Read insights, thought leadership, and platform updates.

ThreatConnect and MalwareBazaar have partnered to deliver a new Playbook app for joint customers. MalwareBazaar is a project from abuse.ch with the goal of sharing malware samples with the infosec community, AV vendors, and threat intelligence providers. This Playbook app will allow you to automatically detonate, analyze, and submit files in MalwareBazaar from ThreatConnect to […]

I can’t wait until the day when cars can fully drive themselves. While I love driving I hate wasting time in traffic. And the number of accidents caused by human error is significantly larger than any self driving has caused to date in testing. Yet a lot of my friends aren’t there yet. They might […]

ThreatConnect and Cuckoo Sandbox have partnered to deliver a new Playbook app for joint customers. This Playbook app will allow you to automatically detonate, analyze, and submit files and URLs in Cuckoo Sandbox from ThreatConnect to understand if they are malicious and return any contextualized telemetry. This all leads to more informed decision-making and more […]

ThreatConnect has released a Playbook App and a Service App for joint Microsoft Exchange customers to leverage Microsoft Exchange Web Services (EWS).  With these integrations, you can automate email investigation and response actions with Microsoft Exchange using the Microsoft EWS API. The EWS Service App pulls messages from an Exchange mailbox on a set schedule […]

Without an intelligent Security Orchestration, Automation, and Response (SOAR) platform, SecOps teams can spend millions of dollars in labor costs weeding through false positives in order to find and prioritize the cyber threats that matter. Naturally, good intelligence drives better decisions, but the realized value of good intelligence is that it enables action in both […]

It’s been almost a year since the National Institute of Standards and Technology (NIST) issued its internal report on “Integrating Cybersecurity and Enterprise Risk Management (ERM).” I thought it was time to take another look at it and share what I think are the most interesting conclusions. First: CRQ Isn’t Done Well The following line […]

With the Microsoft Azure Sentinel Playbook app and Service app, you can better manage and ingest Incidents and Alerts in Azure Sentinel. ThreatConnect provides context on indicators and enables you to easily spot abnormal trends and patterns to act on them efficiently. Additionally, analysts working in Azure Sentinel can view real-time indicator enrichment, add indicators […]

Gone are the days when SecOps teams had no choice but to act on the basis of uncertainties, deliver uncertain results, or struggle to show the business the value of their actions. Instead, ThreatConnect’s smarter SOAR platform enables today’s defenders to assume their rightful place at the helm of enterprise risk mitigation — and to […]

ThreatConnect has released a Playbook App for joint customers to leverage Cherwell.  Cherwell is a comprehensive IT service desk solution for enterprise IT services and support. With the new Cherwell Playbook App, you can easily automate more tedious tasks, or create and manage incident records between Cherwell and ThreatConnect. Cherwell Service Management   This integration […]

ThreatConnect 6.3 introduces major core architecture changes to the TIP side of our platform with the introduction of New Group Objects as well as major changes to the SOAR side with the addition of Workflow Attributes and Workflow Metrics. In 6.3, we’re giving you new ways to adapt to the Platform. We’re adding Attribute support […]

An intelligence-driven SOAR Platform empowers SecOps teams to work smarter not harder so that they can make better operational decisions and find the most effective strategies. When resources are scarce, it’s imperative that security teams find and use technologies that will help them streamline processes to reduce the complexity of their jobs. Intelligence on adversarial […]

How smart is your Security Orchestration, Automation, and Response (SOAR) platform? The answer to that question is critical to determining how protected your organization is from the next data breach or ransomware attack. Imagine for a moment that you’re sitting in a restaurant between sessions at a major industry conference and you receive an email […]