Read insights, thought leadership, and platform updates.

The Advanced Persistent Talent series profiles ThreatConnect employees and explores how their work impacts products and offerings, how they got here, and their views on the industry at large. Want to know more about a particular team? Let us know! One of the most prevalent criticisms of AI tools today is that they could be […]

Every vulnerability tells a story—but when that story is scattered across a dozen different intelligence feeds, understanding the real threat becomes nearly impossible. Consider the challenge: CVE-2023-23397 appears in your threat feeds with conflicting CVSS scores, fragmented timeline data, and intelligence buried across multiple sources. Your analysts burn hours manually connecting these dots while real […]

Security operations centers (SOCs) are burning out. And no, more pizza parties won’t fix it. According to the latest SANS SOC Survey, a staggering 84% of security professionals report feeling burned out. Nearly 70% say that relentless alert volumes are bleeding into their personal lives. Meanwhile, the cybersecurity workforce gap has grown 19% in the […]

Typosquatting is a sneaky tactic where bad actors register misspelled versions of popular domain names—think amazn.com instead of amazon.com—to hijack traffic, mislead users, or even steal personal information. Every mistyped domain or accidental click that lands on a fake site instead of yours is a potential risk. In today’s threat landscape, protecting your brand means […]

We’re thrilled to announce the latest release of Polarity Client and Server, packed with powerful new features designed to make your investigations faster, more secure, and more efficient than ever before! This update introduces a game-changing Document Search capability and significant enhancements to our API with new API Tokens, opening up a world of possibilities […]

The geopolitical tensions between Israel and Iran continue to pose significant cyber and physical security risks to organizations across the globe. With threat activity emanating from advanced state-sponsored actors, hacktivist collectives, and opportunistic criminal groups, security teams must remain agile, informed, and proactive. The Israeli–Iranian Conflict Intelligence Dashboard is designed to equip defenders with timely, […]

The Advanced Persistent Talent series profiles ThreatConnect employees and explores how their work impacts products and offerings, how they got here, and their views on the industry at large. Want to know more about a particular team? Let us know! People find their way to the world of threat intelligence in all sorts of ways. […]

The road to achieving FedRAMP Authorization is not an easy one. It’s a rigorous process that requires time, effort, and unwavering dedication to security and compliance. At ThreatConnect, we have recently announced that we have reached this milestone, a testament to our commitment to providing robust cybersecurity solutions that meet the highest government standards.  The […]

Great Alerts, Terrible Prioritization “He is gathering all evil to him. Very soon, he will summon an army great enough to launch an assault upon Middle-earth.” Sauron had a detection program. But like many security teams, it was overly focused on indicator-based detection. His Eye swept across Middle-earth with constant surveillance. His Ringwraiths were real-time […]

The 2025 SANS Cyber Threat Intelligence (CTI) Survey reveals a maturing discipline facing persistent challenges: lack of process formalization, difficulty proving ROI, and an urgent need to communicate value to business stakeholders. This article summarizes the survey’s key findings and explains how ThreatConnect’s Intel Hub Platform – which combines our TI Ops, Risk Quantifier, and […]

APT28 is a Russian state-sponsored threat actor with a long history of sophisticated cyber operations targeting governments, defense contractors, and critical infrastructure sectors across the globe. According to a  CISA advisory released on May 21, 2025  this group has been exploiting known vulnerabilities in routers and other network devices to gain persistent access to sensitive […]

In today’s dynamic cyber landscape, organizations face an evolving array of threats and vulnerabilities that challenge their resilience. Whether it’s defending against ransomware attacks, identifying critical vulnerabilities (e.g. CVE-2023-23397), or responding to adversaries’ rapidly changing tactics, being able to measure and understand risk is integral to staying ahead of potential threats. And when it comes […]