Read insights, thought leadership, and platform updates.

A Case Study in Using Playbooks with Spaces Apps How to use Playbooks to make spaces apps more effective You can find the Indicator Importer spaces app discussed in this post here. There are two goals for this blog post: To introduce the “Indicator Importer” spaces app (designed, open-sourced, and maintained by ThreatConnect users). How to […]

An Interview with Polarity’s CEO, CSO, and CTO 2019 – what a year for Polarity! From big product updates to growing our team to adding 42(!) new integrations, we have a lot to look back on – and even more to look forward to. Get an inside look at Polarity’s 2019 reflections and 2020 aspirations through the eyes of […]

Team Polarity is thrilled to announce our all-new Web and Server Releases! These releases will introduce some really exciting new functionalities throughout our platform that give users even more flexibility, transparency, and customization power. New Features Who else has seen this Annotation? Now, users can see who else has seen any annotation when they view […]

Security analysts rely on cybercrime intelligence to lead them in threat investigations. Without the information available to reference potentially malicious activity, they lack the context to keep their organizations safe and secure. That’s why cybersecurity teams leverage tools like Intel 471, to mitigate threats with as much information in their arsenal as possible. What is Intel […]

Due to the global reach of the dark web, there is no default language for cyber threats, leaving analysts to rely on tools like Google Translate to understand and mitigate threats in languages foreign to them. While translation tools certainly help bridge the knowledge gap, it is also tedious and time-consuming for analysts to repeatedly copy and […]

Querying GreyNoise’s both free and paid APIs to retrieve insights on IOCs for alert triaging and filtering purposes Analysts get inundated with alerts from all sorts of activity; both targeted and also part of widespread activity such as mass port scanning, crawlers, search engines, etc. Our customers wanted a way to use GreyNoise data from […]

The great thing about  SOAR is that, if deployed correctly, it gives your organization the platform required to implement an intelligence-driven security strategy. You can think of SOAR and how it’s been defined and implemented (so far) as operating very much like an enabler, or a hub for decision making. It provides a centralized location […]

We’re excited to announce our 3.2 Client Release! This release includes updates to our Settings, Menu, Optimizations, Zoom Capabilities, and Installer, as well as a few key improvements that will enhance the overall Polarity user experience. Check out the new features and improvements below! New Features Connection Settings Polarity’s all-new connection settings page makes it […]

We’re strengthening our partnership with ServiceNow® by offering more robust integrations with the ServiceNow Orchestration and ServiceNow Security Operations products, as well as launching a new Playbook App for managing table records across all ServiceNow products. With this update, we’ve added three types of integrations to the ServiceNow and ThreatConnect Platforms, each with its own […]

As someone in Customer Success for ThreatConnect, we are constantly asked to push the limits of our creativity for a customer. The Playbook below is the result of such a request. So without ado, I present Get all available information from JIRA! The prerequisites that you will need for this Playbook: URL to JIRA Instance […]

Anyone who’s worked with Windows Event Logs during forensic investigations knows how tedious and time consuming it can be. Working with large data sets of random numbers without context immediately available, forensic analysts end up spending their time constantly referencing Windows and flipping between multiple screens. Analyzing Windows Events using Polarity is a different story. […]

We were asked by a customer  to extend the analysis functionality of ThreatConnect to other SOC personnel that didn’t have direct access to the Platform. So we did. This Playbook creates a new process in which non-ThreatConnect users can get on-the-fly analysis and context into potential hash IOCs they’ve encountered, and simplifies the process of […]