Posts
-
Aug 21st, 2019
CAL™ 2.2 Brings Improved Data Hygiene and More Robust Graph Modeling
Right on the heels of our 2.1 CAL update, we’re keeping up the momentum with the release of CAL 2.2! As a refresher, ThreatConnect’s CAL™ (Collective Analytics Layer) provides anonymized, crowds
-
Jul 26th, 2019
Playbook Fridays: Query Palo Alto Wildfire For New Submissions / Submit Wildfire Binary to VMRay
With these Playbooks, create the sharing and connection between two otherwise segmented products These two Playbooks allow you to orchestrate the ability to retrieve files deemed malicious by Palo Alt
-
Jul 12th, 2019
Playbook Fridays: Koodous Playbook Components
Today’s post features two Playbook Components designed to query Koodous. The Playbook Components are available on our GitHub repository here. The first component, named “[Koodous] Request APK
-
Jul 10th, 2019
Using ATT&CK in ThreatConnect to Prioritize, Ask Questions, and Respond Faster
We have exciting news: ThreatConnect now supports the MITRE ATT&CK Framework! What does this mean for our users? By applying Tags to Indicators and Groups, you’ll be able to classify your intell
-
Jun 14th, 2019
Playbook Fridays: CrowdStrike Snort Rules Ingest
This Playbook allows you — without writing code — to automate the ingestion of Snort rules into the ThreatConnect Platform A customer needed a short turnaround solution for bringing CrowdS
-
Jun 7th, 2019
Playbook Fridays: Indicator Status Updater Playbook Component
This Friday, we introduce a Playbook Component that allows you to change the status of an Indicator. An Indicator’s status classifies the Indicator as either active or inactive. An active status ind
-
May 21st, 2019
Good News! ThreatConnect’s CAL™ (Collective Analytics Layer) 2.1 is now live!
The new and improved CAL is now active in the ThreatConnect Platform! Have you heard of CAL? Yes, you have? Awesome! No, you haven’t? Well, to quickly explain, ThreatConnect’s CAL™ (Collective A
-
May 17th, 2019
Orchestrate Actions Based on Automating Phishing Email Analysis
Set up phishing and feed mailboxes for automated ingestion of indicators and phishing emails ThreatConnect allows users to setup phishing and feed mailboxes for automated ingestion of both indicators
-
May 4th, 2019
May the Force (of Partnerships) Be With You
What the Rebels Taught Me About Building Alliances To say that ThreatConnect has a “thing” for Star Wars would be putting it mildly. Whether it be our office decor, the names of our conference roo
-
Apr 26th, 2019
Introducing ThreatConnect’s Version 5.8
Showcasing the Platform’s increased user flexibility for creating Playbooks and expanded options for in-Platform application (App) building It’s here! Version 5.8 is here: ThreatConnect’s newest
-
Apr 19th, 2019
Playbook Fridays: Indicator Defanging
To avoid indicators of compromise becoming links to malicious content, “defang” them. If you’ve worked in the computer security industry for a while, you have probably seen a website, email, Sla
-
Apr 5th, 2019
Playbook Fridays: Deploying Yara Signature to Carbon Black CB Response
Rapidly deploy Yara rules that are associated to intel products within ThreatConnect out to CarbonBlack’s CB Response via their Yara Connector This Playbook allows analysts that are performing an in