Posts
-
Jun 14th, 2019
Playbook Fridays: CrowdStrike Snort Rules Ingest
This Playbook allows you — without writing code — to automate the ingestion of Snort rules into the ThreatConnect Platform A customer needed a short turnaround solution for bringing CrowdS
-
Jun 7th, 2019
Playbook Fridays: Indicator Status Updater Playbook Component
This Friday, we introduce a Playbook Component that allows you to change the status of an Indicator. An Indicator’s status classifies the Indicator as either active or inactive. An active status ind
-
May 21st, 2019
Good News! ThreatConnect’s CAL™ (Collective Analytics Layer) 2.1 is now live!
The new and improved CAL is now active in the ThreatConnect Platform! Have you heard of CAL? Yes, you have? Awesome! No, you haven’t? Well, to quickly explain, ThreatConnect’s CAL™ (Collective A
-
May 17th, 2019
Orchestrate Actions Based on Automating Phishing Email Analysis
Set up phishing and feed mailboxes for automated ingestion of indicators and phishing emails ThreatConnect allows users to setup phishing and feed mailboxes for automated ingestion of both indicators
-
May 4th, 2019
May the Force (of Partnerships) Be With You
What the Rebels Taught Me About Building Alliances To say that ThreatConnect has a “thing” for Star Wars would be putting it mildly. Whether it be our office decor, the names of our conference roo
-
Apr 26th, 2019
Introducing ThreatConnect’s Version 5.8
Showcasing the Platform’s increased user flexibility for creating Playbooks and expanded options for in-Platform application (App) building It’s here! Version 5.8 is here: ThreatConnect’s newest
-
Apr 19th, 2019
Playbook Fridays: Indicator Defanging
To avoid indicators of compromise becoming links to malicious content, “defang” them. If you’ve worked in the computer security industry for a while, you have probably seen a website, email, Sla
-
Apr 5th, 2019
Playbook Fridays: Deploying Yara Signature to Carbon Black CB Response
Rapidly deploy Yara rules that are associated to intel products within ThreatConnect out to CarbonBlack’s CB Response via their Yara Connector This Playbook allows analysts that are performing an in
-
Mar 26th, 2019
What Can CAL™ (Collective Analytics Layer) Do For You?
CAL™ has billions of data points that it can bring to bear to power its analytics—and we’re adding more every day It’s been two years since we announced CAL™ , our Collective Analytics Layer
-
Mar 22nd, 2019
Playbook Fridays: New ThreatConnect App for Splunk 3.1
Splunk Users Can Now Launch Playbooks Directly from Splunk With ThreatConnect App Updates Earlier this week, the latest ThreatConnect App for Splunk (v3.1) was released to Splunkbase. This release for
-
Mar 18th, 2019
Lights, Camera, Actionable Intelligence!
ThreatConnect Research builds out a network of domains and subdomains spoofing organizations related to the entertainment industry, most likely used in credential harvesting efforts. To be frank, if w
-
Mar 15th, 2019
Playbook Fridays: Human in the Loop Playbook Systems
When automating processes, you may run into situations where you need a human to be part of an automated process The whole goal of Playbooks is to make it easy to automate tasks so you can be faster,