ThreatConnect and Digital Shadows: Give Your Playbooks a SearchLight

ThreatConnect has improved our existing integration with Digital Shadows SearchLight. With these updates, multiple types of data like social media posts, pastes, dark web pages, technical information like DNS, and more can be found via Shadow Search and brought into ThreatConnect for further analysis. These new capabilities allow you to increase accuracy and efficiency by saving you from routine tasks, ultimately increasing your response time and accuracy.

Digital Shadows Playbook

Easy-to-execute automation capabilities allow you to bring information from Digital Shadows SearchLight into ThreatConnect – all triggered directly from the page you’re working from!

Having all of your Digital Shadows SearchLight threat intelligence in ThreatConnect along with CAL Feeds, Technical Blogs and Reports, and other intelligence feeds gives your entire team a common reference point that enables collaboration among datasets, helping you to make more informed decisions about the threat landscape.

The following use cases are now available with this integration:

  • Ingest Digital Shadows SearchLight into ThreatConnect using the SearchLight Job App to leverage the data for correlation against alerts. Then send data to your SIEM/EDR/Firewall for blocking.
  • Leverage the Shadow Search capability via the Playbook App as part of your automated workflows to validate and corroborate information found in alerts, enabling a more informed approach to incident response actions as well as saving your analysts from potentially time-wasting false positives.

The following actions are now available within the Playbook App:

  • Shadow Search
  • Advanced Request

Together, ThreatConnect and Digital Shadows provide the necessary intelligence to defend your organization against emerging cyber threats. If you’re a ThreatConnect customer, please reach out to your dedicated Customer Success Team for more information on employing the Digital Shadows Playbook App. If you’re not yet a customer and are interested in ThreatConnect and this integration, contact us at

Jeff Quist
About the Author
Jeff Quist

Jeff Quist, Product Marketing Manager at ThreatConnect, has 9 years of experience in Sales, Marketing, Product Management, and Product Marketing, mainly in technology and financial services. His professional experience and empathy for customers and partners help him to develop engaging marketing content and empower sales teams. Jeff lives in New York City and in his free time, he enjoys sketching, reading sci-fi novels, and supporting the Boston Bruins.