Read insights, thought leadership, and platform updates.

We have developed TIPpers, which are incidents the ThreatConnect Research team flags for your awareness, so your organization can take decisive action. TIPper: 64-bit Quarian APT Malware Details a low detection 64-bit malware DLL, which matches strings and configuration used in Quarian, a Chinese Advanced Persistent Threat (APT), malware. That malware connects to infrastructure previously […]

It’s in the way that you fuse it Intel comes and it goes It’s in the way that you use it Snoke don’t you know                        – Eric Clapton (modified) When I decided to join a cybersecurity startup, I had no idea fashion designer would […]

ThreatConnect builds academic partnerships to train the next generation of threat intelligence analysts In The Empire Strikes Back, Luke Skywalker heads to the remote Dagobah system to undergo Jedi training. And like the swamp-covered planet, sometimes the threat intelligence landscape can seem “bog-like”. How do I turn this pile of…data into actionable intelligence? Now, the […]

The SIEM is the Pan, the TIP is the Kitchen, Or: 5 Ways TIPs Can Enhance Your SIEM New infosec tools are popping up as fast as one would expect given the explosive growth of the market. Many of these tools are important weapons in your security arsenal: but how do you make sense of […]

ThreatConnect 4.1 Incorporates Return on Investment for Threat Intelligence If you have not seen it, Wade Baker, ThreatConnect’s VP Strategy and Risk Analytics, wrote a series of blog posts with the great folks at the RSA Conference discussing the evolution of InfoSec by looking at their conference topics over the past 25 years. One thing […]

Several SANS CTI ago I presented on the ROI of Threat Intelligence Sharing and wrote a complementary blog where I highlighted a few scenarios where resource constrained organizations could actually save time and money in the acquisition and processing (analysis) of Threat Intelligence through the simple act of sharing. While that notion is still valid […]

We’ve finally arrived at the fourth and final installment in this series exploring the relationship between threat intelligence and risk management. If you’re just joining us, previous posts are listed at the bottom of the page (and I do encourage you to start with those before diving into this one). We’ve covered a fair amount […]

ThreatConnect enables users to assign a Threat Rating and Confidence to every single indicator… but what do those numbers really represent?  In order to enable your organization to make the best decisions, it’s important to standardize on the connotation attached to these ratings.  When your analysts, defensive integrations, and leadership all speak the same language […]

Way, way too long ago, we started a series exploring the relationship between threat intelligence and risk management. I’m not sure if a 3+ month gap disqualifies it as a series, but I’ll claim we’re taking a page from the George R.R. Martin school of sequel timing. To refresh your memory, the last post examined how threat intelligence fits within […]

5 Tips For Effective Threat Intelligence See the FULL story 1.  Develop a strategy. 2. Choose your threat intelligence platform. 3. Find and hire the right people. (It’s not easy.) 4. Automate. Automate. Automate. 5. Gain better oversight via threat intelligence.

The following post will examine the need for organizations to use a Platform to meet the organization’s ever changing security requirements.  Unfortunately, the term Platform is an overused term, so we will look at what makes a true platform – what some call a Level 3 Platform. Then, we’ll examine how a true threat intelligence […]

Why Build Apps and Share them in ThreatConnect’s TC Exchange™ – Collaborate to Strengthen Your Threat Intelligence Practice If you’ve spoken with anyone here at ThreatConnect, you may have noticed that we, and many of our customers are all pretty excited about the launch of ThreatConnect’s TC Exchange™. I thought it would be a good […]