Read insights, thought leadership, and platform updates.

Many organizations struggle to demonstrate value for threat intel and their threat intelligence teams. The intel team is trying to do the right thing though. They are collecting threat intelligence, managing it into usable shape, making it available for use, and then struggling to find consumers who need, or want, to use it.  Security operations […]

Blog authored by Dave DeWalt, Founder and Managing Director, NightDragon. Read it on the Night Dragon’s website here We live in a true golden age of data and information. Organizations have more threat intelligence, whether it be cyber, physical, etc, at their fingertips than ever before, from vulnerabilities to adversary profiles and more.  Inside these […]

If you’ve seen our blog, “Luke in the Sky with Diamonds,” or have read Adam Shostack’s excellent book: “Threats: What Every Engineer Should Learn From Star Wars,” you know that Star Wars is really just a series of cybersecurity parables. In this blog, we’re going to examine how the lead-up to the Battle of Hoth […]

We are thrilled to announce our release of Polarity Web Search, a new feature that enables users to get immediate value from their integrations and annotations with more ease and speed than ever. Any Polarity user can now log in through a browser and use just one search to find relevant information across all of […]

Threat intelligence activities, especially enrichment, analysis, and action, have traditionally required a lot of manual work. Threat Intel Operations analysts are not expected to be coders, spending their time in Python to automate their activities, and it’s not usually a “one and done” activity. Changing APIs and process improvements that require scripts to be updated […]

A dedicated threat intelligence team and function has been treated as a luxury for far too long, and if there is one, demonstrating its value is a persistent struggle. However, security leaders know that the modernization and digitization of the enterprise, an expanding attack surface, and evolving adversaries are stressing their teams and capacity. In […]

Cybersecurity technology, processes, and tradecraft are constantly evolving as the attack surface, and vectors expand. It’s no secret that threats are growing faster than defenders can combat them. Organizations often create specialized teams with a specific mandate, such as incident response and threat hunting, which become siloed. This impacts their ability to share valuable threat […]

Part one of this blog series begins with a simple step-by-step walkthrough of how to craft and save a ThreatConnect Query Language (TQL) query without writing out, or even fully understanding, all of the TQL options. Before we jump into the steps, let’s talk a little about TQL. What is it? Why would I want […]

The new year is almost upon us, and 2022 has been a game of ransomware hardball. However, lessons learned this year can help organizations take proactive steps to protect themselves from ransomware in 2023.  If you followed Cybersecurity and Infrastructure Security Agency (CISA) alerts on ransomware for the year, you would have noted malicious activity […]

In cybersecurity, contextual data is important. Contextual data with speed becomes everything. But many cybersecurity teams are too far away from the critical information they need to make fast and accurate decisions. Time is not on your side. It is just an unfortunate fact that threat and security researchers spend too much time digging through […]

In the fast-paced, ever-changing cybersecurity landscape today, organizations recognize the need to transform their security operations to achieve greater effectiveness and deliver better protection while demonstrating a measurable return on investment. When threat intelligence operations (TI Ops) infuses cyber threat intelligence into everything a security team does, it results in better decision-making, greater efficiency, and […]

The stakes facing USA’s critical public infrastructure organizations in today’s threat environment are higher than ever before. Targeted with an onslaught of relentless attacks and malicious activity, threat actors can and must be stopped every single time. Through a combination of prevention and blocking, if even one successful attempt to sabotage a water system, community […]