ThreatConnect has improved our existing integration with Digital Shadows SearchLight. With these updates, multiple types of data like social media posts, pastes, dark web pages, technical information like DNS, and more can be found via Shadow Search and brought into ThreatConnect for further analysis. These new capabilities allow you to increase accuracy and efficiency by saving you from routine tasks, ultimately increasing your response time and accuracy.
Having all of your Digital Shadows SearchLight threat intelligence in ThreatConnect along with CAL Feeds, Technical Blogs and Reports, and other intelligence feeds gives your entire team a common reference point that enables collaboration among datasets, helping you to make more informed decisions about the threat landscape.
The following use cases are now available with this integration:
- Ingest Digital Shadows SearchLight into ThreatConnect using the SearchLight Job App to leverage the data for correlation against alerts. Then send data to your SIEM/EDR/Firewall for blocking.
- Leverage the Shadow Search capability via the Playbook App as part of your automated workflows to validate and corroborate information found in alerts, enabling a more informed approach to incident response actions as well as saving your analysts from potentially time-wasting false positives.
The following actions are now available within the Playbook App:
- Shadow Search
- Advanced Request
Together, ThreatConnect and Digital Shadows provide the necessary intelligence to defend your organization against emerging cyber threats. If you’re a ThreatConnect customer, please reach out to your dedicated Customer Success Team for more information on employing the Digital Shadows Playbook App. If you’re not yet a customer and are interested in ThreatConnect and this integration, contact us at firstname.lastname@example.org.