USA HQ
3865 Wilson Blvd.
Suite 550
Arlington, VA 22203
Directions
Toll Free: +1.800.965.2708
Local: +1.703.229.4240
Fax: +1.703.229.4489
Solution
Company
Learning Portal
©2012- 2021 ThreatConnect, Inc. All Rights Reserved
Pages
- Become a Partner
- Black Hat Thank You
- Blog
- Building a Threat Intelligence Program
- Building a TI Program UK
- Collective Analytics Layer
- Company
- Contact
- Cookie Policy
- CTA White Papers
- Cyber Risk Quantification eBook: Inside the Lean Six Sigma of Cybersecurity
- Dashboards
- Deal Registration
- Fireside Chat With ThreatConnect CEO Adam Vincent
- Forrester TEI: ThreatConnect ROI
- Free vs Paid
- FS-ISAC Fall Summit
- FS-ISAC Fall Summit
- Gartner 2020 Security & Risk Management Summit
- Gartner Market Guide for Security Orchestration, Automation and Response Solutions
- Global Candidate Privacy Notice
- Gucifer and Fancy Bear
- Home - ThreatConnect
- Integrations
- Intelligence-Driven Orchestration
- Kingston University
- Large Enterprise Needed Centralized Threat Intelligence Management
- Mitigating Cyber Risk In Critical Infrastructure
- More is Note More
- National Medical Insurance Provider Quantifies Risk
- Nehemiah Security and ThreatConnect
- Ong-isac
- ONG-ISAC Allied Partners
- ONG-ISAC Collaborators
- Ong-Isac TC User
- Operation Arachnaphobia
- Pardot Sample Landing
- Partners
- Playbook Fridays
- Playbooks ROI Calculator
- Premium ThreatConnect Intelligence Source
- Privacy Policy
- Project CameraShy Resources
- Quantifying Cyber Risk for your OT and IT Networks
- Reduce Risk
- Request a Demo
- Resources
- RQ Survey
- SAP Deloitte
- SecTor Virtual Summit
- SIEM + Threat Intelligence
- Sitemap
- SOAR ebook
- SOAR ebook - Digioh
- SOAR Market guide
- SOAR TIP eBooks
- Solution
- Automated EDR
- Automation & Orchestration
- Brand Monitoring
- Building a Threat Library
- Case Management
- Continuous Evaluation
- CVE Prioritization
- Cyber Risk Quantification
- Cyber Risk Quantification 2021
- Cyber Risk Quantification 2021
- Dashboards and Reporting
- Energy & Utilities
- Financial Services
- Government
- Healthcare
- How To Buy
- Incident Response
- Intelligence Sharing
- MSSPs
- Phishing Analysis & Response
- Playbook Servers and Playbook Workers
- Quantify Cyber Risk
- Retail
- Security Leadership
- Security Operations
- SOAR Platform (Security Orchestration, Automation and Response)
- Tactical Threat Hunting
- Technology Companies
- Threat Intel Analysts
- Threat Intelligence
- Threat Intelligence Platform
- ThreatConnect Browser Extension
- ThreatConnect for MITRE ATT&CK
- ThreatConnect for State & Local Government
- Vulnerability Management
- STIX TAXII
- Subscribe to Our Blog
- Success Stories
- Success Story: Global Aerospace and Defense Company
- Success Story: Large U.S. Health System
- Technology Partners
- Terms of Service
- Thank You - Cyber Risk Quantification Lean eBook
- Thank You - RQ request for more info and demo
- Thank You - RTR Whitepaper
- Thank You - SOAR Maturity Infographic
- Thank You - TIP Maturity Infographic
- Thank You - TIP Whitepaper
- Thank You Blog
- Thank You Tip eBook
- The Benefits of Integrating Threat Intelligence Into Your SIEM
- The CISO Challenge Series Webinar
- The Risk, Threat, Response White Paper by ThreatConnect
- ThreatConnect — The Smarter SOAR
- ThreatConnect Community Collaboration Case Study
- ThreatConnect Customer Success
- ThreatConnect EMEA: RQ Workshop
- ThreatConnect EMEA: TIP Workshop
- ThreatConnect RQ Workshop
- ThreatConnect Sandbox Addendum
- ThreatConnect SOAR Workshop
- ThreatConnect Support
- ThreatConnect TIP Workshop
- ThreatConnect White Paper: Intelligence-Driven SOAR
- TIP Workshop: Building a Threat Library
- TIP Workshop: Building a Threat Library EMEA
- Understanding Cyber Insurance & Quantifying Risk
- Unsubscribe
- Using MITRE ATT&CK and Threat Intelligence to Stop Attacks
- What are Playbooks?
- What is a SOAR?
- What is a Workflow in ThreatConnect?
- Why Risk, Threat, Response?
Posts
Browser Extension
Collective Analytics Layer (CAL)
Cyber Risk Quantification
- 3 Reasons The Insurance Industry Desperately Needs Automated Cyber Risk Quantification
- Are Critical Infrastructures Ready For The New Federal Cybersecurity Standards Initiative?
- Beyond Information Sharing: DHS Begins Cyber Risk Quantification Push
- Big Changes are Coming to the Cyber Insurance Industry
- Bitsight's Acquisition of VisibleRisk: A View From The CRQ World
- CRQ Isn’t Done Well: A Review of NIST's Report on Integrating Cybersecurity and ERM
- Cyber Risk Quantification: The Pressure Is On (New Survey)
- How Risk Quantification Gives Your Security Team A Leg Up in Patch Management
- Improving Upon The FAIR Standard’s Time-to-Value
- Inside The Business Benefits of Automated Cyber Risk Quantification
- Inside The Lean Six Sigma of Cybersecurity
- It’s Time to Flip the Script on How We Measure and Communicate Cyber Risk
- Q&A: Felicia Thorpe of AHT Insurance on Cyber Insurance and Cyber Risk Quantification
- RSA 2021: Prioritize, Align and Protect What Matters Most
- The Cyber Risk Quantification Journey: It’s Not As Hard As Some Think
- Welcome to the Age of Automated Cyber Risk Quantification
- Why Effective Cybersecurity Narratives Are Built Using Quantitative Metrics
Cybersecurity Skills Gap
Dashboards
Event Prioritization
How-to Guides
- 5 Tips For Effective Threat Intelligence
- 5 Ways to Make Threat Analysis Actionable
- Best Practices for Dashboards in Cybersecurity and Threat Intelligence
- Best Practices for Writing Playbooks in ThreatConnect, Part 1
- Best Practices: Indicator Rating and Confidence
- Casting a Light on BlackEnergy
- Community-Source Your Cybersecurity Concerns
- Did You Know We Have A Knowledge Base?
