Introducing ThreatConnect 6.4 – Improving Threat Intelligence Processes and SOC Metrics
Latest version enables threat intelligence analysts to easily build and enhance their threat library and understand threats in a deeper global context
ARLINGTON, Virginia, November 29, 2021– (COMMERCIAL THREAD) – ThreatConnect Inc.Â®, the leader in delivering risk-based and intelligence-based security, announces ThreatConnect 6.4, which introduces new features that enable security operations analysts and cyber threat intelligence ( CTI) to obtain useful context more quickly during investigations and to better measure the effectiveness of the teams.
ThreatConnect combines its Threat Intelligence Platform (TIP) and Security Orchestration and Automation (SOAR) platform, creating a continuous feedback loop that helps make intelligence-driven operations a reality. This latest release of the product builds on the foundation of intelligence-driven operations, strengthening the workflow of threat intelligence and security operations teams individually and together.
Version 6.4 helps CTI and Security Operations Center (SOC) teams get more context quickly, enabling faster investigations for both. CTI teams can more easily create and maintain a dynamic threat library, while updated dashboards empower SOC and IR managers to accelerate team efficiency. Three new features enhance these capabilities:
Explore with CAL â¢ to better understand the complex relationships of threat indicators with a graphical interface in our collective analysis layer
V2 browser extension to quickly create context around threats and improve your threat library
New workflow metrics to improve operational efficiency, by helping SOC teams learn how to optimize their tools, team processes and automations
âWith the release of ThreatConnect 6.4, we are realizing our vision and promise security operations and cyber threat intelligence teams to deliver capabilities that will enable them to make decisions faster with more relevant context,â said Andy Pendergast, Co-Founder and Executive Vice President of Products at ThreatConnect. “We empower teams to gain insight to help them observe and orient threats to their environment more quickly through intelligence, then decide and act at scale through our strong orchestration capabilities and automation. “
Explore with CAL â¢
Threat Connect’s Collective Analysis Layer (CAL â¢) is an innovative architecture that distills billions of data points, providing immediate insight into the nature, prevalence and relevance of a threat. CAL provides a global context that leverages information shared anonymously by ThreatConnect users, open source information, malware information, and many other collections.
When researching and investigating a particular threat, this new capability allows analysts to pivot directly into the CAL â¢ dataset in an intuitive graphical interface to understand the complex infrastructure-based relationships and reputation that exist with a specific Indicator of Compromise (IOC).
The latest iteration of the ThreatConnect browser extension goes beyond providing information about IOCs, allowing users to scan an online resource for the names of potential threat actors and their tools. This provides a desirable CAL â¢ compatible âRosetta Stoneâ to match common threat actor aliases as well as entity information, regardless of the name used.
When researching and investigating a particular threat, analysts now have the ability to use multiple sources of threat intelligence to identify relevant pieces of information from any web resource. This is a critical capability when it comes to quickly understanding the threat severity level and allows it to be added to its threat library for future analysis and investigation efforts.
Workflow metrics amplify the visibility of your security operations, providing important key performance indicators (KPIs) that help measure whether people, tools, and technologies are working together effectively. 6.4 introduces improvements to workflow metrics, providing more in-depth information that shows detection and response trends over a period of time. SOC team leaders can also have a perspective on the distribution of team case assignments as well as how best to prioritize unassigned cases.
Adding a dashboard visualization showing mean time to detection (MTTD) and mean time to response (MTTR) over varying time periods can help SOC managers assess detection and response trends . New, easy-to-configure dashboard cards for active and unassigned cases empower team leaders to make more informed decisions when managing team workload.
ThreatConnect’s risk-driven and intelligence-driven approach reduces complexity, integrating processes and technologies to continually strengthen defenses, reduce risk, and revolutionize the way customers protect their organizations by turning intelligence into action .
ThreatConnect, Inc. provides cybersecurity software that reduces complexity for everyone, facilitates decision making by turning intelligence into action, and integrates processes and technologies to continually strengthen defenses and reduce risk. Designed by analysts but designed for the entire team (security management, risks, security operations, threat intelligence and incident response), the decision support and operations platform of ThreatConnect is the only solution available today with quantification, intelligence, automation, analysis and workflow in one. To learn more about our Cyber ââRisk Quantification, Threat Intelligence Platform (TIP) or Security Orchestration, Automation, and Response (SOAR) solutions, visit www.ThreatConnect.com.
See the source version on businesswire.com: https://www.businesswire.com/news/home/20211129005566/en/
Levick United States
Telephone: +1 202.973-5341
Lewis United Kingdom
Telephone: +44 207.802.2626 | Fax: +44 207.802.2627