Skip to main content
Introducing Polarity Intel Edition: Streamlining Intel Distribution for SecOps
Polarity Intel Edition
Request a Demo

ThreatConnect and OPSWAT MetaDefender Cloud: Malware Protection Meets Playbook Power

ThreatConnect and OPSWAT have delivered a new Playbook for joint customers. This Playbook App will allow you to submit Files for sandbox analysis and retrieve analysis results. In addition to sandboxing, the app lets users retrieve enrichment information for Address, Host, URL, and File IOCs.

OPSWAT Metadefender Cloud Blog

The following capabilities are available:

  • Automated Malware Sandboxing
    • As part of a security process, you can automatically send malware to your sandbox. Once sandboxed, you’ll get outputs in the form of file hashes. You can then use these outputs to inform detection and remediation processes in the rest of your security stack.
  • Enrichment
    • As part of an investigation, you may come across a familiar file hash and want to see if you’ve seen it and sandboxed it before. You can use ThreatConnect to query OPSWAT MetaDefender Cloud and retrieve this information as part of an enrichment process during a case or investigation.

The following actions are available:

  • Analyze File
  • Get File Enrichment
  • Get Address Enrichment
  • Get Host Enrichment
  • Get URL Enrichment
  • Get File Analysis Results
  • Advanced Request

Together, ThreatConnect and OPSWAT help you to automate remediation tasks and protect your network from sophisticated attacks. If you’re a ThreatConnect customer, please reach out to your dedicated Customer Success Team for more information on how to get the most out of the OPSWAT MetaDefender Cloud Playbook app. If you’re not yet a customer and are interested in ThreatConnect and this integration, contact us at sales@threatconnect.com.

About the Author

ThreatConnect

By operationalizing threat and cyber risk intelligence, The ThreatConnect Platform changes the security operations battlefield, giving your team the advantage over the attackers. It enables you to maximize the efficacy and value of your threat intelligence and human knowledge, leveraging the native machine intelligence in the ThreatConnect Platform. Your team will maximize their impact, efficiency, and collaboration to become a proactive force in protecting the enterprise. Learn more at www.threatconnect.com.