- Get Started with Cyber Threat Analysis: How to Research Ransomware
- Getting Back to the Basics of Actionable Threat Intelligence
- Growing a Threat Intelligence Program is like Growing a Beard
- How Companies Use ThreatConnect To Create a System of Record: A Use Case
- How Companies Use ThreatConnect to Make Their Cybersecurity Programs More Efficient: A Use Case
- How Companies Use ThreatConnect When Building Their Cybersecurity Program: A Use Case
- How to Build a Basic Workflow in ThreatConnect
- How to Manage and Integrate Signatures in ThreatConnect
- How To Streamline Threat Intel Sharing Before Lunch
- Intel’s in the way that you use it, Snoke don’t you know
- Playbook Fridays: Domain Spinning Workbench Spaces App
- Playbook Fridays: OneMillion API Component
- Playbook Fridays: Reporting Through Email Attachment
- Please Do Not Feed the Phish
- Query a Host or URL Indicator in Archive.org's Wayback Machine
- Step 1: Collect and Correlate Relevant Threat Data
- Stepping to Fancy Bear
- Take a Deep Dive into ThreatConnect’s Workflow Capabilities
- The Power and Responsibility of Customer Data and Analytics
- Threat Intelligence in 3rd Party Risk Assessment
- ThreatConnect 5.7 Shows Advancements in Playbooks Capabilities
- ThreatConnect How To: Importing Indicators
- ThreatConnect How To: Pivoting & Exporting Data
- ThreatConnect Training: Save Time and Act Faster with Playbooks
- Top 5 ThreatConnect Resources for Malware Analysis
- What is a Cyber Threat? How to Explain Cyber Threats to Your CEO
Integrations - Playbooks
- GreyNoise and ThreatConnect: Protect against Noisy IPs
- Orchestrate Actions Based on Automating Phishing Email Analysis
- Playbook Fridays: Using Playbooks to populate custom attributes
- Playbook Fridays: Arithmetic Functions Component
- Playbook Fridays: Associated Indicator Metadata Creator
- Playbook Fridays: ATT&CK Tag Framework
- Playbook Fridays: Automatically import and tag your RSS feed data with Covid-19 Tags
- Playbook Fridays: Bit.ly URL Decoder
- Playbook Fridays: Component IOC All Data Pull
- Playbook Fridays: Conducting VMRay Malware Analysis
- Playbook Fridays: Converting Apps
- Playbook Fridays: Converting your IOCs to CSVs
- Playbook Fridays: CrowdStrike Snort Rules Ingest
- Playbook Fridays: dan.me TOR Full List with Details
- Playbook Fridays: Deploying Yara Signature to Carbon Black CB Response
- Playbook Fridays: Document Parsing and Keyword Scanning/Tagging
- Playbook Fridays: Domain Spinning Workbench Spaces App
- Playbook Fridays: DomainTools Iris Investigate Monitor
- Playbook Fridays: Forcing Active Directory (AD) Password Resets via ThreatConnect Victims
- Playbook Fridays: Generate Intelligence Reports
- Playbook Fridays: Generate Intelligence Reports, Part 2
- Playbook Fridays: Google Alerts RSS Reader
- Playbook Fridays: Group and Indicator Comment Link Creators
- Playbook Fridays: Have You Been Pwned?
- Playbook Fridays: How to Build a Playbook in ThreatConnect
- Playbook Fridays: How to Control the Cloud with Playbooks
- Playbook Fridays: How to Create a Playbook for the Non-Programmer
- Playbook Fridays: How to Query Abuse.net with Playbooks
- Playbook Fridays: How to Use ThreatConnect Playbooks to Manage Security APIs
- Playbook Fridays: Human in the Loop Playbook Systems
- Playbook Fridays: Indicator Defanging
- Playbook Fridays: Indicator Status Updater Playbook Component
- Playbook Fridays: Koodous Playbook Components
- Playbook Fridays: Leveraging ThreatConnect to Enrich Greynoise IOCs
- Playbook Fridays: New ThreatConnect App for Splunk 3.1
- Playbook Fridays: Potential Zoom-related Threats Dashboard
- Playbook Fridays: QRadar Tag Search in ThreatConnect
- Playbook Fridays: Query Cymon.io API
- Playbook Fridays: Query Hashes via Email Submission
- Playbook Fridays: Query Jira for Ticket Information
- Playbook Fridays: Query Palo Alto Wildfire For New Submissions / Submit Wildfire Binary to VMRay
- Playbook Fridays: Reporting Through Email Attachment
- Playbook Fridays: Robtex ASN Query and Robtex IP Query
- Playbook Fridays: Taking Screenshots with a Playbook
- Playbook Fridays: Task Management
- Playbook Fridays: The Indicator Importer Spaces App
- Playbook Fridays: Web Page Monitoring
- Special Playbook Fridays: COVID-19 Dashboard, Metrics, and Search
- ThreatConnect and AlienLabs OTX: Give Your Investigations Community Support
- ThreatConnect and Amazon GuardDuty: Protection for your AWS Environment
- ThreatConnect and Amazon S3 and EC2: Better Manage Cloud Infrastructure
- ThreatConnect and ANY.RUN - Better Malware Analysis
- ThreatConnect and APIVoid: Fuel Orchestrations with Instant Indicator Analysis
- ThreatConnect and Censys: Enrich Threat Data to Enhance Decision Making
- ThreatConnect and Check Point: Better Endpoint Protection
- ThreatConnect and Cherwell: Better Record Management
- ThreatConnect and Cisco Identity Services Engine (ISE): Streamline Security Policy Updates
- ThreatConnect and Cisco Secure Access by Duo: Save time during IdAM Investigations
- ThreatConnect and Digital Shadows: Give Your Playbooks a SearchLight
- ThreatConnect and Freshservice: Better Ticket Management
- ThreatConnect and Google Drive: Easily Automate File Storage in the Cloud
- ThreatConnect and Intel 471: Comprehensive Intelligence to Protect Your Mission
- ThreatConnect and Malwarebytes Nebula: Make Your Cloud-Based EDR SOAR
- ThreatConnect and Microsoft Azure Sentinel: The New Age of Incidents and Alerts
- ThreatConnect and NetWitness: Multiple Apps Allow for Advanced Functionality
- ThreatConnect and OPSWAT MetaDefender Cloud: Malware Protection Meets Playbook Power
- ThreatConnect and PagerDuty: Better Alert Management
- ThreatConnect and Palo Alto Wildfire: Enhanced Malware Analysis
- ThreatConnect and RiskIQ PassiveTotal: Better Enrichment Capabilities with PassiveTotal
- ThreatConnect and Slack: Streamline Investigative Team Collaboration
- ThreatConnect and Sumo Logic: Empower Orchestration with Cloud-SIEM
- ThreatConnect and Zoom: Coordinated Communications as part of Incident Response
- ThreatConnect Supports MITRE ATT&CK Groups and Software
Intelligence-Driven SOAR
Partnerships
Playbooks 2.0
Product Blog
- 5 Tips For Effective Threat Intelligence
- 5 Ways to Make Threat Analysis Actionable
- 8 Ways SOC & IR Teams Can Use ThreatConnect’s Workflow Capability
- A Penny For Your Thoughts -- What’s New in CAL 2.9
- Best Practices for Dashboards in Cybersecurity and Threat Intelligence
- Best Practices for Writing Playbooks in ThreatConnect, Part 1
- Best Practices: Indicator Rating and Confidence
- Building Out ProtonMail Spoofed Infrastructure with Creation Timestamp Pivoting
- CAL 2.3 Brings New Data Sources and Analytics Improvements to ThreatConnect
- CAL™ 2.2 Brings Improved Data Hygiene and More Robust Graph Modeling
- Casting a Light on BlackEnergy
- Community-Source Your Cybersecurity Concerns
- Creating Order from Chaos: Enabling (Even) Better Decision Making with ThreatConnect 6.0
- Cyber Stratego: Strategic vs. Tactical Threat Intelligence
- Cyber-Risk Quantification is the Icing on the Cake for Security Frameworks
- Cybersecurity Heroes Wield the Power of ThreatConnect
- Did You Know We Have A Knowledge Base?
