Posts
-
May 4th, 2018
Playbook Fridays: Forcing Active Directory (AD) Password Resets via ThreatConnect Victims
Leveraging the Active Directory and ThreatConnect integration to help automate security processes ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetiti
-
May 3rd, 2018
Introducing ThreatConnect’s Intel Report Cards
Providing insight into how certain feeds are performing within ThreatConnect As part of our latest release, we’ve introduced a new feature to help users better understand the intelligence they
-
May 3rd, 2018
Introducing ThreatConnect’s Intel Report Cards
Providing insight into how certain feeds are performing within ThreatConnect As part of our latest release, we’ve introduced a new feature to help users better understand the intelligence they
-
Apr 12th, 2018
The Power and Responsibility of Customer Data and Analytics
How ThreatConnect stores, uses, and protects customer data There has been a lot of recent news surrounding compromises in trust where companies purposefully or unintentionally misuse or allow others t
-
Apr 4th, 2018
Don’t Get Caught Up in the Hype of AI for Security
Don’t get caught up in the hype of artificial intelligence or machine learning. Does the product correlate and analyze alerts? When Nails are Exciting, Everyone Wants to Talk about Hammers…
-
Mar 16th, 2018
A Song of Intel and Fancy
A case study tracking adversary infrastructure through SSL certificate use featuring Fancy Bear/APT28/Sofacy. A long time ago, in a galaxy… No. Stop. We’re not doing that anymore. Instead,
-
Feb 9th, 2018
Query a Host or URL Indicator in Archive.org’s Wayback Machine
One-Click querying of the Wayback Machine See if a website has been archived in the Wayback Machine ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repeti
-
Jan 12th, 2018
Playbook Fridays: Using Playbooks to populate custom attributes
Create Custom Attribute Types and Validation Rules, then use Playbooks to populate them automatically I was working with a customer who wanted to use ThreatConnect’s Task and workflow features l
-
Jan 11th, 2018
Duping Doping Domains
Possible Fancy Bear Domains Spoofing Anti-Doping and Olympic Organizations Update – 1/19/18 We recently identified two additional domains — login-ukad[.]org[.]uk and adfs-ukad[.]org[.]uk &
-
Dec 28th, 2017
Please Do Not Feed the Phish
How to Avoid Phishing Attacks We’ve all heard the phishing attack stories that start with someone receiving an email that requests an urgent invoice review or password change, and ends with a da
-
Dec 15th, 2017
Playbook Fridays: Task Management
Playbook Fridays: Task Management Simulate a task in ThreatConnect which can be modified to recur daily, weekly, or monthly ThreatConnect developed the Playbooks capability to help analysts automa
-
Nov 14th, 2017
ThreatConnect Provides a Report on Healthcare and Medical Industry Threats
Learn about the threats and how to protect your healthcare organization Summary Medical and health organizations, which include organizations operating in the pharmaceutical sector, face a variety of