Read insights, thought leadership, and platform updates.

ThreatConnect and ANY.RUN have partnered to deliver a Playbook App for joint customers to leverage. With the addition of this Playbook App, you will be able to submit files to ANY.RUN for sandboxing and retrieve results automatically via Playbooks. This all leads to more informed decision making and more efficient remediation of malicious files through […]

ThreatConnect has revamped our existing integration with Slack by leveraging their latest APIs and Authentication, doing this allows us to include a ton more functionality. With Playbooks, you can automatically keep team members informed, get instant updates with notifications or escalations, and create channels as part of investigations. By automating this process, you turn your […]

Today’s post continues an ongoing series on Polarity in Action, demonstrating how Polarity helps you to see the story in your data without sacrificing thoroughness or speed. In today’s video, Polarity’s resident SOC expert, Terry McGraw, walks through an event triage use case, showcasing how Polarity provides analysts with all of the data they need, […]

Executive Summary CrimsonIAS is a Delphi-written backdoor dating back to at least 2017 that enables operators to run command line tools, exfiltrate files, and upload files to the infected machine. CrimsonIAS is notable as it listens for incoming connections only; making it different from typical Windows backdoors that beacons out. The characteristics found in CrimsonIAS’s […]

Building a threat intelligence-led security program with security orchestration, automation, and response (SOAR) capabilities helps to advance your program and gives your company or agency a fighting chance to defeat these advanced and evolving threats. Businesses and organizations with less mature cybersecurity programs tend to be in a constant state of reacting to threats, vulnerabilities, […]

ThreatConnect is pleased to deliver a Playbook App for joint customers to leverage AT&T AlienLabs OTX. With this app, you can query Alien Labs OTX for enrichment information on various indicators of compromise (IOC) types. By automating this process, you bring relevant, timely, and accurate threat intelligence into ThreatConnect and use it to make better, […]

We would like to congratulate Ben Ruffley, Sr. Digital Forensics & Incident Response Manager at Procter & Gamble as the Polarity Community Contributor of the quarter! Ben has greatly helped Polarity build its product roadmap and understand how to improve the Polarity experience for everyone. We encourage all of our Polarity Community members to look […]

The Cybersecurity and Infrastructure Security Agency (CISA) has launched a new cybersecurity effort to develop actionable metrics and quantify cyber risk across the nation’s critical infrastructure sectors. The Systemic Cyber Risk Reduction Venture is being developed in partnership with the National Risk Management Center (NRMC) and will focus on the relationship between threat, vulnerability, and […]

Today’s post continues an ongoing series on Polarity Integrations. Data tells a story, Polarity helps you see it with Augmented Reality overlaying contextual information from the applications you use every day, no glasses or goggles required. With over 100 powerful integrations, Polarity’s open-source Integrations Library arms you with the right data at the right time […]

There are many definitions for Threat hunting from an active cyber defense activity that proactively and iteratively searches through networks to detect and isolate advanced threats that evade existing security solutions to the practice of proactively searching for cyber threats that are lurking undetected in a network. These are just two of the many definitions […]

New survey suggests companies aren’t prepared or equipped to deliver cyber risk quantification data Cyber risk has long been acknowledged as one of the top risks facing companies of all sizes. And while it has traditionally been viewed as solely a technical issue, business executives and boards of directors are now demanding a view into […]

This year the conversation about cyber risk and cyber risk quantification must change. Even the best vulnerability management program isn’t really addressing cyber risk. Did you know that more than 13% of all Common Vulnerabilities and Exposures (CVEs) have a severity score between 9.0 and 10.0 (the highest possible value). Of those 13%, 7,628 (or […]