Posts
-
May 18th, 2018
Playbook Fridays: How to Use ThreatConnect Playbooks to Manage Security APIs
Planning for APIs as part of your security architecture This is my first Playbook Friday blog post. I love the ones that the team creates and thought I would try my hand at one. That said, because I a
-
May 11th, 2018
ThreatConnect and the Rise of the Security Developer
Taking Your Team & Career to the Next Level with ThreatConnect’s GitHub Repositories Going to the Next Level with ThreatConnect’s GitHub Repositories When I walk the show floors at RSA
-
May 4th, 2018
Playbook Fridays: Forcing Active Directory (AD) Password Resets via ThreatConnect Victims
Leveraging the Active Directory and ThreatConnect integration to help automate security processes ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetiti
-
May 3rd, 2018
Introducing ThreatConnect’s Intel Report Cards
Providing insight into how certain feeds are performing within ThreatConnect As part of our latest release, we’ve introduced a new feature to help users better understand the intelligence they&#
-
May 3rd, 2018
Introducing ThreatConnect’s Intel Report Cards
Providing insight into how certain feeds are performing within ThreatConnect As part of our latest release, we’ve introduced a new feature to help users better understand the intelligence they&#
-
Apr 12th, 2018
The Power and Responsibility of Customer Data and Analytics
How ThreatConnect stores, uses, and protects customer data There has been a lot of recent news surrounding compromises in trust where companies purposefully or unintentionally misuse or allow others t
-
Apr 4th, 2018
Don’t Get Caught Up in the Hype of AI for Security
Don’t get caught up in the hype of artificial intelligence or machine learning. Does the product correlate and analyze alerts? When Nails are Exciting, Everyone Wants to Talk about Hammers…
-
Mar 16th, 2018
A Song of Intel and Fancy
A case study tracking adversary infrastructure through SSL certificate use featuring Fancy Bear/APT28/Sofacy. A long time ago, in a galaxy… No. Stop. We’re not doing that anymore. Instead,
-
Feb 9th, 2018
Query a Host or URL Indicator in Archive.org’s Wayback Machine
One-Click querying of the Wayback Machine See if a website has been archived in the Wayback Machine ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repeti
-
Jan 12th, 2018
Playbook Fridays: Using Playbooks to populate custom attributes
Create Custom Attribute Types and Validation Rules, then use Playbooks to populate them automatically I was working with a customer who wanted to use ThreatConnect’s Task and workflow features l
-
Jan 11th, 2018
Duping Doping Domains
Possible Fancy Bear Domains Spoofing Anti-Doping and Olympic Organizations Update – 1/19/18 We recently identified two additional domains — login-ukad[.]org[.]uk and adfs-ukad[.]org[.]uk &
-
Dec 28th, 2017
Please Do Not Feed the Phish
How to Avoid Phishing Attacks We’ve all heard the phishing attack stories that start with someone receiving an email that requests an urgent invoice review or password change, and ends with a da