Read insights, thought leadership, and platform updates.

Modern financial threats don’t respect boundaries. Inside a large UK bank’s journey to integrate intelligence and streamline response. I recently sat down with a top security intelligence analyst at one of the UK’s largest banks to talk about how they’re reshaping their intelligence program with ThreatConnect. What follows is their story, in their own words, […]

The attack surface is expanding, burnout is climbing, and executive–security alignment is nigh. The Intel Hub turns that alignment into action. For years, cybersecurity teams have fought an asymmetric battle. Threat actors only need to succeed once. Defenders must succeed every time. But the rules of this game have changed – and the gap between […]

It began, as many mysteries do, with a statement of defeat. “There’s no way we could have prevented this.” Baskerville Bank had just suffered a crippling ransomware attack. Production systems were encrypted. The customer portal was dark for 12 hours. Operational disruptions cost over $3.2M, not counting the inevitable PR fallout, legal action, and suspected […]

Every Black Hat is a bit of a mirror. It shows you the state of the industry, sure — but if you’re paying attention, it also reflects where you are as a practitioner and a company that’s been doing this long enough to notice the small changes. This year’s reflection? The hype is settling. Conversations […]

Security operations centers (SOCs) are burning out. And no, more pizza parties won’t fix it. According to the latest SANS SOC Survey, a staggering 84% of security professionals report feeling burned out. Nearly 70% say that relentless alert volumes are bleeding into their personal lives. Meanwhile, the cybersecurity workforce gap has grown 19% in the […]

Typosquatting is a sneaky tactic where bad actors register misspelled versions of popular domain names—think amazn.com instead of amazon.com—to hijack traffic, mislead users, or even steal personal information. Every mistyped domain or accidental click that lands on a fake site instead of yours is a potential risk. In today’s threat landscape, protecting your brand means […]

The road to achieving FedRAMP Authorization is not an easy one. It’s a rigorous process that requires time, effort, and unwavering dedication to security and compliance. At ThreatConnect, we have recently announced that we have reached this milestone, a testament to our commitment to providing robust cybersecurity solutions that meet the highest government standards.  The […]

Great Alerts, Terrible Prioritization “He is gathering all evil to him. Very soon, he will summon an army great enough to launch an assault upon Middle-earth.” Sauron had a detection program. But like many security teams, it was overly focused on indicator-based detection. His Eye swept across Middle-earth with constant surveillance. His Ringwraiths were real-time […]

Earlier this year, the Trump administration signed an executive order dictating that state and local governments should play a more significant role in national resilience and preparedness—including for cyber attacks.  State and local agencies are the frontline of defense for much of the critical infrastructure that underlies our daily lives, such as our utilities, healthcare […]

Last October, MITRE released ATT&CK v16. In a blog post, the organization described its latest updates as a mission in balance, with the goal of “striking that perfect chord between familiar and pioneering to keep things real and actionable.”  While MITRE’s ATT&CK framework is a well-known and popular tool in cybersecurity circles, many teams still […]

As a cybersecurity vendor, I like to take a larger view of the market when it comes to the competition. Competitor or not, we’re all on the same side: fighting the good fight against attackers – and hopefully whatever solution is chosen by cybersecurity teams helps them stay ahead and maintain whatever advantage that vendor […]

You’re a CTI Analyst tasked with investigating a potential phishing campaign targeting your organization. An alert flags a suspicious email containing a URL that may be linked to a known threat actor. It would be best to determine the URL’s risk level, identify related indicators, and quickly distribute actionable intelligence to your security team. Toggling […]