ThreatConnect, Author at ThreatConnect

Apr 2nd, 2020

How to Build a Basic Workflow in ThreatConnect

From a Simple Notification Email to Threat-Bending Phishing Triage, This Is Your First Step ThreatConnect 6.0 introduces a brand new feature: Workflow. This capability lets you combine manual and auto

Mar 20th, 2020

7 Tips for Working from Home

Many of us are stuck at working from home due to COVID-19. These are very surreal times. For some of you (us), being at home trying to work might be a whole new world. Well, we’re here to help navig

Mar 19th, 2020

Special Playbook Fridays: COVID-19 Dashboard, Metrics, and Search

We’ve got options for how you can track activity related to Coronavirus / COVID-19 in the ThreatConnect Platform: 1. New System Dashboard – COVID-19 Related Activity The ThreatConnect Rese

Mar 17th, 2020

Automation Anxiety? Don’t Worry.

More efficient processes. Better staff utilization. Increased documentation of processes. These are just a few of the benefits of automation, yet organizations may be slow to adopt automation technolo

Mar 13th, 2020

Playbook Fridays: ATT&CK Tag Framework

This Component creates a uniform structure for ATT&CK tags which can then be leveraged to create TQL queries, dashboards, or even newer Playbooks. And, since this is a Component, it can be added t

Feb 21st, 2020

Playbook Fridays: dan.me TOR Full List with Details

This Playbook gets the listing of TOR nodes from dan.me website and parses all of the information into ThreatConnect for consumption. TOR is often used by malicious actors to conceal their identity an

Feb 10th, 2020

Introducing ThreatConnect’s New Learning Portal

New courses and our knowledge base are combined in one place We are very excited to introduce our new Learning Portal! Accessible to all of our registered users, this portal not only houses the cours

Jan 24th, 2020

Playbook Fridays: The Indicator Importer Spaces App

A Case Study in Using Playbooks with Spaces Apps How to use Playbooks to make spaces apps more effective You can find the Indicator Importer spaces app discussed in this post here. There are two goals

Dec 6th, 2019

Playbook Fridays: Leveraging ThreatConnect to Enrich Greynoise IOCs

Querying GreyNoise’s both free and paid APIs to retrieve insights on IOCs for alert triaging and filtering purposes Analysts get inundated with alerts from all sorts of activity; both targeted and a

Dec 4th, 2019

How to Choose the Right SOAR Platform: A Checklist

The great thing about SOAR is that, if deployed correctly, it gives your organization the platform required to implement an intelligence-driven security strategy. You can think of SOAR and how it’

Nov 25th, 2019

ThreatConnect and ServiceNow: More Integrations for Better Context

We’re strengthening our partnership with ServiceNow® by offering more robust integrations with the ServiceNow Orchestration and ServiceNow Security Operations products, as well as launching a new P

Nov 22nd, 2019

Playbook Fridays: Query Jira for Ticket Information

As someone in Customer Success for ThreatConnect, we are constantly asked to push the limits of our creativity for a customer. The Playbook below is the result of such a request. So without ado, I pre

Posts