Read insights, thought leadership, and platform updates.

Today, I’m excited to share important news: ThreatConnect is merging with Dataminr, a pioneer in AI-powered threat, risk, and event intelligence across physical, digital, and cyber domains. Dataminr leads the world in AI-native real-time threat intelligence, empowering organizations like yours with rapid collection, processing, and alerting capabilities. This combination lays the foundation to strengthen your […]

The newest release of TI Ops helps defenders cut through duplicate data, unify threat actor aliases, and focus on what matters most. Just like your favorite 7-Eleven is always open when you need that late-night snack or caffeine fix, ThreatConnect 7.11 is here to deliver cybersecurity convenience that never closes. The latest update stocks your […]

Cyber risk doesn’t wait until the next quarter. Neither should you. ThreatConnect RQ 9.0 let’s you keep up.  With the launch of Risk Quantifier 9.0, security and risk leaders finally have a way to see what’s at risk, what it costs, and what to fix, continuously. Powered by Continuous Controls Monitoring (CCM), RQ 9.0 keeps […]

AI Buzzwords vs. AI Breakthroughs Analysts read reports every day that hint at adversary behavior but stop short of mapping to MITRE ATT&CK. Valuable context is lost, and blind spots grow. At the same time, vendors promise “AI-powered” features, but too often, what’s under the hood is little more than regex rules, keyword matches, or […]

The Problem: When “Zero-Day” Means Everything and Nothing CTI Teams’ inbox and feeds overflow daily with mentions of “zero-day” vulnerabilities. Blogs, reports, vendor advisories, and social media all promise the next catastrophic exploit. But behind the scary headlines, there is a lot of noise, generic chatter, academic discussions, or even misplaced buzzwords. Meanwhile, attackers aren’t […]

The Advanced Persistent Talent series profiles ThreatConnect employees and explores how their work impacts products and offerings, how they got here, and their views on the industry at large. Want to know more about a particular team? Let us know! When you’re operating in a small organization, flexibility is key. It’s not enough to wear […]

The Digital Operational Resilience Act (DORA) is pushing companies across Europe to demonstrate something many have struggled with for years: measurable resilience. It’s no longer enough to check the compliance box or hand over a set of controls during an audit. Regulators want evidence that organizations can withstand, respond to, and recover from ICT disruptions. […]

Salt Typhoon—also known in industry and U.S. government reporting as OPERATOR PANDA, RedMike, UNC5807, or GhostEmperor — is a sophisticated, state-sponsored Chinese cyber-espionage group expected to operate under the Ministry of State Security. Active since at least 2019, Salt Typhoon has executed one of the most expansive and consequential global hacking campaigns in modern history. […]

Modern financial threats don’t respect boundaries. Inside a large UK bank’s journey to integrate intelligence and streamline response. I recently sat down with a top security intelligence analyst at one of the UK’s largest banks to talk about how they’re reshaping their intelligence program with ThreatConnect. What follows is their story, in their own words, […]

The attack surface is expanding, burnout is climbing, and executive–security alignment is nigh. The Intel Hub turns that alignment into action. For years, cybersecurity teams have fought an asymmetric battle. Threat actors only need to succeed once. Defenders must succeed every time. But the rules of this game have changed – and the gap between […]

As cybersecurity evolves – so do the tools designed to combat recurring problems that exist within. EDR replaced antivirus. MFA displaced passwords. XDR is basically SIEM dressed to impress. RBAC matured into PBAC/ABAC, and so on. Still, despite the tremendous progress with available security tools, today’s CISOs face increasing pressures to deliver clear and defensible […]

It began, as many mysteries do, with a statement of defeat. “There’s no way we could have prevented this.” Baskerville Bank had just suffered a crippling ransomware attack. Production systems were encrypted. The customer portal was dark for 12 hours. Operational disruptions cost over $3.2M, not counting the inevitable PR fallout, legal action, and suspected […]