Read insights, thought leadership, and platform updates.

ThreatConnect now supports MITRE ATT&CK Groups and Software within our Platform! Before we dive too deep, let’s define Groups and Software in MITRE ATT&CK. What are Groups? Groups are sets of related intrusion activities tracked by a common name in the security community. Analysts follow clusters of activities using various analytic methodologies and terms such […]

ThreatConnect has built 3 new Apps to work seamlessly with Amazon GuardDuty. Amazon GuardDuty is a threat detection service that continuously monitors for malicious activity and unauthorized behavior in your AWS accounts, workloads, and data stored in Amazon S3. With these Apps, any known IP addresses (good and bad) can be set up for monitoring […]

During a recent ThreatConnect Podcast, Tim Grieveson, Chief Information Security Officer (CISO) at AVEVA, gave his insights and thoughts on cyber risk management issues facing our nation’s critical infrastructures. The recent surge in cyberattacks targeting critical infrastructure companies demonstrates the urgent need for critical infrastructure owners and operators to adopt a risk-led cybersecurity program. It […]

During a recent ThreatConnect webinar, Felicia Thorpe, Managing Advisor at AHT Insurance, offered her insights on the latest trends in the cyber insurance market and changes that need to be considered to battle the surge in ransomware attacks. The increasing sophistication and cost of cyberattacks, particularly ransomware, have led to a massive jump in demand […]

ThreatConnect has built new integrations to work with Amazon’s cloud infrastructure. With these integrations, you can more easily monitor and protect your AWS environment.  Amazon Simple Storage Service (S3)  is a service offered by Amazon Web Services that provides object storage through a web service interface. Amazon S3 uses the same scalable storage infrastructure that […]

The surge in ransomware and other advanced cyber attacks during the last 18 months has led to significant changes in the way insurance carriers approach cyber policies and those changes are far from over. For more than two decades, insurance companies have been issuing cyber policies with little to no verification of a client’s cybersecurity […]

Many security leaders struggle with communicating cyber risk in business and operational terms that matter to C-suite executives and boards of directors. This miscommunication is one of the biggest hurdles faced by many security leaders. Security leaders need a way to translate cyber risk into terms that business executives can understand. When both security and […]

ThreatConnect 6.2 introduces Intelligence Anywhere and Playbooks 2.0 for improved ease of use and collaboration. When we think of “collaboration” we usually think about groups of people working together, maybe from different teams, to achieve a common goal. In cybersecurity, that may mean the threat intelligence team provides much-needed context to the SOC, or the […]

ThreatConnect 6.2 introduces a new Browser Extension and Playbooks 2.0 for improved ease of use and collaboration. When we think of “collaboration” we usually think about groups of people working together, maybe from different teams, to achieve a common goal. In cybersecurity, that may mean the threat intelligence team provides much-needed context to the SOC, […]

Today, we thought we would have a little fun talking about security frameworks and how cyber risk quantification is the missing ingredient you need to cook up more mature security models.  Security frameworks are similar to cookbooks with progressively more complex recipes to help security leaders entertain more discerning guests. In addition to calling out […]

ThreatConnect has released a new GreyNoise Playbook App. GreyNoise helps analysts quickly understand which alerts don’t matter by providing context on noisy IP addresses across the internet. With this playbook app, you can look up IP addresses to validate if they are involved in any mass scanning or exploit activity, to more effectively triage alerts.  […]

When it comes to containing cyberattacks and limiting their ability to cause harm within your environment, time is money. On average, a company able to detect and contain a breach in less than 200 days will spend $1.1 million less than one that needs more time. Yet organizations still struggle to respond to security events […]