Read insights, thought leadership, and platform updates.

The recent Log4J vulnerability (CVE-2021-44228) issue has set the cybersecurity world ablaze. Security teams are working overtime to quickly patch vulnerabilities and better understand how this issue affects their organization. We’d like to show how you can use the ThreatConnect Intel Driven Operations Platform (SOAR+TIP) to research a vulnerability, pull in relevant data, and produce […]

Data is often the instrument that comes to mind when leaders think about accelerating business strategy, but the framework of people, processes, and technology (PPT) together has long been understood as fundamentally necessary for organizational transformation.  A Security Operations Center (SOC) is the embodiment of such a framework. In a 2018 survey, the SANS Institute […]

Context is everything. The newest release from ThreatConnect helps cyber threat intelligence (CTI) teams get more context quickly, enables faster investigations, provides a more robust threat library, and has updated dashboards so that SOC/IR leaders can accelerate the team’s efficiency. The contextual enhancements available with ThreatConnect 6.4 builds upon our foundation of Intelligence-Driven Operations, empowering […]

ThreatConnect and MalwareBazaar have partnered to deliver a new Playbook app for joint customers. MalwareBazaar is a project from abuse.ch with the goal of sharing malware samples with the infosec community, AV vendors, and threat intelligence providers. This Playbook app will allow you to automatically detonate, analyze, and submit files in MalwareBazaar from ThreatConnect to […]

I can’t wait until the day when cars can fully drive themselves. While I love driving I hate wasting time in traffic. And the number of accidents caused by human error is significantly larger than any self driving has caused to date in testing. Yet a lot of my friends aren’t there yet. They might […]

ThreatConnect and Cuckoo Sandbox have partnered to deliver a new Playbook app for joint customers. This Playbook app will allow you to automatically detonate, analyze, and submit files and URLs in Cuckoo Sandbox from ThreatConnect to understand if they are malicious and return any contextualized telemetry. This all leads to more informed decision-making and more […]

ThreatConnect has released a Playbook App and a Service App for joint Microsoft Exchange customers to leverage Microsoft Exchange Web Services (EWS).  With these integrations, you can automate email investigation and response actions with Microsoft Exchange using the Microsoft EWS API. The EWS Service App pulls messages from an Exchange mailbox on a set schedule […]

Without an intelligent Security Orchestration, Automation, and Response (SOAR) platform, SecOps teams can spend millions of dollars in labor costs weeding through false positives in order to find and prioritize the cyber threats that matter. Naturally, good intelligence drives better decisions, but the realized value of good intelligence is that it enables action in both […]

It’s been almost a year since the National Institute of Standards and Technology (NIST) issued its internal report on “Integrating Cybersecurity and Enterprise Risk Management (ERM).” I thought it was time to take another look at it and share what I think are the most interesting conclusions. First: CRQ Isn’t Done Well The following line […]

With the Microsoft Azure Sentinel Playbook app and Service app, you can better manage and ingest Incidents and Alerts in Azure Sentinel. ThreatConnect provides context on indicators and enables you to easily spot abnormal trends and patterns to act on them efficiently. Additionally, analysts working in Azure Sentinel can view real-time indicator enrichment, add indicators […]

Gone are the days when SecOps teams had no choice but to act on the basis of uncertainties, deliver uncertain results, or struggle to show the business the value of their actions. Instead, ThreatConnect’s smarter SOAR platform enables today’s defenders to assume their rightful place at the helm of enterprise risk mitigation — and to […]

This week, Bitsight raised $250 million from Moodys and acquired cyber risk quantification company VisibleRisk. The move certainly makes sense for Bitsight, but what does it mean for the cyber risk quantification space at large? Over the last few years, the conversation about cyber risk has been dominated by the security ratings companies like BitSight […]