- Do Androids Dream of Electric CALFs?
- Get Started with Cyber Threat Analysis: How to Research Ransomware
- Getting Back to the Basics of Actionable Threat Intelligence
- Good News! ThreatConnect’s CAL™ (Collective Analytics Layer) 2.1 is now live!
- GreyNoise and ThreatConnect: Protect against Noisy IPs
- Growing a Threat Intelligence Program is like Growing a Beard
- Herding Cattle: ThreatConnect’s Vision for Better Intel Feeds
- How Companies Use ThreatConnect To Create a System of Record: A Use Case
- How Companies Use ThreatConnect to Make Their Cybersecurity Programs More Efficient: A Use Case
- How Companies Use ThreatConnect When Building Their Cybersecurity Program: A Use Case
- How to Build a Basic Workflow in ThreatConnect
- How to Improve Collaboration with Security Teams and Technology using ThreatConnect
- How to Manage and Integrate Signatures in ThreatConnect
- How To Streamline Threat Intel Sharing Before Lunch
- How to Use Workflow to Conduct Phishing Analysis Part 2 - Automating Phase 1
- How to Use Workflow to do Phishing Analysis Part 1 - Defining the Process
- Importance of Automation in Event Prioritization
- Infrastructure Research and Hunting: Boiling the Domain Ocean
- Integrations Aren't Just for Developers
- Intel’s in the way that you use it, Snoke don’t you know
- Introducing Playbooks 2.0 and Browser Extension: Creating a Foundation of Collaboration with ThreatConnect 6.2
- Introducing ThreatConnect 6.1: The Tao of Intel-Driven Operations
- Introducing ThreatConnect's New Learning Portal
- Introducing ThreatConnect's Version 5.8
- ISAC & ISAO Financial Incentives for Sharing Threat Intelligence Emerge
- ISAO Standards and Cybersecurity Collaboration: One Year Later
- Make More Confident & Efficient CVE Patching Decisions Based on Potential Impact
- Network Health: Advanced Cyber Threats to the Medical & Life Sciences Industries
- Now Available: CAL COVID19-themed Newly Registered Domains Feed
- Orchestrate Actions Based on Automating Phishing Email Analysis
- Orchestration With and Without Intelligence: What’s the Difference?
- Playbook Fridays: Using Playbooks to populate custom attributes
- Playbook Fridays: Arithmetic Functions Component
- Playbook Fridays: Associated Indicator Metadata Creator
- Playbook Fridays: ATT&CK Tag Framework
- Playbook Fridays: Automatically import and tag your RSS feed data with Covid-19 Tags
- Playbook Fridays: Bit.ly URL Decoder
- Playbook Fridays: Component IOC All Data Pull
- Playbook Fridays: Conducting VMRay Malware Analysis
- Playbook Fridays: Converting Apps
- Playbook Fridays: Converting your IOCs to CSVs
- Playbook Fridays: CrowdStrike Snort Rules Ingest
- Playbook Fridays: dan.me TOR Full List with Details
- Playbook Fridays: Deploying Yara Signature to Carbon Black CB Response
- Playbook Fridays: Document Parsing and Keyword Scanning/Tagging
- Playbook Fridays: Domain Spinning Workbench Spaces App
- Playbook Fridays: DomainTools Iris Investigate Monitor
- Playbook Fridays: Forcing Active Directory (AD) Password Resets via ThreatConnect Victims
- Playbook Fridays: Generate Intelligence Reports
- Playbook Fridays: Generate Intelligence Reports, Part 2
- Playbook Fridays: Google Alerts RSS Reader
- Playbook Fridays: Group and Indicator Comment Link Creators
- Playbook Fridays: Have You Been Pwned?
- Playbook Fridays: How to Build a Playbook in ThreatConnect
- Playbook Fridays: How to Control the Cloud with Playbooks
- Playbook Fridays: How to Create a Playbook for the Non-Programmer
- Playbook Fridays: How to Query Abuse.net with Playbooks
- Playbook Fridays: How to Use ThreatConnect Playbooks to Manage Security APIs
- Playbook Fridays: Human in the Loop Playbook Systems
- Playbook Fridays: Indicator Defanging
- Playbook Fridays: Indicator Status Updater Playbook Component
- Playbook Fridays: Koodous Playbook Components
- Playbook Fridays: Leveraging ThreatConnect to Enrich Greynoise IOCs
- Playbook Fridays: New ThreatConnect App for Splunk 3.1
- Playbook Fridays: OneMillion API Component
- Playbook Fridays: Potential Zoom-related Threats Dashboard
- Playbook Fridays: QRadar Tag Search in ThreatConnect
- Playbook Fridays: Query Cymon.io API
- Playbook Fridays: Query Hashes via Email Submission
- Playbook Fridays: Query Jira for Ticket Information
- Playbook Fridays: Query Palo Alto Wildfire For New Submissions / Submit Wildfire Binary to VMRay
- Playbook Fridays: Reporting Through Email Attachment
- Playbook Fridays: Robtex ASN Query and Robtex IP Query
- Playbook Fridays: Taking Screenshots with a Playbook
- Playbook Fridays: Task Management
- Playbook Fridays: The Indicator Importer Spaces App
- Playbook Fridays: Web Page Monitoring
- Please Do Not Feed the Phish
- Query a Host or URL Indicator in Archive.org's Wayback Machine
- Quickly Assess Maliciousness of Suspicious Activity with “Analyze"
- Rock-Paper-Haxors
- ROI for Threat Intelligence
- RQ 5.0 Offers New Automation and Prioritization to Better Respond to and Communicate Cyber Risk
- RQ Enables the Cyber Risk Conversations You've Been Waiting For
- Save Time and Accomplish More with Playbooks
- SOAR: An Incident Responder’s Best Friend
- SOAR: Proactive Threat Hunting (Part 2)
- SolarWinds Hack Spurs Interest In Risk-Based Threat Hunting
- Special Playbook Fridays: COVID-19 Dashboard, Metrics, and Search
- Step 1: Collect and Correlate Relevant Threat Data
- Stepping to Fancy Bear
- Strengthen Business and Security Alignment with ThreatConnect
- Tactical Threat Hunting (Part 1): Providing the information that matters, when it matters.
