Welcome to ThreatConnect’s Playbook Fridays! We will continually publish posts featuring Playbooks (and sometimes Dashboards!) that can be built in the Platform.
ThreatConnect developed the Playbooks capability to help analysts automate time consuming and repetitive tasks so they can focus on what is most important. And in many cases, to ensure the analysis process can occur consistently and in real time, without human intervention. Below is our latest post:
One of the most common questions we receive in Customer Success is how can we create an automated feed of indicators of compromise (IOCs)? Because of it’s extensible nature, there are many ways to do this within the Platform. However today’s focus is on two ways of creating these automatic feeds. Whether you want to integrate ThreatConnect with your network devices, or simply need a recurring csv report of specific indicators, this video will help guide you through two of the main ways you can use to convert your threat intel into useful data.
[av_video src=’https://youtu.be/X2jI8aZCHl8′ mobile_image=” attachment=” attachment_size=” format=’16-9′ width=’16’ height=’9′ conditional_play=” av_uid=’av-wlm5ld’ custom_class=”]
Download the Playbook demonstrated in this video, here.
View the video in Spanish:
For more more training resources, visit our Learning Portal at training.threatconnect.com.