Read insights, thought leadership, and platform updates.

Latest RQ 5.0 release introduces support for multiple security control frameworks and is the industry’s first product to prioritize common vulnerabilities and exposures (CVEs) by the financial risk they bring to the business. Even with all the strife experienced in 2020, companies are accelerating their digital transformation initiatives. Believe it or not, most companies are […]

ThreatConnect has delivered a Playbook App for Zoom users to leverage within the Platform. The app will allow you to launch a Zoom meeting, invite attendees, and save the meeting as part of an automation or orchestration. This helps your Incident Responders save time and remain coordinated with others during an investigation. With this new […]

Today’s post continues an ongoing series on Polarity Integrations. Data tells a story, Polarity helps you see it with Augmented Reality overlaying contextual information from the applications you use every day, no glasses or goggles required. With over 100 powerful integrations, Polarity’s open-source Integrations Library arms you with the right data at the right time […]

Today’s post continues an ongoing series on Polarity Security Operations Center (SOC) use cases; demonstrating how Polarity helps you to see the story in your data without sacrificing thoroughness or speed. Your analyst team lives a high stress and often painful life. They have to be right as close to 100% of the time as […]

Today’s post continues an ongoing series on Polarity Security Operations Center (SOC) use cases; demonstrating how Polarity helps you to see the story in your data without sacrificing thoroughness or speed. Understanding asset criticality, function, and location are absolutely critical when triaging an event to determine whether or not it is an actual incident requiring […]

ThreatConnect has released a Playbook App for joint customers to leverage PagerDuty. With this new Playbook App, you can easily monitor alarms and notify team members when necessary – leading to a more efficient and effective security team. PagerDuty is a real-time operations platform to manage alerts and escalations for system administrators and support teams. […]

Today’s post continues an ongoing series on Polarity Security Operations Center (SOC) use cases; demonstrating how Polarity helps you to see the story in your data without sacrificing thoroughness or speed. SOC Leadership must balance speed of analysis with quality of analysis. Turnover of analysts also means knowledge and experience loss and a continual skill […]

ThreatConnect has partnered with Cisco Security to deliver a Playbook App for joint customers to use Cisco Secure Access by Duo (formerly Cisco Duo). Now, users can automate processes during an internal security investigation when it’s critical to quickly get user information or suspend users involved with a security incident. The App allows you to: […]

Enriching Indicators with haveibeenpwned ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetitive tasks so they can focus on what is most important. And in many cases, to ensure the analysis process can occur consistently and in real time, without human intervention. Why Was the Playbook Created? Data breaches come and […]

ThreatConnect and VirusTotal have improved our collaboration with a new Playbook App! This app will allow you to send malware to a sandbox to be further examined and retrieve the results from VirusTotal.  Leveraging this App, you will be able to perform Phishing Email Triage, Endpoint Investigation, and Malware Hunting. This all leads to more […]

Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related indicators across ThreatConnect’s CAL™ (Collective Analytics Layer). In this Roundup, we highlight the Late 2020 Wizard Spider / UNC1878 / Ryuk Campaign. In late September […]

ThreatConnect has partnered with security giant McAfee and released multiple Playbook Apps and one App Service for McAfee DXL. McAfee DXL is a communication fabric and it allows us to easily connect with nearly every piece of McAfee technology.  The Playbook Apps will allow you to Publish Events and Invoke Services on DXL topics while […]