Read insights, thought leadership, and platform updates.

If you’ve attended any of our webinars on Cyber Risk Quantification (CRQ) in recent months, you’ll know that this is a topic I love talking about! You’re either thinking this is not true, or I’m paid to say that right…? I know. Well, the truth is, I like problem-solving and in the cyber world – […]

A survey by the Independent revealed that a typical British household will watch a staggering 62 hours of TV, shows, and movies over the Holiday period between December 20th and January 2nd! But I’m sure with the recent lockdowns and travel restrictions, most of us have already looked through everything on Netflix and binged our […]

This past year has seen ruthless cyber attacks on individuals, businesses and nation-states. Colonial Pipeline, Ireland’s Health Service Executive (HSE), JBS, and Florida’s Water Supply are just some examples of gaps in securing critical infrastructure. It’s time for governments to be drivers of change and take steps to counter growing threats. The United Kingdom is […]

The recent Log4J vulnerability (CVE-2021-44228) issue has set the cybersecurity world ablaze. Security teams are working overtime to quickly patch vulnerabilities and better understand how this issue affects their organization. We’d like to show how you can use the ThreatConnect Intel Driven Operations Platform (SOAR+TIP) to research a vulnerability, pull in relevant data, and produce […]

Data is often the instrument that comes to mind when leaders think about accelerating business strategy, but the framework of people, processes, and technology (PPT) together has long been understood as fundamentally necessary for organizational transformation.  A Security Operations Center (SOC) is the embodiment of such a framework. In a 2018 survey, the SANS Institute […]

Context is everything. The newest release from ThreatConnect helps cyber threat intelligence (CTI) teams get more context quickly, enables faster investigations, provides a more robust threat library, and has updated dashboards so that SOC/IR leaders can accelerate the team’s efficiency. The contextual enhancements available with ThreatConnect 6.4 builds upon our foundation of Intelligence-Driven Operations, empowering […]

ThreatConnect and MalwareBazaar have partnered to deliver a new Playbook app for joint customers. MalwareBazaar is a project from abuse.ch with the goal of sharing malware samples with the infosec community, AV vendors, and threat intelligence providers. This Playbook app will allow you to automatically detonate, analyze, and submit files in MalwareBazaar from ThreatConnect to […]

I can’t wait until the day when cars can fully drive themselves. While I love driving I hate wasting time in traffic. And the number of accidents caused by human error is significantly larger than any self driving has caused to date in testing. Yet a lot of my friends aren’t there yet. They might […]

ThreatConnect and Cuckoo Sandbox have partnered to deliver a new Playbook app for joint customers. This Playbook app will allow you to automatically detonate, analyze, and submit files and URLs in Cuckoo Sandbox from ThreatConnect to understand if they are malicious and return any contextualized telemetry. This all leads to more informed decision-making and more […]

ThreatConnect has released a Playbook App and a Service App for joint Microsoft Exchange customers to leverage Microsoft Exchange Web Services (EWS).  With these integrations, you can automate email investigation and response actions with Microsoft Exchange using the Microsoft EWS API. The EWS Service App pulls messages from an Exchange mailbox on a set schedule […]

Without an intelligent Security Orchestration, Automation, and Response (SOAR) platform, SecOps teams can spend millions of dollars in labor costs weeding through false positives in order to find and prioritize the cyber threats that matter. Naturally, good intelligence drives better decisions, but the realized value of good intelligence is that it enables action in both […]

It’s been almost a year since the National Institute of Standards and Technology (NIST) issued its internal report on “Integrating Cybersecurity and Enterprise Risk Management (ERM).” I thought it was time to take another look at it and share what I think are the most interesting conclusions. First: CRQ Isn’t Done Well The following line […]