Search results for:

• Jan 7th, 2021

  Former CIA Cybersecurity Chief Speaks Out on Solar Winds Hack

  In an exclusive interview with the ThreatConnect Podcast, Robert Bigman, the former Chief Information Security Officer (CISO) at the CIA, said when investigators complete their analysis into how the R

• Jan 6th, 2021

  Risk Quantification, Threat Intelligence & Automation: Stronger Together

  ThreatConnect's marries cyber risk quantification (CRQ), threat intelligence platform (TIP), and SOAR capabilities.

• Jan 6th, 2021

  ANY.RUN

  ANY.RUN is the first interactive online malware analysis sandbox. The service provides detection, analysis, and monitoring of cybersecurity threats. Based on the interactive approach of investigations

• Dec 22nd, 2020

  8 Ways SOC & IR Teams Can Use ThreatConnect’s Workflow Capability

  ThreatConnect’s Workflow capability enables users to continuously improve security processes with a single Platform for process documentation, team collaboration, and artifact enrichment. With W

• Dec 22nd, 2020

  How to Use Workflow to Conduct Phishing Analysis Part 2 – Automating Phase 1

  While most organizations (88% in 2019 according to ProofPoint’s State of the Phish 2020 report) are targeted by spear phishing emails each year, the processes by which these messages are triaged and

• Dec 21st, 2020

  Why Your SOAR Needs Threat Intel Management, Not Feed Management

  When it comes to using threat intelligence to aid in the investigation of alerts or phishing, it’s essential to have the right feeds (whether OSINT or paid). We often get asked, “can I just dump f

• Dec 18th, 2020

  Tracking Sunburst-Related Activity with ThreatConnect Dashboards

  Recently FireEye discovered that the SolarWinds Orion IT monitoring platform was compromised earlier this year. The threat actor used SolarWinds cryptographic keys to sign multiple backdoored files po

• Dec 17th, 2020

  Tactical Threat Hunting (Part 1): Providing the information that matters, when it matters.

  This is part 1 of a 2 part series. In a previous article,  “SOAR: An Incident Responder’s Best Friend,”  we discussed the issues facing Incident Responders today and how Security Orchestration

• Dec 15th, 2020

  Infrastructure Research and Hunting: Boiling the Domain Ocean

  The Diamond Model of Intrusion Analysis identifies two main nodes as actor assets that may ultimately interact with a target / victim’s own assets — capabilities and infrastructure. But while

• Dec 14th, 2020

  ThreatConnect and Cisco Identity Services Engine (ISE): Streamline Security Policy Updates

  ThreatConnect and Cisco have partnered to deliver a Playbook app for joint customers to leverage. With this Playbook app, you can control the network status of an endpoint in Cisco ISE. The Cisco Iden

• Dec 9th, 2020

  ThreatConnect Releases Risk Quantifier™ 5.0 – Driving Continued Innovation in Cyber Risk Quantification

  Latest release introduces support for multiple security control frameworks and is the industry’s first product to prioritize common vulnerabilities and exposures (CVEs) by the financial risk they br

• Dec 9th, 2020

  Always Know a Vulnerability’s Weak Point with the Polarity Rapid7 AttackerKB Integration

  Today’s post continues an ongoing series on Polarity Integrations. Data tells a story, Polarity helps you see it with Augmented Reality overlaying contextual information from the applications you us