- Take a Deep Dive into ThreatConnect’s Workflow Capabilities
- The Cost of Bad Threat Intelligence
- The Power and Responsibility of Customer Data and Analytics
- Threat Hunting Use Case (Video): Sunburst Malware
- Threat Intelligence in 3rd Party Risk Assessment
- Threat Intelligence Sharing is Real
- Threat Intelligence Sharing: Empower Your Cyber Defense
- ThreatConnect 4.0 : Now with a Real Dashboard
- ThreatConnect 5.7 Shows Advancements in Playbooks Capabilities
- ThreatConnect 6.3 Adds New Group Objects, Workflow Metrics, and Workflow Attributes to Powerful Lineup of TIP and SOAR Capabilities
- ThreatConnect and AlienLabs OTX: Give Your Investigations Community Support
- ThreatConnect and Amazon GuardDuty: Protection for your AWS Environment
- ThreatConnect and Amazon S3 and EC2: Better Manage Cloud Infrastructure
- ThreatConnect and ANY.RUN - Better Malware Analysis
- ThreatConnect and APIVoid: Fuel Orchestrations with Instant Indicator Analysis
- ThreatConnect and Censys: Enrich Threat Data to Enhance Decision Making
- ThreatConnect and Check Point: Better Endpoint Protection
- ThreatConnect and Cherwell: Better Record Management
- ThreatConnect and Cisco Identity Services Engine (ISE): Streamline Security Policy Updates
- ThreatConnect and Cisco Secure Access by Duo: Save time during IdAM Investigations
- ThreatConnect and Digital Shadows: Give Your Playbooks a SearchLight
- ThreatConnect and Freshservice: Better Ticket Management
- ThreatConnect and Google Drive: Easily Automate File Storage in the Cloud
- ThreatConnect and Intel 471: Comprehensive Intelligence to Protect Your Mission
- ThreatConnect and Maltego
- ThreatConnect and Malwarebytes Nebula: Make Your Cloud-Based EDR SOAR
- ThreatConnect and McAfee DXL: Better Integrations with the McAfee Stack
- ThreatConnect and Microsoft Azure Sentinel: The New Age of Incidents and Alerts
- ThreatConnect and MITRE ATT&CK: Supporting Sub-techniques
- ThreatConnect and NetWitness: Multiple Apps Allow for Advanced Functionality
- ThreatConnect and OPSWAT MetaDefender Cloud: Malware Protection Meets Playbook Power
- ThreatConnect and PagerDuty: Better Alert Management
- ThreatConnect and Palo Alto Wildfire: Enhanced Malware Analysis
- ThreatConnect and RiskIQ PassiveTotal: Better Enrichment Capabilities with PassiveTotal
- ThreatConnect and ServiceNow: More Integrations for Better Context
- ThreatConnect and Sigma Signatures: Increase Detection Capabilities
- ThreatConnect and Slack: Streamline Investigative Team Collaboration
- ThreatConnect and Sumo Logic: Empower Orchestration with Cloud-SIEM
- ThreatConnect and VirusTotal: Enable YARA Hunting and Better Malware Analysis
- ThreatConnect and Zoom: Coordinated Communications as part of Incident Response
- ThreatConnect Announced as SmartCEO 2015 GovStar Awards Finalist
- ThreatConnect Announces Investment from Grotech Ventures
- ThreatConnect Announces New Integrations With Four Free Tools
- ThreatConnect Communities: A Swiss Army Knife in Your Collaboration Arsenal
- ThreatConnect Community Success Story: The Rubber Meets the Road
- ThreatConnect Enables “Healthy Networking” for the Biomed and Life Sciences Industry
- ThreatConnect How To: Importing Indicators
- ThreatConnect How To: Pivoting & Exporting Data
- ThreatConnect Industry Communities - Paying it Forward Produces Big Gains
- ThreatConnect Introduces its Multi-Environment Orchestration Capability
- ThreatConnect Introduces Version 5.6
- ThreatConnect Launches Retail Community for Retailers to Collaborate Around Threat Intelligence
- ThreatConnect Lights Up Shellshock
- ThreatConnect Officially Launches an Exclusive Subscriber Community with Advanced Threat Shares
- ThreatConnect Releases 20 New Carbon Black Playbook Apps for CB Response
- ThreatConnect Supports MITRE ATT&CK Groups and Software
- ThreatConnect Takes Signature Management to the Next Level
- ThreatConnect Training: Save Time and Act Faster with Playbooks
- ThreatConnect: Mission Control for U.S. Government Cyber Operations
- ThreatConnect: The Brain of Security
- ThreatConnect's RSA Archer Integration, Playbooks, and Apps (oh my!)
- ThreatConnect’s Developer Partner Program: We Meme Business
- Top 5 ThreatConnect Resources for Malware Analysis
- Tracking Sunburst-Related Activity with ThreatConnect Dashboards
- Using ATT&CK in ThreatConnect to Prioritize, Ask Questions, and Respond Faster
- What is a Cyber Threat? How to Explain Cyber Threats to Your CEO
- Who’s Next: A look at CAL 2.6’s latest additions
- Why Your SOAR Needs Threat Intel Management, Not Feed Management
Product News
- Best Practices for Dashboards in Cybersecurity and Threat Intelligence
- Best Practices: Indicator Rating and Confidence
- CAL 2.3 Brings New Data Sources and Analytics Improvements to ThreatConnect
- CAL™ 2.2 Brings Improved Data Hygiene and More Robust Graph Modeling
- Community-Source Your Cybersecurity Concerns
- Cyber Stratego: Strategic vs. Tactical Threat Intelligence
- Cybersecurity Heroes Wield the Power of ThreatConnect
- Good News! ThreatConnect’s CAL™ (Collective Analytics Layer) 2.1 is now live!
- Herding Cattle: ThreatConnect’s Vision for Better Intel Feeds
- How to Manage and Integrate Signatures in ThreatConnect
- Introducing ThreatConnect's New Learning Portal
- Introducing ThreatConnect's Version 5.8
- ISAC & ISAO Financial Incentives for Sharing Threat Intelligence Emerge
- ISAO Standards and Cybersecurity Collaboration: One Year Later
- Network Health: Advanced Cyber Threats to the Medical & Life Sciences Industries
- Now Available: CAL COVID19-themed Newly Registered Domains Feed
- Quickly Assess Maliciousness of Suspicious Activity with “Analyze"
- Rock-Paper-Haxors
- ROI for Threat Intelligence
- Save Time and Accomplish More with Playbooks
- The Cost of Bad Threat Intelligence
- Threat Intelligence Sharing is Real
- Threat Intelligence Sharing: Empower Your Cyber Defense
- ThreatConnect 4.0 : Now with a Real Dashboard
- ThreatConnect 6.3 Adds New Group Objects, Workflow Metrics, and Workflow Attributes to Powerful Lineup of TIP and SOAR Capabilities
- ThreatConnect and Maltego
- ThreatConnect and MITRE ATT&CK: Supporting Sub-techniques
- ThreatConnect and ServiceNow: More Integrations for Better Context
- ThreatConnect and Sigma Signatures: Increase Detection Capabilities
- ThreatConnect Announced as SmartCEO 2015 GovStar Awards Finalist
- ThreatConnect Announces Investment from Grotech Ventures
- ThreatConnect Communities: A Swiss Army Knife in Your Collaboration Arsenal
- ThreatConnect Community Success Story: The Rubber Meets the Road
- ThreatConnect Enables “Healthy Networking” for the Biomed and Life Sciences Industry
- ThreatConnect Industry Communities - Paying it Forward Produces Big Gains
- ThreatConnect Introduces its Multi-Environment Orchestration Capability
- ThreatConnect Introduces Version 5.6
- ThreatConnect Launches Retail Community for Retailers to Collaborate Around Threat Intelligence
- ThreatConnect Lights Up Shellshock
- ThreatConnect Officially Launches an Exclusive Subscriber Community with Advanced Threat Shares
- ThreatConnect Releases 20 New Carbon Black Playbook Apps for CB Response
- ThreatConnect Takes Signature Management to the Next Level
- ThreatConnect: The Brain of Security
- ThreatConnect's RSA Archer Integration, Playbooks, and Apps (oh my!)
