Read insights, thought leadership, and platform updates.

ThreatConnect and Censys (www.censys.io) have partnered to deliver the Censys Playbook App. This App allows you to retrieve multiple types of enrichment information for IOCs. Additionally,  it allows you to craft custom Censys searches to retrieve result sets based on factors such as software versions being run, services running, open ports, and more. You can […]

The ransomware attack on Saturday against the Colonial Pipeline company not only shut down operations across one of the nation’s most important 5,500-mile energy infrastructures but it exposed a major weakness in the national cybersecurity strategy that has been 20 years in the making: Critical infrastructure cybersecurity must adopt a risk-led security strategy backed by […]

Three leading global chief information security officers (CISOs) with a wide range of experience across different industries warned that if CISOs do not improve their ability to communicate cyber risk to business executives and boards of directors the position of CISO itself could disappear in the next 10 years. “The successful CISO is the [one] […]

ThreatConnect recently celebrated its 10th anniversary. We started ThreatConnect because it was easy to see that there was a need to improve the state of protection, detection, response, and recovery. Some are talking about eXtended Detection and Response (XDR) — the next evolution of analyzing security data and events — as if it is the […]

ThreatConnect and Palo Alto have delivered a new Playbook App for joint customers. This Playbook App will allow you to submit Files for sandbox analysis and retrieve analysis results. In addition to sandboxing, the app lets users retrieve enrichment information for Address, Host, URL, and File IOCs. The following capabilities are available: Automated Malware Sandboxing […]

ThreatConnect and Netwitness, an RSA business, have strengthened our partnership by releasing multiple Playbook and Service Apps for the NetWitness Platform. With these new apps, you can automate case management, search requests, enrichment, and hunting actions, as well as investigation and response actions. By automating these processes, you ensure that high fidelity intelligence is being […]

Some of the greatest companies in the world have embraced the Lean Six Sigma process improvement methodology to eliminate errors, remove waste and inefficiency, and improve operational performance. At ThreatConnect, we’re building the tools that for the first time can help companies apply these same groundbreaking principles to cybersecurity. Lean Six Sigma combines the principles […]

Below is this week’s Threat Intel Update, a collection of recent noteworthy findings from the ThreatConnect Research Team. The items below were created or updated April 1-7, 2021. This week’s findings include intelligence related to the following threats and/or topics: UNC1878 Thallium 20210407A: Additional Entertainment Industry Spoofed Infrastructure ThreatConnect Research identified additional domains and subdomains […]

Modern businesses undergo changes every day that introduce cyber risk and obfuscate residual risks. This is especially true as companies digitize their operations and continue to have a healthy appetite for merger and acquisitions (M&A) activity. You might have a good idea of what risks your current applications present, but can you pinpoint the residual […]

ThreatConnect and OPSWAT have delivered a new Playbook for joint customers. This Playbook App will allow you to submit Files for sandbox analysis and retrieve analysis results. In addition to sandboxing, the app lets users retrieve enrichment information for Address, Host, URL, and File IOCs. The following capabilities are available: Automated Malware Sandboxing As part […]

Below is this week’s edition of ThreatConnect’s Research Roundup: Threat Intel Update, a collection of recent noteworthy findings from the ThreatConnect Research Team. The items below were created or updated March 24 – April 1, 2021. This week’s findings include intelligence related to the following threats and/or topics: Possible Ghostwriter Infrastructure Possible FIN7 Domain Suspicious […]

Below is this week’s edition of ThreatConnect’s Research Roundup: Threat Intel Update, a collection of recent noteworthy findings from the ThreatConnect Research Team. The items below were created or updated March 11-23, 2021. This week’s findings include intelligence related to the following threats and/or topics: FIN7 UNC1878 / Wizard Spider 20210324A: Possible FIN7 Domain eyebrowaholic[.]com […]