Read insights, thought leadership, and platform updates.

The Digital Operational Resilience Act (DORA) is pushing companies across Europe to demonstrate something many have struggled with for years: measurable resilience. It’s no longer enough to check the compliance box or hand over a set of controls during an audit. Regulators want evidence that organizations can withstand, respond to, and recover from ICT disruptions. […]

Salt Typhoon—also known in industry and U.S. government reporting as OPERATOR PANDA, RedMike, UNC5807, or GhostEmperor — is a sophisticated, state-sponsored Chinese cyber-espionage group expected to operate under the Ministry of State Security. Active since at least 2019, Salt Typhoon has executed one of the most expansive and consequential global hacking campaigns in modern history. […]

Modern financial threats don’t respect boundaries. Inside a large UK bank’s journey to integrate intelligence and streamline response. I recently sat down with a top security intelligence analyst at one of the UK’s largest banks to talk about how they’re reshaping their intelligence program with ThreatConnect. What follows is their story, in their own words, […]

The attack surface is expanding, burnout is climbing, and executive–security alignment is nigh. The Intel Hub turns that alignment into action. For years, cybersecurity teams have fought an asymmetric battle. Threat actors only need to succeed once. Defenders must succeed every time. But the rules of this game have changed – and the gap between […]

As cybersecurity evolves – so do the tools designed to combat recurring problems that exist within. EDR replaced antivirus. MFA displaced passwords. XDR is basically SIEM dressed to impress. RBAC matured into PBAC/ABAC, and so on. Still, despite the tremendous progress with available security tools, today’s CISOs face increasing pressures to deliver clear and defensible […]

It began, as many mysteries do, with a statement of defeat. “There’s no way we could have prevented this.” Baskerville Bank had just suffered a crippling ransomware attack. Production systems were encrypted. The customer portal was dark for 12 hours. Operational disruptions cost over $3.2M, not counting the inevitable PR fallout, legal action, and suspected […]

Generative AI (GenAI) tools like OpenAI’s ChatGPT and Google’s Gemini offer unparalleled productivity gains—but at what cost? According to the 2025 Verizon Data Breach Investigations Report, 15 percent of employees access GenAI on corporate devices at least once every 15 days—and of those users, 72 percent do so with personal (non-corporate) accounts while another 17 […]

Every Black Hat is a bit of a mirror. It shows you the state of the industry, sure — but if you’re paying attention, it also reflects where you are as a practitioner and a company that’s been doing this long enough to notice the small changes. This year’s reflection? The hype is settling. Conversations […]

The Advanced Persistent Talent series profiles ThreatConnect employees and explores how their work impacts products and offerings, how they got here, and their views on the industry at large. Want to know more about a particular team? Let us know! One of the most prevalent criticisms of AI tools today is that they could be […]

Every vulnerability tells a story—but when that story is scattered across a dozen different intelligence feeds, understanding the real threat becomes nearly impossible. Consider the challenge: CVE-2023-23397 appears in your threat feeds with conflicting CVSS scores, fragmented timeline data, and intelligence buried across multiple sources. Your analysts burn hours manually connecting these dots while real […]

Security operations centers (SOCs) are burning out. And no, more pizza parties won’t fix it. According to the latest SANS SOC Survey, a staggering 84% of security professionals report feeling burned out. Nearly 70% say that relentless alert volumes are bleeding into their personal lives. Meanwhile, the cybersecurity workforce gap has grown 19% in the […]

Typosquatting is a sneaky tactic where bad actors register misspelled versions of popular domain names—think amazn.com instead of amazon.com—to hijack traffic, mislead users, or even steal personal information. Every mistyped domain or accidental click that lands on a fake site instead of yours is a potential risk. In today’s threat landscape, protecting your brand means […]