Read insights, thought leadership, and platform updates.

Chief Information Security Officers have more data on cyber threats and vulnerabilities than ever before. However, the majority of them still struggle to explain risk to their C-suite and boardroom counterparts in language-centered on business impact and financial risk. One of the most critical challenges facing CISOs today is this inability to understand the core […]

Amid the lingering shadow of the Colonial Pipeline ransomware attack, President Biden signed an executive order last week that outlines “bold changes” that overall take a risk-led approach to cybersecurity and attempt to bridge the gap between cyber threat intelligence and operations. “Incremental improvements will not give us the security we need; instead, the Federal […]

The cyber threat landscape is changing so rapidly that it can become almost impossible for security operations center (SOC) teams to keep up. Every day, analysts make multiple decisions that have the potential to impact the entire organization. Once faced with a threat, analysts have to quickly answer questions such as: What should I do […]

ThreatConnect and Censys (www.censys.io) have partnered to deliver the Censys Playbook App. This App allows you to retrieve multiple types of enrichment information for IOCs. Additionally,  it allows you to craft custom Censys searches to retrieve result sets based on factors such as software versions being run, services running, open ports, and more. You can […]

The ransomware attack on Saturday against the Colonial Pipeline company not only shut down operations across one of the nation’s most important 5,500-mile energy infrastructures but it exposed a major weakness in the national cybersecurity strategy that has been 20 years in the making: Critical infrastructure cybersecurity must adopt a risk-led security strategy backed by […]

Three leading global chief information security officers (CISOs) with a wide range of experience across different industries warned that if CISOs do not improve their ability to communicate cyber risk to business executives and boards of directors the position of CISO itself could disappear in the next 10 years. “The successful CISO is the [one] […]

ThreatConnect recently celebrated its 10th anniversary. We started ThreatConnect because it was easy to see that there was a need to improve the state of protection, detection, response, and recovery. Some are talking about eXtended Detection and Response (XDR) — the next evolution of analyzing security data and events — as if it is the […]

ThreatConnect and Palo Alto have delivered a new Playbook App for joint customers. This Playbook App will allow you to submit Files for sandbox analysis and retrieve analysis results. In addition to sandboxing, the app lets users retrieve enrichment information for Address, Host, URL, and File IOCs. The following capabilities are available: Automated Malware Sandboxing […]

ThreatConnect and Netwitness, an RSA business, have strengthened our partnership by releasing multiple Playbook and Service Apps for the NetWitness Platform. With these new apps, you can automate case management, search requests, enrichment, and hunting actions, as well as investigation and response actions. By automating these processes, you ensure that high fidelity intelligence is being […]

Some of the greatest companies in the world have embraced the Lean Six Sigma process improvement methodology to eliminate errors, remove waste and inefficiency, and improve operational performance. At ThreatConnect, we’re building the tools that for the first time can help companies apply these same groundbreaking principles to cybersecurity. Lean Six Sigma combines the principles […]

Below is this week’s Threat Intel Update, a collection of recent noteworthy findings from the ThreatConnect Research Team. The items below were created or updated April 1-7, 2021. This week’s findings include intelligence related to the following threats and/or topics: UNC1878 Thallium 20210407A: Additional Entertainment Industry Spoofed Infrastructure ThreatConnect Research identified additional domains and subdomains […]

Modern businesses undergo changes every day that introduce cyber risk and obfuscate residual risks. This is especially true as companies digitize their operations and continue to have a healthy appetite for merger and acquisitions (M&A) activity. You might have a good idea of what risks your current applications present, but can you pinpoint the residual […]