- Tracking Sunburst-Related Activity with ThreatConnect Dashboards
- Using ATT&CK in ThreatConnect to Prioritize, Ask Questions, and Respond Faster
Risk-Threat-Response
- 5 Cybersecurity Challenges Chief Information Security Officers Must Tackle in 2021
- Biden Executive Order on Cybersecurity Aligns With Risk, Threat, Response Approach
- Communicating Risk, Threat, Response to the C-Suite & Board
- Cyber Execs Warn CISOs Could Disappear If They Don’t Get Better at Communicating Risk
- Cyberattacks on Critical Infrastructures Forcing Long Overdue Conversations About Risk
- Empowering Better Security Operations with Intelligence
- Inside The Business Benefits of Automated Cyber Risk Quantification
- Make More Confident & Efficient CVE Patching Decisions Based on Potential Impact
- Pipeline Ransomware Attack Underscores Urgent Need for Risk-Based, Automated Decision Support
- Q&A: Bob Kolasky of the Department of Homeland Security on Systemic Cyber Risk and Critical Infrastructure
- Q&A: Joe Weiss of Applied Control Solutions on Control Systems and Cybersecurity
- Risk Quantification, Threat Intelligence & Automation: Stronger Together
- Risk-Threat-Response: The Rosetta Stone for Communicating Cyber Risk
- Risk, Threat, Response: Bridging the Intelligence-Operations Gap for Federal Cybersecurity
- The New Role of the CISO: Create and Protect Business Value
- The ROI of Security and the SOC
- ThreatConnect's New Whitepaper is a Must-Read For CISOs and SOC Directors
Risk-Threat-Response
RQ
SOAR
SOAR
- 5 Reasons CISOs Need Security Operations, Automation, and Orchestration (SOAR)
- Alleviate Common SOC Struggles With SOAR Power
- Cybersecurity Workforce Gap Challenges New CISA Director
- Detect and Contain Cyberattacks Faster With Intelligence-Driven SOAR
- How Smart Is Your SOAR Platform?
- Improve SOC Event Prioritization With Intelligence-Driven SOAR
- Is XDR the Silver Bullet We Have Been Waiting For? Spoiler: “No.”
- ThreatConnect's Smarter SOAR — The Holy Grail for SecOps Teams
- TIP & SOAR: Creating Increased Capability For Less Mature Teams
Success Stories
Sorry, no posts found.
Thought Leadership
- 3 Reasons The Insurance Industry Desperately Needs Automated Cyber Risk Quantification
- 5 Cybersecurity Challenges Chief Information Security Officers Must Tackle in 2021
- 5 Reasons CISOs Need Security Operations, Automation, and Orchestration (SOAR)
- 5 Ways An Intelligence-Driven SOAR Platform Can Help Your SecOps Team
- A Penny For Your Thoughts -- What’s New in CAL 2.9
- Alleviate Common SOC Struggles With SOAR Power
- Are Critical Infrastructures Ready For The New Federal Cybersecurity Standards Initiative?
- Beyond Information Sharing: DHS Begins Cyber Risk Quantification Push
- Biden Executive Order on Cybersecurity Aligns With Risk, Threat, Response Approach
- Big Changes are Coming to the Cyber Insurance Industry
- Bitsight's Acquisition of VisibleRisk: A View From The CRQ World
- Communicating Risk, Threat, Response to the C-Suite & Board
- CRQ Isn’t Done Well: A Review of NIST's Report on Integrating Cybersecurity and ERM
- Cyber Execs Warn CISOs Could Disappear If They Don’t Get Better at Communicating Risk
- Cyber Risk Quantification: The Pressure Is On (New Survey)
- Cyberattacks on Critical Infrastructures Forcing Long Overdue Conversations About Risk
- Cybersecurity Workforce Gap Challenges New CISA Director
- Detect and Contain Cyberattacks Faster With Intelligence-Driven SOAR
- Empowering Better Security Operations with Intelligence
- Former CIA Cybersecurity Chief Speaks Out on Solar Winds Hack
- How Risk Quantification Gives Your Security Team A Leg Up in Patch Management
- How Smart Is Your SOAR Platform?
- Improve SOC Event Prioritization With Intelligence-Driven SOAR
- Improving Upon The FAIR Standard’s Time-to-Value
- Inside The Business Benefits of Automated Cyber Risk Quantification
- Inside The Lean Six Sigma of Cybersecurity
- Inside Today’s SOC: More Spending, Fewer Skilled Staff, Less Capability
- Is XDR the Silver Bullet We Have Been Waiting For? Spoiler: “No.”
- It’s Time to Flip the Script on How We Measure and Communicate Cyber Risk
- Key Functionalities of a Modern Cyber Threat Intelligence Program
- Malicious Code Goes Mobile
- Pipeline Ransomware Attack Underscores Urgent Need for Risk-Based, Automated Decision Support
- Q&A: AVEVA's Tim Grieveson on Cyber Risk Management and Critical Infrastructure
- Q&A: Bob Kolasky of the Department of Homeland Security on Systemic Cyber Risk and Critical Infrastructure
- Q&A: Felicia Thorpe of AHT Insurance on Cyber Insurance and Cyber Risk Quantification
- Q&A: Joe Weiss of Applied Control Solutions on Control Systems and Cybersecurity
- Risk Calculations Require Cyber Threat Intelligence
- Risk Quantification, Threat Intelligence & Automation: Stronger Together
- Risk-Threat-Response: The Rosetta Stone for Communicating Cyber Risk
- RSA 2021: Prioritize, Align and Protect What Matters Most
- SolarWinds Hack Spurs Interest In Risk-Based Threat Hunting
- The Cyber Risk Quantification Journey: It’s Not As Hard As Some Think
- The New Role of the CISO: Create and Protect Business Value
- The ROI of Security and the SOC
- ThreatConnect and Amazon GuardDuty: Protection for your AWS Environment
- ThreatConnect and Amazon S3 and EC2: Better Manage Cloud Infrastructure
- ThreatConnect: Helping to Deliver on the Promise of XDR
- ThreatConnect's New Whitepaper is a Must-Read For CISOs and SOC Directors
- ThreatConnect's Smarter SOAR — The Holy Grail for SecOps Teams
- TIP & SOAR: Creating Increased Capability For Less Mature Teams
- Two Heads Are Not Always Better Than One
- Welcome to the Age of Automated Cyber Risk Quantification
- Why Effective Cybersecurity Narratives Are Built Using Quantitative Metrics
Threat Hunting
Threat Intelligence Platform
- Key Functionalities of a Modern Cyber Threat Intelligence Program
- Risk Calculations Require Cyber Threat Intelligence
- ThreatConnect and Amazon GuardDuty: Protection for your AWS Environment
- ThreatConnect and Amazon S3 and EC2: Better Manage Cloud Infrastructure
- TIP & SOAR: Creating Increased Capability For Less Mature Teams
Threat Research
- 64 bit Quarian APT Malware
- 7 Threat Intelligence Tools Your Team Needs
- A Song of Intel and Fancy
- A Tale of Two Koreas: Keeping Watch over the Digital DMZ
- A Tale of Two Targets
- Adversary Intelligence: Getting Behind the Keyboard
- APT #TargetedAttacks within @SocialMedia
- Burning Down the House for Fun and Profit
- Can a BEAR Fit Down a Rabbit Hole?
