"No. While Tier 1 reports are designed to accelerate initial\u00a0triage, they also support Tier 2, Tier 3, incident\u00a0response teams, SOC managers,\u00a0and\u00a0CISOs by providing structured operational context, standardized reporting,\u00a0and\u00a0fast visibility into threat severity\u00a0and\u00a0business impact.\u00a0\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658471305\",\"position\":3,\"url\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658471305\",\"name\":\"What is included in ANY.RUN Tier 1 reports?\u00a0\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Tier 1 reports include a threat verdict, AI Summary,\u00a0MITRE ATT&amp;CK mapping, behavioral indicators,\u00a0and\u00a0IOCs generated directly from Interactive Sandbox analysis.\u00a0\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658476040\",\"position\":4,\"url\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658476040\",\"name\":\"How does AI Summary improve incident\u00a0response?\u00a0\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"AI Summary converts technical sandbox findings into concise operational explanations that help analysts\u00a0and\u00a0decision-makers quickly assess threat severity,\u00a0business impact,\u00a0and\u00a0required\u00a0response actions.\u00a0\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"},{\"@type\":\"Question\",\"@id\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658481726\",\"position\":5,\"url\":\"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658481726\",\"name\":\"Can ANY.RUN reports support SOC\u00a0and\u00a0MDR\u00a0workflows?\u00a0\",\"answerCount\":1,\"acceptedAnswer\":{\"@type\":\"Answer\",\"text\":\"Yes. ANY.RUN\u2019s SOC-ready reporting helps standardize\u00a0triage, escalation,\u00a0and\u00a0investigation\u00a0workflows across internal SOC, MDR,\u00a0and\u00a0MSSP teams.\u00a0\",\"inLanguage\":\"en-US\"},\"inLanguage\":\"en-US\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"SOC-Ready Reports for\u00a0Faster\u00a0Investigations by ANY.RUN","description":"Improve operational continuity across tiers\u00a0and\u00a0processes with new Tier 1 reports within ANY.RUN\u2019s Interactive Sandbox.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/","twitter_misc":{"Written by":"ANY.RUN","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#article","isPartOf":{"@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/"},"author":{"name":"ANY.RUN","@id":"https:\/\/any.run\/"},"headline":"New SOC-Ready Reporting for\u00a0Faster\u00a0Triage, Escalation,\u00a0and\u00a0Incident\u00a0Response with ANY.RUN\u00a0","datePublished":"2026-05-13T08:02:03+00:00","dateModified":"2026-05-13T10:47:03+00:00","mainEntityOfPage":{"@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/"},"wordCount":1842,"commentCount":0,"publisher":{"@id":"https:\/\/any.run\/"},"keywords":["ANYRUN","cybersecurity","malware analysis"],"articleSection":["Service Updates"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#respond"]}]},{"@type":["WebPage","FAQPage"],"@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/","url":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/","name":"SOC-Ready Reports for\u00a0Faster\u00a0Investigations by ANY.RUN","isPartOf":{"@id":"https:\/\/any.run\/"},"datePublished":"2026-05-13T08:02:03+00:00","dateModified":"2026-05-13T10:47:03+00:00","description":"Improve operational continuity across tiers\u00a0and\u00a0processes with new Tier 1 reports within ANY.RUN\u2019s Interactive Sandbox.","breadcrumb":{"@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#breadcrumb"},"mainEntity":[{"@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658461932"},{"@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658466921"},{"@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658471305"},{"@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658476040"},{"@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658481726"}],"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/any.run\/cybersecurity-blog\/"},{"@type":"ListItem","position":2,"name":"Service Updates","item":"https:\/\/any.run\/cybersecurity-blog\/category\/service-updates\/"},{"@type":"ListItem","position":3,"name":"New SOC-Ready Reporting for\u00a0Faster\u00a0Triage, Escalation,\u00a0and\u00a0Incident\u00a0Response with ANY.RUN\u00a0"}]},{"@type":"WebSite","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/","name":"ANY.RUN&#039;s Cybersecurity Blog","description":"Cybersecurity Blog covers