-
Feb 16th, 2021
Threat Hunting Use Case (Video): Sunburst Malware
The SolarWinds attack, disclosed by security firm FireEye and Microsoft in December, may have breached as many as 18,000 government and private sector organizations. It has been characterized as the l
-
Feb 11th, 2021
Improving Upon The FAIR Standard’s Time-to-Value
The Factor Analysis of Information Risk (FAIR) is the de facto standard quantitative model for information security and operational risk. And while FAIR continues to have a positive impact on how secu
-
Feb 8th, 2021
ThreatConnect and Malwarebytes Nebula: Make Your Cloud-Based EDR SOAR
ThreatConnect is pleased to deliver a Playbook app for joint customers to leverage Malwarebytes Nebula. Malwarebytes Nebula is a cloud-hosted security operations platform that allows you to manage con
-
Feb 4th, 2021
Communicating Risk, Threat, Response to the C-Suite & Board
The Wannacry ransomware attack made 2017 one of the worst years for cybersecurity in recent memory, incapacitating hundreds of thousands of computers in 150 countries and causing billions of dollars i
-
Feb 4th, 2021
Key Functionalities of a Modern Cyber Threat Intelligence Program
More and more organizations, both large and small, are beginning to realize the benefits of creating a cyber threat intelligence (CTI) program. In fact, 85 percent of the organizations surveyed in the
-
Jan 29th, 2021
ThreatConnect and ANY.RUN – Better Malware Analysis
ThreatConnect and ANY.RUN have partnered to deliver a Playbook App for joint customers to leverage. With the addition of this Playbook App, you will be able to submit files to ANY.RUN for sandboxing a
-
Jan 28th, 2021
ThreatConnect and Slack: Streamline Investigative Team Collaboration
ThreatConnect has revamped our existing integration with Slack by leveraging their latest APIs and Authentication, doing this allows us to include a ton more functionality. With Playbooks, you can aut
-
Jan 27th, 2021
CrimsonIAS: Listening for an 3v1l User
Executive Summary CrimsonIAS is a Delphi-written backdoor dating back to at least 2017 that enables operators to run command line tools, exfiltrate files, and upload files to the infected machine. Cri
-
Jan 25th, 2021
TIP & SOAR: Creating Increased Capability For Less Mature Teams
Building a threat intelligence-led security program with security orchestration, automation, and response (SOAR) capabilities helps to advance your program and gives your company or agency a fighting
-
Jan 21st, 2021
ThreatConnect and AlienLabs OTX: Give Your Investigations Community Support
ThreatConnect is pleased to deliver a Playbook App for joint customers to leverage AT&T AlienLabs OTX. With this app, you can query Alien Labs OTX for enrichment information on various indicators
-
Jan 20th, 2021
Beyond Information Sharing: DHS Begins Cyber Risk Quantification Push
The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new cybersecurity effort to develop actionable metrics and quantify cyber risk across the nation’s critical infrastructure
-
Jan 18th, 2021
SOAR: Proactive Threat Hunting (Part 2)
There are many definitions for Threat hunting from an active cyber defense activity that proactively and iteratively searches through networks to detect and isolate advanced threats that evade existin