Read insights, thought leadership, and platform updates.

We want to showcase some recent integration framework updates that allow users to take actions directly from within the Overlay Window. To do this, we’ll focus on user driven queries, and integration actions. User Driven Queries Polarity integrations now have the ability to retrieve additional data based on user actions. User driven queries improve performance, […]

Headed to RSA? Here are some ideas of things to do! RSA Conference 2019 is just around the corner! Make the most of your time in San Francisco by filling your time with some classic San Francisco activities, and of course, making time for some show-related activities. 5. Ghirardelli Square Stop by for something sweet […]

This Playbook queries Cymon.io API, which tracks malware, phishing, botnets, spam, and more ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetitive tasks so they can focus on what is most important. And in many cases, to ensure the analysis process can occur consistently and in real time, without human intervention. […]

This Bit.ly URL decoder Playbook automatically lengthens potentially malicious bit.ly urls. ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetitive tasks so they can focus on what is most important. And in many cases, to ensure the analysis process can occur consistently and in real time, without human intervention. As analysts, […]

By taking an intelligence-driven approach, we can start to connect the dots in a more interesting fashion ThreatConnect allows you to curate almost every facet of your intelligence — including indicator reputation. One of the best ways you can help keep a tidy shop is to flag an indicator as a False Positive (FP) when […]

This Playbook is designed to automate the monitoring and alerting of Github activity for a given user ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetitive tasks so they can focus on what is most important. And in many cases, to ensure the analysis process can occur consistently and in real […]

Detect a website’s content management system (CMS) ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetitive tasks so they can focus on what is most important. And in many cases, to ensure the analysis process can occur consistently and in real time, without human intervention. Determining the CMS (Content Management System) […]

Polarity’s integration framework can connect to your existing third-party data sources ensuring you have contextual awareness of data from across your organization. Our latest integration is with Pulsedive, a free threat intelligence platform that provides real-time threat data on IOCs including IPs, domains, and URLs. What is Pulsedive? Pulsedive is a new analyst-centric threat intelligence […]

Using this Playbook Component, incident responders and analysts can check if a given domain exists on any lists of the most frequently visited hostnames ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetitive tasks so they can focus on what is most important. And in many cases, to ensure the analysis […]

One of our top integration requests has been Playbooks for RSA Archer. Good News: we now have numerous out-of-the-box integration capabilities for connecting RSA Archer and ThreatConnect! These apps and playbooks templates allow you to perform a variety of use cases with Archer, from saving users time by automatically assigning relevant threat intelligence to cases, […]

Monitor a website’s content and get alerts if it changes ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetitive tasks so they can focus on what is most important. And in many cases, to ensure the analysis process can occur consistently and in real time, without human intervention. Monitoring websites for […]

Gain insight into possible permutations of domain names to indicate suspicious activity and further analysis For this week’s Playbook Fridays post, we’re mixing things up a little. Instead of directing you on how to set-up a specific Playbook, we’re going to help you take advantage of an App we built which is set up on […]