Read insights, thought leadership, and platform updates.
No results found

Continuous Control Validation with ThreatConnect Risk Quantifier 9.0
Cyber risk doesn’t wait until the next quarter. Neither should you. ThreatConnect RQ 9.0 let’s you keep up. With the launch of Risk Quantifier 9.0, security and risk leaders finally have a way to see what’s at risk, what it costs, and what to fix, continuously. Powered by Continuous Controls Monitoring (CCM), RQ 9.0 keeps […]

Beyond the Buzz: Analyst-First AI for MITRE ATT&CK
AI Buzzwords vs. AI Breakthroughs Analysts read reports every day that hint at adversary behavior but stop short of mapping to MITRE ATT&CK. Valuable context is lost, and blind spots grow. At the same time, vendors promise “AI-powered” features, but too often, what’s under the hood is little more than regex rules, keyword matches, or […]

Noise vs. Signal: From Zero-Day Chatter to Actionable Intelligence
The Problem: When “Zero-Day” Means Everything and Nothing CTI Teams’ inbox and feeds overflow daily with mentions of “zero-day” vulnerabilities. Blogs, reports, vendor advisories, and social media all promise the next catastrophic exploit. But behind the scary headlines, there is a lot of noise, generic chatter, academic discussions, or even misplaced buzzwords. Meanwhile, attackers aren’t […]

ThreatConnect’s Director of Information Security & Compliance Shares the Three Keys to Managing Three Teams at Once
The Advanced Persistent Talent series profiles ThreatConnect employees and explores how their work impacts products and offerings, how they got here, and their views on the industry at large. Want to know more about a particular team? Let us know! When you’re operating in a small organization, flexibility is key. It’s not enough to wear […]

Closing the Gap Between Cybersecurity and Compliance: DORA as a Catalyst for Risk-Informed Decision Making
The Digital Operational Resilience Act (DORA) is pushing companies across Europe to demonstrate something many have struggled with for years: measurable resilience. It’s no longer enough to check the compliance box or hand over a set of controls during an audit. Regulators want evidence that organizations can withstand, respond to, and recover from ICT disruptions. […]

Salt Typhoon Intelligence Dashboard Immediately Available for ThreatConnect
Salt Typhoon—also known in industry and U.S. government reporting as OPERATOR PANDA, RedMike, UNC5807, or GhostEmperor — is a sophisticated, state-sponsored Chinese cyber-espionage group expected to operate under the Ministry of State Security. Active since at least 2019, Salt Typhoon has executed one of the most expansive and consequential global hacking campaigns in modern history. […]

Blending Worlds: How a Large UK Bank Connects Geopolitical, Cyber, and Physical Intelligence with ThreatConnect
Modern financial threats don’t respect boundaries. Inside a large UK bank’s journey to integrate intelligence and streamline response. I recently sat down with a top security intelligence analyst at one of the UK’s largest banks to talk about how they’re reshaping their intelligence program with ThreatConnect. What follows is their story, in their own words, […]

We’ve Hit the Tipping Point in Cyber Defense – Here’s the Fix
The attack surface is expanding, burnout is climbing, and executive–security alignment is nigh. The Intel Hub turns that alignment into action. For years, cybersecurity teams have fought an asymmetric battle. Threat actors only need to succeed once. Defenders must succeed every time. But the rules of this game have changed – and the gap between […]

Threat-Informed, Financially Grounded: Modern Cyber Risk Quantification with MITRE ATT&CK and Threat Intelligence
As cybersecurity evolves – so do the tools designed to combat recurring problems that exist within. EDR replaced antivirus. MFA displaced passwords. XDR is basically SIEM dressed to impress. RBAC matured into PBAC/ABAC, and so on. Still, despite the tremendous progress with available security tools, today’s CISOs face increasing pressures to deliver clear and defensible […]

The Curious Case of the Vanishing Threat Intel – And How to Solve It
It began, as many mysteries do, with a statement of defeat. “There’s no way we could have prevented this.” Baskerville Bank had just suffered a crippling ransomware attack. Production systems were encrypted. The customer portal was dark for 12 hours. Operational disruptions cost over $3.2M, not counting the inevitable PR fallout, legal action, and suspected […]

Harnessing Generative AI Safely: Why Shadow IT Is Your Next Big Data-Leak Risk—and How Polarity Stops It
Generative AI (GenAI) tools like OpenAI’s ChatGPT and Google’s Gemini offer unparalleled productivity gains—but at what cost? According to the 2025 Verizon Data Breach Investigations Report, 15 percent of employees access GenAI on corporate devices at least once every 15 days—and of those users, 72 percent do so with personal (non-corporate) accounts while another 17 […]

Black Hat 2025: Exposure Management, AI Defense, but No Donuts
Every Black Hat is a bit of a mirror. It shows you the state of the industry, sure — but if you’re paying attention, it also reflects where you are as a practitioner and a company that’s been doing this long enough to notice the small changes. This year’s reflection? The hype is settling. Conversations […]