Read insights, thought leadership, and platform updates.

Today’s post continues an ongoing series on Polarity Security Operations Center (SOC) use cases; demonstrating how Polarity enables you to see the story in your data without sacrificing thoroughness or speed. To understand the operational impact of malicious activity on the network, a SOC analyst must be able to determine not only what function an affected […]

Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related indicators across ThreatConnect’s CAL™ (Collective Analytics Layer). Note: Viewing the pages linked in this blog post requires a ThreatConnect account. In this edition, we cover: […]

Why Acquiring Nehemiah Security was the Right Decision Since its inception, ThreatConnect has used the analogy that it wants to be the “brain of security,” to act as its central nervous system providing both decision and operational support. We use this analogy because of the relationship between decision making and taking action that the brain […]

Today’s post begins a series on Polarity Security Operations Center (SOC) use cases; demonstrating how Polarity enables you to see the story in your data without sacrificing thoroughness or speed. Understanding the reputation of a domain that appears in an event presented to an analyst for investigation is a critical step in identifying malicious activity. The […]

ThreatConnect has long supported the MITRE ATT&CK framework and, we are delighted to be among the first to support MITRE ATT&CK Sub-techniques. As a quick refresher, MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for developing specific threat […]

Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related indicators across ThreatConnect’s CAL™ (Collective Analytics Layer). Note: Viewing the pages linked in this blog post requires a ThreatConnect account. In this edition, we cover: […]

We would like to congratulate Shawn Thomas, SOC Manager at Verizon Media with The Paranoids and host of the Detections Podcast, as the Polarity Community Contributor of the quarter! Shawn has greatly helped Polarity build its product roadmap and understand how to improve the Polarity experience for everyone. We encourage all of our Polarity Community […]

Today’s post continues an ongoing series on Polarity User Tips. Data tells a story, Polarity helps you see it with Augmented Reality overlaying contextual information as you work, giving you the right data at the right time to make informed decisions and take action with speed (no glasses or goggles required). This guide explains how […]

This is a recording of Community Tech Tuesday, where you’ll hear from Polarity and our integration partner, HYAS. We go light on slideware so we can focus on live product demo and Q&A. It’s a great way to see how Polarity and HYAS can help you to see the story in your data with Augmented Reality […]

Howdy, and welcome to the ThreatConnect Research Roundup, a collection of recent findings by our Research Team and items from open source publications that have resulted in Observations of related indicators across ThreatConnect’s CAL™ (Collective Analytics Layer). Note: Viewing the pages linked in this blog post requires a ThreatConnect account. In this edition, we cover: […]

Decrease Time to Response and Remediation with SOAR As an Incident Responder (IR), it doesn’t seem to matter how quickly you solve an issue nor if the case or ticket comes to you with no additional information. You are constantly told to “move faster.” You’re flooded with tickets, incidents and cases – but often times […]

ThreatConnect has partnered with Okta, a leader in the Identity and Access Management (IAM) space, to deliver a Playbook App for joint customers. This App allows you to automate processes during an internal security investigation when it’s critical to quickly get user information or suspend users involved with a security incident. Let’s dive in. The […]