Read insights, thought leadership, and platform updates.

Did you know there were over 1 million phishing attacks just in Q1 of this year? 1,025,968, to be exact! Phishing attacks are getting more sophisticated and involve more clever ways to entice end users to click on those links. Security operations teams are overwhelmed with the number of suspected phishing emails and the lack […]

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the Department of the Treasury, and the Financial Crimes Enforcement Network (FinCEN) have recently released a Cyber Security Advisory AA22-1812A to provide updated information on MedusaLocker ransomware.  This advisory is part of the Government’s efforts to document ransomware threat actors and the […]

Threat intelligence teams have a problem, a big data problem due to the velocity, variety, and volume, of the different sets of data they collect. Data comes through non-stop in different forms, from different sources, and from different environments. To make matters worse, not all data is good data because it’s not always accurate or […]

Leveraging Automation and the Cloud to Improve Cyber Response Threats are moving faster than ever in today’s cyber threat environment. A timely and impactful response to an ongoing cyberattack is critical. Yet, still, today, many companies cannot detect any potentially malicious activity, especially in the early phases of an attack. Most companies are just outnumbered […]

As more companies look to quantify cyber risk in financial terms, a common question we hear all the time is, “which model (or approach) should I use?.” I saw an interesting quote from a Gartner® research note titled “Drive Business Action with Cyber Risk Quantification “ that spoke about where the CRQ space is going: […]

Security teams need to move at the speed of the business. Teams don’t want to be slowed down by burdensome tasks like manually digging through threat intel or manually triaging alerts. They want to make fast, easy decisions to identify and protect against the most relevant threats. We’ve got you covered! In the 6.6 release […]

In recent years, there’s been an increase in attacks targeted specifically toward enterprise software vendors. Nation-states and cyber-criminal gangs are persistently attacking these organizations with increasing sophistication. Attacks like the one against SolarWinds exemplify the challenges software vendors face and it’s getting worse. Microsoft noted that Russian hackers are systematically attempting to infiltrate technology supply […]

Analysts are overwhelmed by a number of things: the thousands of alerts they receive in a day, the intricacies of hidden details in email messages, embedded links, and attachments, or the inability to control users clicking on malicious materials. Managing the volume of emails and understanding trends in attacks is unwieldy as security teams grapple […]

Business leaders are not always technically-focused, so it is important for security teams to examine how they are communicating risk to leadership and ensure those methods are being effectively received. Overly technical or qualitative methods run the risk of the message getting lost or distorted so well-run security programs are evolving their approach to measuring […]

Alert overload takes the security team’s attention away from many other essential aspects of keeping a healthy cyber ecosystem. Many teams cannot define and implement a threat hunting program because of resource shortages or they simply lack the know-how. Complexity in defensive control integrations is also a roadblock, and the lack of integrated workflow makes […]

We’re excited to announce the release of ThreatConnect Risk Quantifier (RQ) version 6.3! This update is now available and provides a number of enhancements that make cyber risk quantification (CRQ) even easier to implement and use, particularly focusing on making the FAIR analysis faster, with less effort. Pre-populated FAIR Loss Magnitude  RQ 6.3 now includes […]

There is often a conversational disconnect between a cybersecurity team and other departments of an organization. But as cyber is becoming an increasingly large part of business strategy, cybersecurity and threat intelligence must speak the language of business. Cyber Threat Intelligence (CTI) programs are crucial in the way they protect an organization from threats. Businesses […]