- China Hacks the Peace Palace: All Your EEZ’s Are Belong to Us
- CrimsonIAS: Listening for an 3v1l User
- Debugging the Pakistan Cyber Army: From Pakbugs to Bitterbugs
- Divide and Conquer: Unmasking China's 'Quarian' Campaigns Through Community
- DNC Association Does Not Compute
- Do You Make Swords, or Do You Wield Them?
- Duping Doping Domains
- FANCY BEAR Has an (IT) Itch that They Can't Scratch
- Fancy Bear Pens the Worst Blog Posts Ever
- Finding Nemo(hosts)
- Getting “Left of Boom": How ThreatConnect Enables Proactive Cybersecurity
- Guccifer 2.0: All Roads Lead to Russia
- Guccifer 2.0: the Man, the Myth, the Legend?
- Hacktivists vs Faketivists: Fancy Bears in Disguise
- Hiding in the Clouds: Leveraging Social Media for Cyber Attacks
- Hipster-Analytics: Throwback Analysis of an Overlooked Advanced Persistent Threat
- Holiday Aspxor Mimics Retailers
- I Got 99 Problems But a Phish Ain’t One
- Iranian Cyber Army Strikes Again
- Just the Tip of the Iceberg
- Khaan Quest: Chinese Cyber Espionage Targeting Mongolia
- Killing with a Borrowed Knife: Chaining Core Cloud Service Profile Infrastructure for Cyber Attacks
- Kimsuky Phishing Operations Putting In Work
- Let's Get Fancy
- Malicious Code Goes Mobile
- Nasdaq Cyber Attack
- Network Health: Advanced Cyber Threats to the Medical & Life Sciences Industries
- Old Habits Die Hard: Iterative Intelligence & Comment Crew Activity
- Operation Arachnophobia: The Spy-der Who Loved Me
- Operation Poisoned Helmand
- Operation SMN: From Sharing to Acting on Threat Intelligence
- OPM Breach Analysis
- OPM Breach Analysis: Update
- Parlez-vous Fancy?
- Phantom of the Opaera: New KASPERAGENT Malware Campaign
- Piercing the Cow's Tongue: China Targeting South China Seas Nations
- Playbook Fridays: How to Query Abuse.net with Playbooks
- Playbook Fridays: Task Management
- Premera Latest Healthcare Insurance Agency to be Breached
- Rebooting Watergate: Tapping into the Democratic National Committee
- Research One: A ThreatConnect Story
- Research Roundup: Activity on Previously Identified APT33 Domains
- Research Roundup: APT39 Adversaries
- Research Roundup: FBI/NSA Fancy Bear Report Followup
- Research Roundup: Kimsuky Phishing Operations Putting in Work
- Research Roundup: Microsoft Strontium Sinkhole Domain Sibling
- Research Roundup: Mustang Panda and Fancy Bear
- Research Roundup: Mustang Panda and RedDelta PlugX Using Same C2
- Research Roundup: Mustang Panda PlugX Variant Samples and Decryption Script
- Research Roundup: Recent Probable Charming Kitten Infrastructure
- Research Roundup: Suspicious Domain Redirects to Google Account Security Page
- Rising from the Ashes: The Return of the Crew
- Russian Cyber Operations on Steroids
- Sending Aspiring Jedi Knights to Dagobah System
- Shiny Object? Guccifer 2.0 and the DNC Breach
- Stepping to Fancy Bear
- The Anthem Hack: All Roads Lead to China
- The Dollars and "Sense" Behind Threat Intelligence Sharing
- The Rise of Digitally Signed Malware
- The Technical Blogs and Reports Source
- There's something about Mahdi
- Threat Intelligence in 3rd Party Risk Assessment
- Threat Intelligence-Driven Risk Analysis
- ThreatConnect Aids Novetta Research for Operation Blockbuster
- ThreatConnect Enables “Healthy Networking” for the Biomed and Life Sciences Industry
- ThreatConnect Gets to the Root of Targeted Exploitation Campaigns
- ThreatConnect Officially Launches an Exclusive Subscriber Community with Advanced Threat Shares
- ThreatConnect Research Roundup: Belarus, Ecuador, and Russia "News" Sites
- ThreatConnect Research Roundup: Kimsuky "AutoUpdate" Malware
- ThreatConnect Research Roundup: Microsoft-Spoofing Domains
- ThreatConnect Research Roundup: More Kimsuky “AutoUpdate” Malware
- ThreatConnect Research Roundup: Possible APT33 Infrastructure
- ThreatConnect Research Roundup: Possible Ryuk Infrastructure
- ThreatConnect Research Roundup: Possible Ryuk, APT35, and CloudAtlas Infrastructure
- ThreatConnect Research Roundup: Probable Sandworm Infrastructure
- ThreatConnect Research Roundup: Ryuk and Domains Spoofing ESET and Microsoft
- ThreatConnect Research Roundup: Ryuk, RedDelta, APT34, and APT35
- ThreatConnect Research Roundup: SLOTHFULMEDIA RAT and Ryuk
- ThreatConnect Research Roundup: Spoofing SharePoint
- ThreatConnect Research Roundup: Suspected Naikon DGA Domains
- ThreatConnect Research Roundup: Threat Intel Update 3/25/21
- ThreatConnect Research Roundup: Threat Intel Update April 1st, 2021
- ThreatConnect Research Roundup: Threat Intel Update April 8th, 2021
- ThreatConnect Research Roundup: Threat Intelligence Update 3/15/21
- ThreatConnect Research Roundup: Twitter Hacked and APT29 Targets COVID-19 Vaccine
- ThreatConnect Research Roundup: Wizard Spider / UNC1878 / Ryuk Campaign
- Track to the Future
- Turning Cobalt Into Diamonds: Building an Actor Profile For Hunting
- Victim-nomics: Estimating the “Costs” of Compromise
- What's in a Name Server?
- When Dumpster Fires Make You WannaCry
- Where There is Smoke, There is Fire: South Asian Cyber Espionage Heats Up
ThreatConnect 6.1
ThreatConnect 6.2
ThreatConnect 6.3
ThreatConnect Events
- Intel’s in the way that you use it, Snoke don’t you know
- ThreatConnect 4.0 : Now with a Real Dashboard
- ThreatConnect at FS-ISAC Fall Summit
- ThreatConnect at RSA 2017
- ThreatConnect at SANS CDI
- ThreatConnect at Splunk .conf2016
- ThreatConnect at Virus Bulletin International Conference
- ThreatConnect’s Top 5 CAN’T MISS things to do while at the 2017 RSA Conference USA!
ThreatConnect Insights
- (Un)Intended Side Effect of a Platform like ThreatConnect: Job Satisfaction
- 4 Signs of Disconnect Between The Board and The Security Team
- 5 Reasons CISOs Need Security Operations, Automation, and Orchestration (SOAR)
- 5 Reasons to Mark a False Positive in ThreatConnect
- 5 Things to Do at RSA 2018
- 5 Things to Do at RSA 2019
- 5 Ways TIPs Can Enhance Your SIEM
- 5 Ways to Make Threat Analysis Actionable
- 7 Threat Intelligence Tools Your Team Needs
- 7 Tips for Working from Home
- A Change Will Do You (and Us) Good
- A Song of Intel and Fancy
- A Tale of Two Targets
- Another COVID-19 Side Effect: Rising Nation-State Cyber Activity
- Automation Anxiety? Don’t Worry.
