Read insights, thought leadership, and platform updates.

As the world is struggling to respond to the global COVID-19 pandemic, we want to make sure we’re doing our part. There are a number of ne’er-do-wells that are trying to take advantage of the situation by exploiting people in their time of need, and we applaud the industry for coming together to find ways […]

A good hockey player skates to where the puck is. A great hockey player skates to where the puck is going to be. – Wayne Gretzky It might be cliche, but I’m an avid hockey player and coach. I’ve got as much of a right as anyone to quote the great one. I’ve spent the […]

From a Simple Notification Email to Threat-Bending Phishing Triage, This Is Your First Step ThreatConnect 6.0 introduces a brand new feature: Workflow. This capability lets you combine manual and automated operations to define consistent and standardized processes for your security teams: Malware analysis Phishing triage Alert triage Intel requirement development Escalation procedures Breach SOP And […]

Today’s post continues an ongoing series on Polarity User Tips. We help our users make better decisions, faster, with augmented reality for your desktop. This guide explains how users can get the most out of Polarity via Single or Dual Monitor Setups. Unfortunately, cybercrime won’t stop because of the ongoing COVID-19 pandemic. These are critical […]

Today’s post continues an ongoing series on Polarity Integrations. With over 100 powerful integrations, the Polarity Integrations Library allows users to connect Polarity to the tools they already use in their workflow, arming them with even better data awareness and recall. This example showcases our integration with EmailRep. Phishing campaigns are still one of the most […]

Here at Polarity, we’re a remote-first team, meaning our culture and infrastructure is built around remote work – it’s part of our identity as an organization. If you’re now working from home for an organization that typically works in an office, you’ll find yourself less prepared for the “new normal” of remote life that we’re collectively […]

Many of us are stuck at working from home due to COVID-19. These are very surreal times. For some of you (us), being at home trying to work might be a whole new world. Well, we’re here to help navigate these uncharted waters. A lot of ThreatConnectors have worked remotely for years, so we went […]

We’ve got options for how you can track activity related to Coronavirus / COVID-19 in the ThreatConnect Platform: 1. New System Dashboard – COVID-19 Related Activity The ThreatConnect Research Team has created the ‘COVID-19-Related Activity Dashboard’, which provides a single location to view consolidated, relevant intelligence from across various sources where threat actors are leveraging […]

More efficient processes. Better staff utilization. Increased documentation of processes. These are just a few of the benefits of automation, yet organizations may be slow to adopt automation technologies due to a fear of the unknown.  The thought of automating some of their most critical processes does initially cause anxiety for some, but if I […]

This Component creates a uniform structure for ATT&CK tags which can then be leveraged to create TQL queries, dashboards, or even newer Playbooks. And, since this is a Component, it can be added to any Playbook. This component can be used with any 3rd party intel which brings in ATT&CK data It only requires a […]

With increasing speed and ferocity, Cyber Criminals are evolving their tactics and tools to target and hack even the most protected environments. Cybersecurity teams are struggling to efficiently detect new threats in this landscape, making endpoint protection systems even more vital. In order to keep up with this ever-present challenge, cybersecurity teams must rely on […]

This Playbook gets the listing of TOR nodes from dan.me website and parses all of the information into ThreatConnect for consumption. TOR is often used by malicious actors to conceal their identity and operate anonymously. Tracking these along with their respective ThreatAssess scores and organization specific observations will help analysts spot potential threats. https://github.com/torproject/torspec/blob/main/dir-spec.txt Details […]