Posts
-
Mar 1st, 2021
ThreatConnect and Sumo Logic: Empower Orchestration with Cloud-SIEM
ThreatConnect and Sumo Logic have partnered to deliver a new Playbook app. With this app, SOC analysts can automate searches for events in Sumo Logic and use these searches to do things like retroacti
-
Feb 24th, 2021
Introducing ThreatConnect 6.1: The Tao of Intel-Driven Operations
This was one of the first graphics we created for the ThreatConnect Platform, but it’s one that’s still very meaningful to our latest release. It may seem quaint, and the graphics have certainly i
-
Feb 16th, 2021
Threat Hunting Use Case (Video): Sunburst Malware
The SolarWinds attack, disclosed by security firm FireEye and Microsoft in December, may have breached as many as 18,000 government and private sector organizations. It has been characterized as the l
-
Feb 8th, 2021
ThreatConnect and Malwarebytes Nebula: Make Your Cloud-Based EDR SOAR
ThreatConnect is pleased to deliver a Playbook app for joint customers to leverage Malwarebytes Nebula. Malwarebytes Nebula is a cloud-hosted security operations platform that allows you to manage con
-
Jan 29th, 2021
ThreatConnect and ANY.RUN – Better Malware Analysis
ThreatConnect and ANY.RUN have partnered to deliver a Playbook App for joint customers to leverage. With the addition of this Playbook App, you will be able to submit files to ANY.RUN for sandboxing a
-
Jan 28th, 2021
ThreatConnect and Slack: Streamline Investigative Team Collaboration
ThreatConnect has revamped our existing integration with Slack by leveraging their latest APIs and Authentication, doing this allows us to include a ton more functionality. With Playbooks, you can aut
-
Jan 21st, 2021
ThreatConnect and AlienLabs OTX: Give Your Investigations Community Support
ThreatConnect is pleased to deliver a Playbook App for joint customers to leverage AT&T AlienLabs OTX. With this app, you can query Alien Labs OTX for enrichment information on various indicators
-
Dec 22nd, 2020
How to Use Workflow to Conduct Phishing Analysis Part 2 – Automating Phase 1
While most organizations (88% in 2019 according to ProofPoint’s State of the Phish 2020 report) are targeted by spear phishing emails each year, the processes by which these messages are triaged and
-
Dec 18th, 2020
Tracking Sunburst-Related Activity with ThreatConnect Dashboards
Recently FireEye discovered that the SolarWinds Orion IT monitoring platform was compromised earlier this year. The threat actor used SolarWinds cryptographic keys to sign multiple backdoored files po
-
Dec 14th, 2020
ThreatConnect and Cisco Identity Services Engine (ISE): Streamline Security Policy Updates
ThreatConnect and Cisco have partnered to deliver a Playbook app for joint customers to leverage. With this Playbook app, you can control the network status of an endpoint in Cisco ISE. The Cisco Iden
-
Dec 9th, 2020
RQ 5.0 Offers New Automation and Prioritization to Better Respond to and Communicate Cyber Risk
Latest RQ 5.0 release introduces support for multiple security control frameworks and is the industry’s first product to prioritize common vulnerabilities and exposures (CVEs) by the financial risk
-
Nov 19th, 2020
ThreatConnect and Zoom: Coordinated Communications as part of Incident Response
ThreatConnect has delivered a Playbook App for Zoom users to leverage within the Platform. The app will allow you to launch a Zoom meeting, invite attendees, and save the meeting as part of an automat