Read insights, thought leadership, and platform updates.

Executive Summary CrimsonIAS is a Delphi-written backdoor dating back to at least 2017 that enables operators to run command line tools, exfiltrate files, and upload files to the infected machine. CrimsonIAS is notable as it listens for incoming connections only; making it different from typical Windows backdoors that beacons out. The characteristics found in CrimsonIAS’s […]

Building a threat intelligence-led security program with security orchestration, automation, and response (SOAR) capabilities helps to advance your program and gives your company or agency a fighting chance to defeat these advanced and evolving threats. Businesses and organizations with less mature cybersecurity programs tend to be in a constant state of reacting to threats, vulnerabilities, […]

ThreatConnect is pleased to deliver a Playbook App for joint customers to leverage AT&T AlienLabs OTX. With this app, you can query Alien Labs OTX for enrichment information on various indicators of compromise (IOC) types. By automating this process, you bring relevant, timely, and accurate threat intelligence into ThreatConnect and use it to make better, […]

We would like to congratulate Ben Ruffley, Sr. Digital Forensics & Incident Response Manager at Procter & Gamble as the Polarity Community Contributor of the quarter! Ben has greatly helped Polarity build its product roadmap and understand how to improve the Polarity experience for everyone. We encourage all of our Polarity Community members to look […]

The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new cybersecurity effort to develop actionable metrics and quantify cyber risk across the nation’s critical infrastructure sectors. The Systemic Cyber Risk Reduction Venture is being developed in partnership with the National Risk Management Center (NRMC) and will focus on the relationship between threat, vulnerability, and […]

Today’s post continues an ongoing series on Polarity Integrations. Data tells a story, Polarity helps you see it with Augmented Reality overlaying contextual information from the applications you use every day, no glasses or goggles required. With over 100 powerful integrations, Polarity’s open-source Integrations Library arms you with the right data at the right time […]

There are many definitions for Threat hunting from an active cyber defense activity that proactively and iteratively searches through networks to detect and isolate advanced threats that evade existing security solutions to the practice of proactively searching for cyber threats that are lurking undetected in a network. These are just two of the many definitions […]

New survey suggests companies aren’t prepared or equipped to deliver cyber risk quantification data Cyber risk has long been acknowledged as one of the top risks facing companies of all sizes. And while it has traditionally been viewed as solely a technical issue, business executives and boards of directors are now demanding a view into […]

This year the conversation about cyber risk and cyber risk quantification must change. Even the best vulnerability management program isn’t really addressing cyber risk. Did you know that more than 13% of all Common Vulnerabilities and Exposures (CVEs) have a severity score between 9.0 and 10.0 (the highest possible value). Of those 13%, 7,628 (or […]

Today’s post continues an ongoing series on Polarity Integrations. Data tells a story, Polarity helps you see it with Augmented Reality overlaying contextual information from the applications you use every day, no glasses or goggles required. With over 100 powerful integrations, Polarity’s open-source Integrations Library arms you with the right data at the right time […]

Today’s post continues an ongoing series on Polarity Security Operations Center (SOC) use cases; demonstrating how Polarity helps you to see the story in your data without sacrificing thoroughness or speed. According to IBM’s X-Force and Dell Secureworks, Phishing attacks have been the top initial compromise of all breach vectors (i.e. approximately 30%) for the […]

In an exclusive interview with the ThreatConnect Podcast, Robert Bigman, the former Chief Information Security Officer (CISO) at the CIA, said when investigators complete their analysis into how the Russian intelligence service eluded detection for months, if not years, during the Solar Winds hacks, they will likely find the same types of failures that contributed […]