ThreatConnect’s Playbooks feature now includes new applications for enrichment and threat detection
July 24, 2018 – Arlington, VA – Today, ThreatConnect, Inc.®, provider of the industry’s only extensible, intelligence-driven security platform, announces its latest series of Partner-centered Playbooks applications to help orchestrate and automate security processes. These new applications focus on enriching indicators, analyzing malware, and exporting indicators for further analysis and security event triage.
ThreatConnect CEO Adam Vincent said, “We continue to work with industry-leading partners to help our customers better manage and improve their security processes. Adding these important Playbook applications to our growing list ensures that ThreatConnect allows organizations to have more control, automation and effectiveness in their response to threats and to protect their businesses.”
New Playbooks applications include:
IBM X-Force Enrichment
ThreatConnect has created 5 new Playbooks apps that that allow users to retrieve a variety of IBM X-Force enrichments based on the specified indicator type. With this series of Playbooks, users can query IBM X-Force to retrieve DNS records, IP reports, Malware reports, URL reports, and WHOIS records.
McAfee Advanced Threat Detection (ATD)
ThreatConnect has created 3 new Playbooks apps that allow users to submit Files and URLs to McAfee ATD for zero-day malware analysis. Users can also leverage Playbooks to automatically retrieve a malware report from McAfee ATD based on a specified Hash value.
Malware Information Sharing Platform (MISP)
With 2 new playbooks apps for MISP, ThreatConnect users can easily export indicators from ThreatConnect to MISP as either Events or Attributes. These apps can create any attribute based on Category and Type within the MISP data model.
*Playbooks apps are only available to TC Manage™ and TC Complete™ users.
About ThreatConnect
ThreatConnect, Inc.®, the pioneer in threat intelligence platforms, arms organizations with a powerful defense against cyber threats and the confidence to make strategic business decisions. Built on the industry’s only extensible security platform, ThreatConnect provides a suite of products designed to meet the threat intelligence aggregation, analysis, automation, and orchestration needs of security teams at any maturity level. More than 1,600 companies and agencies worldwide use the ThreatConnect platform to integrate their security technologies, teams, and processes with relevant threat intelligence resulting in reduced detection and response time for enhanced asset protection. To learn more about ThreatConnect, visit: www.threatconnect.com.