Read insights, thought leadership, and platform updates.

Way, way too long ago, we started a series exploring the relationship between threat intelligence and risk management. I’m not sure if a 3+ month gap disqualifies it as a series, but I’ll claim we’re taking a page from the George R.R. Martin school of sequel timing. To refresh your memory, the last post examined how threat intelligence fits within […]

5 Tips For Effective Threat Intelligence See the FULL story 1.  Develop a strategy. 2. Choose your threat intelligence platform. 3. Find and hire the right people. (It’s not easy.) 4. Automate. Automate. Automate. 5. Gain better oversight via threat intelligence.

The following post will examine the need for organizations to use a Platform to meet the organization’s ever changing security requirements.  Unfortunately, the term Platform is an overused term, so we will look at what makes a true platform – what some call a Level 3 Platform. Then, we’ll examine how a true threat intelligence […]

Why Build Apps and Share them in ThreatConnect’s TC Exchange™ – Collaborate to Strengthen Your Threat Intelligence Practice If you’ve spoken with anyone here at ThreatConnect, you may have noticed that we, and many of our customers are all pretty excited about the launch of ThreatConnect’s TC Exchange™. I thought it would be a good […]

ThreatConnect® has partnered with Malformity Labs LLC to develop a full transform set that allows for data from ThreatConnect to be integrated with the capabilities of Maltego. All ThreatConnect customers can take advantage of our partnership with Malformity Labs LLC and use the Maltego transform set through the ThreatConnect®  API and a provided transform server. Customers […]

How Threat Intelligence fits within Risk Management This is the second post in a series exploring the relationship of threat intelligence and risk management. If you missed the previous one, wherein I briefly explained why these two should get together, read that first. If you’re wondering what qualifies me to pontificate about managing risk, don’t worry; it’s on my […]

Executive Summary In early July 2015, Chinese APT actors used an Adobe Flash Player exploit within a specific webpage detailing a noteworthy international legal case between the Philippines and China. This precedent setting legal case would be followed by many Southeast Asian nations, as well as others around the globe. The exploit appeared on day […]

As highlighted in our recent webinar with Rick Holland, when there is a security event of great magnitude, organizational leadership will want to know as much as possible about the technical WHAT and HOW, as well as the WHO and the WHEN. In many cases, not all of these questions can be answered definitively; however, […]

Back in February 2015, the ThreatConnect team conducted in-depth independent analysis of the Anthem breach, finding connections to amorphous Chinese APT activity. Although our primary concern at the time was with the malicious Wellpoint/Anthem and VAE, Inc. (a Federal contractor) command and control domains, we couldn’t help but notice a peculiar related OPM-themed domain, opm-learning[.]org. […]

Arguably one of the most controversial subjects in Threat Intelligence currently is the topic of Attribution, or developing Adversary Intelligence. Industry pundits will debate attribution with a religious zeal, bashing each other with talking points for and against the position.  Unfortunately, many newcomers to the debate, as well as experienced practitioners and consumers, are often caught […]

The Cost of Bad (and Value of Good) Threat Intelligence Written by Andy Pendergast, co-author of the Diamond Model for Intrusion Analysis Earlier this week, Sergio Caltagirone. published an article on his blog, highlighting the cost of bad threat intelligence. His points were valid. There is a very real risk in terms of lost time, […]

I am excited to see threat intelligence sharing is catching on as a way to empower cyber security defenders with timely, relevant, and actionable threat intelligence data.  I believe, and I actually always have, in “crowd power”.  Our Intelligence Research Team, contributes daily to our ThreatConnect Communities.  The team takes great pride in sharing with […]