diff --git a/salt/soc/files/soc/alerts.actions.json b/salt/soc/files/soc/alerts.actions.json
index c0543d8fc..558d10a36 100644
--- a/salt/soc/files/soc/alerts.actions.json
+++ b/salt/soc/files/soc/alerts.actions.json
@@ -18,6 +18,10 @@
               "/joblookup?esid={:soc_id}", 
               "/joblookup?ncid={:network.community_id}"
             ]},
+  { "name": "actionCyberChef", "description": "actionCyberChefHelp", "icon": "fas fa-bread-slice", "target": "_blank", 
+            "links": [
+              "/cyberchef/#input={value|base64}"
+            ]},
   { "name": "actionGoogle", "description": "actionGoogleHelp", "icon": "fab fa-google", "target": "_blank", 
             "links": [
               "https://www.google.com/search?q={value}"
@@ -26,4 +30,4 @@
             "links": [
               "https://www.virustotal.com/gui/search/{value}"
 					  ]}
-]
\ No newline at end of file
+]
diff --git a/salt/soc/files/soc/hunt.actions.json b/salt/soc/files/soc/hunt.actions.json
index c0543d8fc..558d10a36 100644
--- a/salt/soc/files/soc/hunt.actions.json
+++ b/salt/soc/files/soc/hunt.actions.json
@@ -18,6 +18,10 @@
               "/joblookup?esid={:soc_id}", 
               "/joblookup?ncid={:network.community_id}"
             ]},
+  { "name": "actionCyberChef", "description": "actionCyberChefHelp", "icon": "fas fa-bread-slice", "target": "_blank", 
+            "links": [
+              "/cyberchef/#input={value|base64}"
+            ]},
   { "name": "actionGoogle", "description": "actionGoogleHelp", "icon": "fab fa-google", "target": "_blank", 
             "links": [
               "https://www.google.com/search?q={value}"
@@ -26,4 +30,4 @@
             "links": [
               "https://www.virustotal.com/gui/search/{value}"
 					  ]}
-]
\ No newline at end of file
+]