- Banks See Increased Cyber Attacks
- Belling the BEAR
- Best Practices for Dashboards in Cybersecurity and Threat Intelligence
- Best Practices for Writing Playbooks in ThreatConnect, Part 1
- Best Practices for Writing Playbooks, Part 2
- Best Practices: Indicator Rating and Confidence
- Black Hat 2020 Sessions Not to be Missed!
- Build a Single Source of Truth
- Building Daily Habits to Stay Ahead of Security Fires
- CAL 2.3 Brings New Data Sources and Analytics Improvements to ThreatConnect
- CAL™ 2.2 Brings Improved Data Hygiene and More Robust Graph Modeling
- Can a BEAR Fit Down a Rabbit Hole?
- Casting a Light on BlackEnergy
- Caught in our Net
- Chinese APT Yolped Malware and Alcatel-Lucent Incident
- Community-Source Your Cybersecurity Concerns
- Context (and Quality) is King with Threat Intelligence
- Creating Order from Chaos: Enabling (Even) Better Decision Making with ThreatConnect 6.0
- Credit Agricole Phish
- Cyber Attack on Google and Others
- Cyber Stratego: Strategic vs. Tactical Threat Intelligence
- CyberEdge Survey Results: Security Orchestration and Automation are the new Black
- Cybersecurity Heroes Wield the Power of ThreatConnect
- Demystifying Intelligence Analysis
- Did You Know We Have A Knowledge Base?
- DNC Association Does Not Compute
- Do Androids Dream of Electric CALFs?
- Do You Make Swords, or Do You Wield Them?
- Does a BEAR Leak in the Woods?
- Don't Get Caught Up in the Hype of AI for Security
- Duping Doping Domains
- Empowering Better Security Operations with Intelligence
- Fancy Bear Pens the Worst Blog Posts Ever
- Finding Nemo(hosts)
- Five Predictions for 2015 Cybersecurity
- Fysbis: Sharing New Sofacy APT Indicators
- Get Started with Cyber Threat Analysis: How to Research Ransomware
- Getting Started with the ThreatConnect Query Language (TQL)
- Getting Started with Threat Intelligence: A Guide for Retailers
- Getting Started with Threat Intelligence: A Guide for the ONG Community
- Good News! ThreatConnect’s CAL™ (Collective Analytics Layer) 2.1 is now live!
- Gootkit Banking Malware
- Growing a Threat Intelligence Program is like Growing a Beard
- Hacktivists vs Faketivists: Fancy Bears in Disguise
- Heartburn over Heartbleed: Assuming the Worst
- Herding Cattle: ThreatConnect’s Vision for Better Intel Feeds
- How Companies Use ThreatConnect To Create a System of Record: A Use Case
- How Companies Use ThreatConnect to Make Their Cybersecurity Programs More Efficient: A Use Case
- How Companies Use ThreatConnect When Building Their Cybersecurity Program: A Use Case
- How to Build a Basic Workflow in ThreatConnect
- How to Choose the Right SOAR Platform: A Checklist
- How to Choose the Right Threat Intelligence Platform for You
- How to Manage and Integrate Signatures in ThreatConnect
- How to Use Threat Intelligence & Orchestration to Defeat Stranger Threats
- Improving Accuracy and Efficiency in Security Operations with ThreatConnect
- Improving Team Retention with SOAR
- Intel’s in the way that you use it, Snoke don’t you know
- Introducing ThreatConnect's Intel Report Cards
- Introducing ThreatConnect's New Learning Portal
- Introducing ThreatConnect's Version 5.8
- Iranian Cyber Army Strikes Again
- ISAO Standards and Cybersecurity Collaboration: One Year Later
- It's a Bird. It's a Plane. It's China's SuperMan APT
- Journal of Cyber Policy’s, Crouching Threat Hunter, Hidden Adversary
- Just the Tip of the Iceberg
- Just the TIP of the Iceberg: Categorizing the Evolving Threat Intelligence Platform
- Kinetic and Potential Energy Framework: Applying Thermodynamics to Threat Intelligence
- Let's Get Fancy
- Lights, Camera, Actionable Intelligence!
- Limiting Operational Impact in a COVID-World
- Malicious DLL and Satellite Infrastructure: Russian "Turla" APT
- Maturing Your Cybersecurity Program
- May the Force (of Partnerships) Be With You
- May the Fourth be with you: A Star Wars InfoSec Bibliography
- Measuring the Detection and Response Gap
- Now Available: CAL COVID19-themed Newly Registered Domains Feed
- Operationalizing Threat Intel: On the Importance of “Boring” Dashboards
- OPM Breach Analysis: Update
- Orchestrate Actions Based on Automating Phishing Email Analysis
- Orchestration With and Without Intelligence: What’s the Difference?
- Parlez-vous Fancy?
- Parlez-vous Fancy?
- Phantom of the Opaera: New KASPERAGENT Malware Campaign
- Playbook Fridays: Using Playbooks to populate custom attributes
- Playbook Fridays: Associated Indicator Metadata Creator
- Playbook Fridays: ATT&CK Tag Framework
- Playbook Fridays: Bit.ly URL Decoder
- Playbook Fridays: Component IOC All Data Pull
- Playbook Fridays: Conducting VMRay Malware Analysis
- Playbook Fridays: CrowdStrike Snort Rules Ingest
- Playbook Fridays: dan.me TOR Full List with Details
- Playbook Fridays: Deploying Yara Signature to Carbon Black CB Response
- Playbook Fridays: Document Parsing and Keyword Scanning/Tagging
- Playbook Fridays: Domain Spinning Workbench Spaces App
- Playbook Fridays: Forcing Active Directory (AD) Password Resets via ThreatConnect Victims
- Playbook Fridays: Generate Intelligence Reports
- Playbook Fridays: Generate Intelligence Reports, Part 2
- Playbook Fridays: Github Activity Monitor
- Playbook Fridays: Google Alerts RSS Reader
- Playbook Fridays: Group and Indicator Comment Link Creators
- Playbook Fridays: How to Build a Playbook in ThreatConnect
- Playbook Fridays: How to Control the Cloud with Playbooks
- Playbook Fridays: How to Create a Playbook for the Non-Programmer
- Playbook Fridays: How to Query Abuse.net with Playbooks
- Playbook Fridays: How to Use ThreatConnect Playbooks to Manage Security APIs
- Playbook Fridays: Human in the Loop Playbook Systems
- Playbook Fridays: Indicator Defanging
- Playbook Fridays: Indicator Status Updater Playbook Component
- Playbook Fridays: Koodous Playbook Components
- Playbook Fridays: Leveraging ThreatConnect to Enrich Greynoise IOCs
- Playbook Fridays: New ThreatConnect App for Splunk 3.1
- Playbook Fridays: OneMillion API Component
- Playbook Fridays: QRadar Tag Search in ThreatConnect
- Playbook Fridays: Query Cymon.io API
- Playbook Fridays: Query Hashes via Email Submission
- Playbook Fridays: Query Jira for Ticket Information
- Playbook Fridays: Query Palo Alto Wildfire For New Submissions / Submit Wildfire Binary to VMRay
- Playbook Fridays: Reporting Through Email Attachment
- Playbook Fridays: Robtex ASN Query and Robtex IP Query
- Playbook Fridays: Taking Screenshots with a Playbook
- Playbook Fridays: Task Management