topics for experienced professionals as well as for those new to it.","publisher":{"@id":"https:\/\/any.run\/"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/any.run\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/any.run\/","name":"ANY.RUN","url":"https:\/\/any.run\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","contentUrl":"https:\/\/any.run\/cybersecurity-blog\/wp-content\/uploads\/2020\/08\/ANYRUN-Icon.svg","width":1,"height":1,"caption":"ANY.RUN"},"image":{"@id":"https:\/\/any.run\/"},"sameAs":["https:\/\/www.facebook.com\/www.any.run\/","https:\/\/twitter.com\/anyrun_app","https:\/\/www.linkedin.com\/company\/30692044","https:\/\/www.youtube.com\/channel\/UCOgCPho7lzmH7m6fPNlukrQ"]},{"@type":"Person","@id":"https:\/\/any.run\/","name":"ANY.RUN","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/any.run\/","url":"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/c4ce3a6c672056b4a8cd6b0110782215?s=96&d=mm&r=g","caption":"ANY.RUN"},"url":"https:\/\/any.run\/cybersecurity-blog\/author\/a-bespalova\/"},{"@type":"Question","@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658461932","position":1,"url":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658461932","name":"What\u00a0are\u00a0SOC-ready reports in ANY.RUN?\u00a0","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"SOC-ready reports are sandbox analysis summaries that provide operational context for\u00a0faster\u00a0triage, escalation, incident\u00a0response,\u00a0and\u00a0internal reporting.\u00a0","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658466921","position":2,"url":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658466921","name":"Are Tier 1 reports\u00a0designed\u00a0only for Tier 1 analysts?\u00a0","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"No. While Tier 1 reports are designed to accelerate initial\u00a0triage, they also support Tier 2, Tier 3, incident\u00a0response teams, SOC managers,\u00a0and\u00a0CISOs by providing structured operational context, standardized reporting,\u00a0and\u00a0fast visibility into threat severity\u00a0and\u00a0business impact.\u00a0","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658471305","position":3,"url":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658471305","name":"What is included in ANY.RUN Tier 1 reports?\u00a0","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Tier 1 reports include a threat verdict, AI Summary,\u00a0MITRE ATT&amp;CK mapping, behavioral indicators,\u00a0and\u00a0IOCs generated directly from Interactive Sandbox analysis.\u00a0","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658476040","position":4,"url":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658476040","name":"How does AI Summary improve incident\u00a0response?\u00a0","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"AI Summary converts technical sandbox findings into concise operational explanations that help analysts\u00a0and\u00a0decision-makers quickly assess threat severity,\u00a0business impact,\u00a0and\u00a0required\u00a0response actions.\u00a0","inLanguage":"en-US"},"inLanguage":"en-US"},{"@type":"Question","@id":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658481726","position":5,"url":"https:\/\/any.run\/cybersecurity-blog\/soc-ready-reporting\/#faq-question-1778658481726","name":"Can ANY.RUN reports support SOC\u00a0and\u00a0MDR\u00a0workflows?\u00a0","answerCount":1,"acceptedAnswer":{"@type":"Answer","text":"Yes. ANY.RUN\u2019s SOC-ready reporting helps standardize\u00a0triage, escalation,\u00a0and\u00a0investigation\u00a0workflows across internal SOC, MDR,\u00a0and\u00a0MSSP teams.\u00a0","inLanguage":"en-US"},"inLanguage":"en-US"}]}},"_links":{"self":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/20818"}],"collection":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/comments?post=20818"}],"version-history":[{"count":20,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/20818\/revisions"}],"predecessor-version":[{"id":20851,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/posts\/20818\/revisions\/20851"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media\/20845"}],"wp:attachment":[{"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/media?parent=20818"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/categories?post=20818"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/any.run\/cybersecurity-blog\/wp-json\/wp\/v2\/tags?post=20818"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}