Read insights, thought leadership, and platform updates.

ThreatConnect has partnered with Cisco Security to deliver a Playbook App for joint customers to use Cisco Secure Access by Duo (formerly Cisco Duo). Now, users can automate processes during an internal security investigation when it’s critical to quickly get user information or suspend users involved with a security incident. The App allows you to: […]

Enriching Indicators with haveibeenpwned ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetitive tasks so they can focus on what is most important. And in many cases, to ensure the analysis process can occur consistently and in real time, without human intervention. Why Was the Playbook Created? Data breaches come and […]

ThreatConnect and VirusTotal have improved our collaboration with a new Playbook App! This app will allow you to send malware to a sandbox to be further examined and retrieve the results from VirusTotal.  Leveraging this App, you will be able to perform Phishing Email Triage, Endpoint Investigation, and Malware Hunting. This all leads to more […]

Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related indicators across ThreatConnect’s CAL™ (Collective Analytics Layer). In this Roundup, we highlight the Late 2020 Wizard Spider / UNC1878 / Ryuk Campaign. In late September […]

ThreatConnect has partnered with security giant McAfee and released multiple Playbook Apps and one App Service for McAfee DXL. McAfee DXL is a communication fabric and it allows us to easily connect with nearly every piece of McAfee technology.  The Playbook Apps will allow you to Publish Events and Invoke Services on DXL topics while […]

We’re proud to announce the release of CAL 2.6, our latest addition to our Collective Analytic Layer’s featureset.  As the latest in our ongoing quest to find the most interesting intelligence and deliver it to you, we’ve decided to incorporate some additional datasets in the form of WHOIS records, a partnership with Quad9, and even […]

Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related indicators across ThreatConnect’s CAL™ (Collective Analytics Layer). Note: Viewing the pages linked in this blog post requires a ThreatConnect account. Roundup Highlight: Ryuk In this […]

Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related indicators across ThreatConnect’s CAL™ (Collective Analytics Layer). Note: Viewing the pages linked in this blog post requires a ThreatConnect account. Roundup Highlight: Possible Ryuk Infrastructure […]

Using neural networks to identify algorithmically generated domains (AGDs) The problem with today’s generation A while back, we released a new CAL Feed that leveraged our ability to detect domains that were generated via an algorithm.  This is an interesting cohort of domains — they’re typically generated by machines and for machines.  That alone makes […]

ThreatConnect has partnered with Check Point and built a Playbook App for our joint customers to leverage. With the addition of this new Playbook App, immediate actions can be taken to investigate, stop, and remediate potential threats at the endpoint based on external threat intelligence. Check Point’s Unified Security Management gives you unified management control […]

Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related indicators across ThreatConnect’s CAL™ (Collective Analytics Layer). Note: Viewing the pages linked in this blog post requires a ThreatConnect account. In this edition, we cover: […]

Today’s post continues an ongoing series on Polarity Integrations. Data tells a story, Polarity helps you see it with Augmented Reality overlaying contextual information from the applications you use every day. With over 100 powerful integrations the Polarity open-source Integrations Library arms you with the right data at the right time to make informed decisions […]