- Playbook Fridays: The Indicator Importer Spaces App
- Playbook Fridays: Web Page Monitoring
- Playbook Fridays: WhatCMS API Playbook
- Please Do Not Feed the Phish
- PROFORMA INVOICE COPY Spam
- Query a Host or URL Indicator in Archive.org's Wayback Machine
- Realizing the Benefits of Security Orchestration, Automation, and Response (SOAR)
- Recommended Labor Day Reading for the Threat Analyst
- Research One: A ThreatConnect Story
- Rock-Paper-Haxors
- Russian Cyber Operations on Steroids
- Save Time and Accomplish More with Playbooks
- Sending Aspiring Jedi Knights to Dagobah System
- Share The Love: Using ThreatConnect as a Threat Intelligence Sharing Platform for ISACs, ISAOs, and their Members
- Sharing Threat Intelligence Using STIX-TAXII
- Shiny Object? Guccifer 2.0 and the DNC Breach
- Small Businesses – Often Overlooked, but Just as Vulnerable to Cyber Attacks
- SMS SPAM Domains
- Special Playbook Fridays: COVID-19 Dashboard, Metrics, and Search
- Step 1: Collect and Correlate Relevant Threat Data
- Stepping to Fancy Bear
- Strengthen Business and Security Alignment with ThreatConnect
- The FORCE of STIX & TAXII: Why STIX & TAXII are so Important to Financial Services Companies & EMEA
- The Foundation of Internet Trust May Be Crumbling - DigiNotar Certificate Authority Breached
- The Power and Responsibility of Customer Data and Analytics
- The Secret to our (Customer) Success
- The Tao of Intel Driven Security
- The Technical Blogs and Reports Source
- There's More to Life than Zero-Days
- Threat Intelligence and Risk Management
- Threat Intelligence and the Downfall of the Galactic Empire
- Threat Intelligence Doesn't Have to Be Inconceivable
- ThreatConnect 4.0 : Now with a Real Dashboard
- ThreatConnect 5.7 Shows Advancements in Playbooks Capabilities
- ThreatConnect achieves ISO 27001:2013 certification
- ThreatConnect and ServiceNow: More Integrations for Better Context
- ThreatConnect and the Rise of the Security Developer
- ThreatConnect details Cancer Foundation Domain Squat Incident
- ThreatConnect details Westin Resort Domain Squat Incident
- ThreatConnect Episode IV: A New Scope
- ThreatConnect Introduces its Multi-Environment Orchestration Capability
- ThreatConnect Introduces Version 5.6
- ThreatConnect Launches Retail Community for Retailers to Collaborate Around Threat Intelligence
- ThreatConnect Lights Up Shellshock
- ThreatConnect Provides a Report on Healthcare and Medical Industry Threats
- ThreatConnect Releases 20 New Carbon Black Playbook Apps for CB Response
- ThreatConnect Shares Incident Information a digitalmailer requested password change
- ThreatConnect Shares Incident Information for a new CryptXXX Ransomware Trojan
- ThreatConnect Shares Incident Information for Fake eBay Advertising Pages
- ThreatConnect Shares Incident Information on a Phishing Page Serving Fake Login for University
- ThreatConnect Shares Incident Information on an Exxon Mobil Domain Squat Employment Scam
- ThreatConnect Shares Incident Information on Bank of Brazil Phishing Malware
- ThreatConnect Shares Incident Information on Infected Pokemon Go Android Malware
- ThreatConnect Shares Incident Information on Kivuto FTP Server Hosting Bitcoin Mining Malware
- ThreatConnect Shares Incident Information on Major Financial Institution Domain Squat
- ThreatConnect Shares Incident Information on Malware Spoofing Domains
- ThreatConnect Shares Incident Information on PhotoMiner malware found on FTP servers
- ThreatConnect Shares Incident Information on PhotoMiner Worm Malware
- ThreatConnect Shares Incident Information on Suspicious Domains on Bitcoin DNS Nameservers
- ThreatConnect Shares Incident Information on the Adversary Obi Onyeka
- ThreatConnect Shares Incident Information on Turla APT satellite-based infrastructure
- ThreatConnect Shares Incident Information on Typosquatting Domains
- ThreatConnect Training: Save Time and Act Faster with Playbooks
- ThreatConnect: Mission Control for U.S. Government Cyber Operations
- ThreatConnect: The Brain of Security
- ThreatConnect's RSA Archer Integration, Playbooks, and Apps (oh my!)
- ThreatConnect's Security Operations Maturity Model
- ThreatConnect’s Top 5 CAN’T MISS things to do while at the 2017 RSA Conference USA!
- ThreatConnect’s Top 5 Things to Do While at the 2016 FS-ISAC Fall Summit
- Top 5 ThreatConnect Resources for Malware Analysis
- Top 6 Reasons Why You Should Apply Intelligence to Automation and Orchestration
- Top Sessions To Attend At Gartner SRM 2020!
- Towards Data-Driven Threat Analysis
- Track to the Future
- Turning Cobalt Into Diamonds: Building an Actor Profile For Hunting
- Using ATT&CK in ThreatConnect to Prioritize, Ask Questions, and Respond Faster
- What a post-investment world looks like for ThreatConnect customers
- What Can CAL™ (Collective Analytics Layer) Do For You?
- What is a Cyber Threat? How to Explain Cyber Threats to Your CEO
- What is a Security Operations and Analytics Platform?
- What the Verizon DBIR Says About Threat Intelligence Sharing
- What's in a Name Server?
- What's the RSA Conference About, Daddy?
- What’s in a Platform?
- When Dumpster Fires Make You WannaCry
- When You're a Platform, Everything Else is a Tool
- White House Initiative on Cyber Threat Sharing: A Good Start
- Why Build Apps in ThreatConnect
- Word Document Trojan Exploiting CVE-2015-2545
TIP
Uncategorized
- Attacks on Insurers: Lessons Learned
- Cybersecurity Jobs and Impact on Future Training and Education
- Getting the Most out of Crowdsourcing Threat Intelligence
- How I Prevent a Hack Attack
- Is Your Threat Intelligence Platform Just a Tool?
- Luke in the Sky with Diamonds
- Offense Wins Games, Defense Wins Super Bowls
- Prioritize and Mitigate Threats More Efficiently with ThreatConnect and DomainTools
- The Best Threat Intelligence Feeds
- Threat Intelligence Processes are a Journey; Not a Destination
- Threat Intelligence within the Risk Management Process
- ThreatConnect and Cylance: Better Endpoint Remediation
- ThreatConnect and Jira: Automating Processes Made Easier
- ThreatConnect and Microsoft Graph: Integrate Seamlessly with the Microsoft Stack
- ThreatConnect and Okta: Save time with IAM Investigations
- ThreatConnect and Shodan: Enrich threat data to enhance decision making
- ThreatConnect and Tanium: Improved Incident Response with Intel Packages
- ThreatConnect and Twilio: Supporting human in the loop orchestration and SMS notifications
- ThreatConnect and VMRay: Better Malware Analysis
- What is a Threat Intelligence Platform