Read insights, thought leadership, and platform updates.

Information overload is a common challenge facing Security Operations Centers (SOCs). Security analysts are bombarded with alerts of potential security events. Sifting through and prioritizing the most important events can take weeks, months, or even longer. Without the insight of threat intelligence and orchestrated processes to make sense of all the data coming through, analysts […]

ThreatConnect is pleased to deliver a Playbook App for joint customers to leverage RiskIQ PassiveTotal capabilities within the ThreatConnect Platform. With this app, you can query PassiveTotal for enrichment information on various indicators of compromise (IOC) types. By automating this process, you bring relevant, timely, and accurate threat intelligence into ThreatConnect and use it to […]

Editor’s Note: In this first of two articles, ThreatConnect’s Director of Security Architecture Chris Adams breaks down the primary requirements of an XDR as defined by Gartner, and provides a bit of color as to why those are important and how ThreatConnect meets them, sometimes with integration partners.    On the surface, it’s no surprise […]

Chief Information Security Officers have more data on cyber threats and vulnerabilities than ever before. However, the majority of them still struggle to explain risk to their C-suite and boardroom counterparts in language-centered on business impact and financial risk. One of the most critical challenges facing CISOs today is this inability to understand the core […]

Amid the lingering shadow of the Colonial Pipeline ransomware attack, President Biden signed an executive order last week that outlines “bold changes” that overall take a risk-led approach to cybersecurity and attempt to bridge the gap between cyber threat intelligence and operations. “Incremental improvements will not give us the security we need; instead, the Federal […]

The cyber threat landscape is changing so rapidly that it can become almost impossible for security operations center (SOC) teams to keep up. Every day, analysts make multiple decisions that have the potential to impact the entire organization. Once faced with a threat, analysts have to quickly answer questions such as: What should I do […]

ThreatConnect and Censys (www.censys.io) have partnered to deliver the Censys Playbook App. This App allows you to retrieve multiple types of enrichment information for IOCs. Additionally,  it allows you to craft custom Censys searches to retrieve result sets based on factors such as software versions being run, services running, open ports, and more. You can […]

The ransomware attack on Saturday against the Colonial Pipeline company not only shut down operations across one of the nation’s most important 5,500-mile energy infrastructures but it exposed a major weakness in the national cybersecurity strategy that has been 20 years in the making: Critical infrastructure cybersecurity must adopt a risk-led security strategy backed by […]

Three leading global chief information security officers (CISOs) with a wide range of experience across different industries warned that if CISOs do not improve their ability to communicate cyber risk to business executives and boards of directors the position of CISO itself could disappear in the next 10 years. “The successful CISO is the [one] […]

ThreatConnect recently celebrated its 10th anniversary. We started ThreatConnect because it was easy to see that there was a need to improve the state of protection, detection, response, and recovery. Some are talking about eXtended Detection and Response (XDR) — the next evolution of analyzing security data and events — as if it is the […]

ThreatConnect and Palo Alto have delivered a new Playbook App for joint customers. This Playbook App will allow you to submit Files for sandbox analysis and retrieve analysis results. In addition to sandboxing, the app lets users retrieve enrichment information for Address, Host, URL, and File IOCs. The following capabilities are available: Automated Malware Sandboxing […]

ThreatConnect and Netwitness, an RSA business, have strengthened our partnership by releasing multiple Playbook and Service Apps for the NetWitness Platform. With these new apps, you can automate case management, search requests, enrichment, and hunting actions, as well as investigation and response actions. By automating these processes, you ensure that high fidelity intelligence is being […]