Methodology

How We Identify, Manage,
and Block Threats Faster

We get it. You need to analyze massive volumes of data to see patterns, get context, and find relationships – all to learn more about a threat. That’s where we come in. The ThreatConnect Platform brings together the ThreatConnect data model, advanced data analytics, and collaborative intelligence to provide you with the complete picture about threats.

Built by Analysts for Analysts™

ThreatConnect’s founders come from a range of security backgrounds, from software engineers to threat analysts. ThreatConnect’s co-founder and current VP of Product is an author of The Diamond Model for Intrusion Analysis, a methodology for analyzing and relating threat information. The founders built a comprehensive cybersecurity platform so the security industry could move faster, make better decisions, and provide more adequate protections against increasingly sophisticated and complex cyber threats.

With the ThreatConnect Platform, you can:

  • Aggregate all of your data into a common workable format
  • Easily pivot on your data to find new information
  • Build a system of record for your organization
  • Learn about adversary attack patterns
  • Make data-driven decisions to keep your network safe

Leverage the ThreatConnect Data Model

The ThreatConnect Platform was specifically designed to help you understand adversaries and mitigate threats faster using threat intelligence.

  • Data is stored as either indicators (such as hosts or URLs) or groups, which are a collection of related behavior and intelligence (such as adversaries or emails)

  • Supports 8 different group categories and 10 different indicator categories, with the ability to create your own indicator types

  • Groups and indicators can be associated to each other, so you can start to see patterns between the data

Get Your Free Account

Get Insights from
Millions of Data Points

ThreatConnect’s CAL™ (Collective Analytics Layer) provides an anonymous way to learn how many times potential threats were identified across all participating platform instances.

  • Get immediate insight into how widespread or relevant a threat is
  • Discover how many pageviews, observations, and false positive reports each indicator has
  • Find out when indicators were reported in each source

Use Multiple
Analysis Methodologies

Whether you use the Diamond Model of Intrusion Analysis, Lockheed Martin’s Cyber Kill Chain ®, or something entirely different, ThreatConnect will support you.

  • Pivot between indicators and groups to spot patterns
  • Customize indicators, attribute, import rules and more
  • Tag indicators with categories like Kill Chain Stages for easy organization and analysis

Collaborate & Share Intelligence

Collaboration within a trusted community – whether across industries, along your supply chain, or simply within your organization – can be the most effective source of threat intelligence at your disposal. Our versatile Platform scales as your needs change, providing robust access control, data markings, and classifications along with workflows and processes to facilitate collaboration.

  • See what industry peers are saying about threats
  • Create private communities to securely communicate with teammates or stakeholders
  • Always have full control over what you share and who you share it with

Threat Intelligence Platforms: Everything you‘ve ever wanted to know but didn’t know to ask

Enterprise organizations need to move faster, collaborate more intently and make better use of existing tools to aggregate, analyze, and act on threat intelligence. We’ve compiled the latest need-to-know data and use cases to help your organization better understand the purpose and function of a Threat Intelligence Platform.

Download Now

SOAR Platforms: Everything you need to know about Security Orchestration, Automation, and Response

SOAR gives your organization the platform required to implement an intelligence-driven security strategy. Download our free SOAR eBook to learn how your team can increase your effectiveness in stopping, containing, and preventing attacks.

Download Now

Link to: Home
tc-logo
Request a Demo Login
USA HQ

3865 Wilson Blvd.
Suite 550
Arlington, VA 22203
Directions

Toll Free: 1.800.965.2708
Local: +1.703.229.4240
Fax: +1.703.229.4489

Solution

By Industry
By Role
By Need
How to Buy

Company

About
Leadership
Methodology
Research Team
Careers

Learning Portal

Learn More
Knowledge Base
Github Repository

UK Office

107-111 Fleet Street
London, EC4A 2AB
United Kingdom

Tel: +44 20 7936 9101

Learn

Blog
Resources
News
Events

Contact

Sales
Support
PR
Careers
Training

©2012- 2021 ThreatConnect, Inc. All Rights Reserved

Privacy Policy | Sitemap | Terms of Service

To give you the easiest possible experience, this site uses cookies. Find out more about our Privacy Policy and Cookie Policy. By continuing to use this site, you are giving us your consent to do this.

Close