Skip to main content
Introducing Polarity Intel Edition: Streamlining Intel Distribution for SecOps
Polarity Intel Edition
Request a Demo

Flashpoint

Flashpoint illuminates the Deep and Dark Web. A pioneer in providing intelligence from these regions of the Internet, Flashpoint’s software and data services help companies, governments, and consumers enhance their cyber and physical security. The company’s unique blend of subject matter expertise and software engineering has changed the way meaningful and actionable intelligence is gleaned from the previously unmapped regions of the Internet.

Specialties

Products

Integration(s)

Flashpoint Intelligence Reports

The integration with Flashpoint ingests Flashpoint Intelligence Reports (Cyber and Physical Threats) and Technical Indicators into ThreatConnect. The reports are searchable and stored in ThreatConnect, with the full HTML version available for viewing. Technical Indicators are associated to the reports and contain additional context for research and monitoring, such as MITRE ATT&CK™ Tags. The ThreatConnect platform provides a central place for users to see all their team’s data, analyze that data, and integrate all of their security tools. The integration with Flashpoint Intelligence Reports includes technical indicators from Flashpoint along with support for MITRE ATT&CK tags in ThreatConnect. Customers will see incidents with actionable indicators associated with reports in ThreatConnect along with helpful context such as MITRE ATT&CK tags and scoring. Key features are:
  • Enhanced Detection
    • ThreatConnect allows organizations to send threat intelligence to an organization’s tools (like a SIEM or a firewall) as indicators of compromise and rules. This threat intelligence includes RIOs network threats as they relate to the DDW and strategic insights on TTPs and threat actor activity from Finished Intelligence. Organizations can instantly see platform ratings, team votes, and observation count per indicator or incident.
  • Collective Analytics Layer
    • By aggregating and normalizing threat data from any source, ThreatConnect’s Collective Analytics Layer helps users gain visibility into who is attacking their organization, view how often indicators are observed, and evaluate how relevant they are. The Finished Intelligence and RIOs datasets provide additional context on these investigations, enabling the network defender and intelligence teams to remediate and take relevant action to support their business operations.
This app can be found in the ThreatConnect App Catalog under the name: Flashpoint Intelligence Reports.
Keep Reading
dark orange ThreatConnect TC logo

Built By ThreatConnect

Looking for an
integration not shown?