ThreatConnect Apps & Integrations · LogRhythm • • • ... KEY Partner Built & Supported...
Transcript of ThreatConnect Apps & Integrations · LogRhythm • • • ... KEY Partner Built & Supported...
www.ThreatConnect.com 3865 Wilson Blvd. | Suite 550 | Arlington, VA 22203
[email protected] P: 1.800.965.2708
ThreatConnect Apps & Integrations
Threat Intelligence
OPEN SOURCE FEEDSPublicly available threat data from many sources, curated and vetted by the ThreatConnect Research team, to enhance your ability to response to threats
abuse.ch Feodo Tracker, Abuse.ch Ransomeware Tracker, abuse.
ch ZeuS Tracker, Bambanek, Blocklist.de, BotScout Bot, Botvrij,
BruteForceBlocker BL, CI Army List, Cryptam, Dan.me Tor List,
ETOpen Compromised IPs, GreenSnow Blocklist, Hybrid Analysis,
Liste Malware, Malshare Daily Malware List, Malware Domain
Blocklist, Malware Domain List, PDF Examiner, PhishTank, Rutgers
Attacker IPs, SARVAM, ThreatExpert, ViruSign, VXVault Source,
WSTNPHX Malware Email Addresses
PREMIUM THREAT INTELLIGENCE FEEDSGather, filter, normalize, and analyze premium threat intelligence
*AS OF SEPTEMBER 2018
PRODUCT
ThreatConnect Intelligence Source • • • •Accenture iDefense • • • •Booz Allen Hamilton Cyber4Sight • • • •Cofense Intelligence • • • •Crowdstrike Falcon Intelligence • • • •Digital Shadows • • • •Dragos WorldView • • • •FireEye iSight Intelligence • • • •Flashpoint • • • •Intel 471 • • • •Kaspersky Labs • • • •MISP • • •• ••R-CISC • • • •Recorded Future Risk List • • • •Secureworks • • • •Symantec Deepsight • • • •Zerofox • • • •
SIEMAggregate your internal logs and combine them with threat intell igence
PRODUCT
ArcSight ESM • • •• ••IBM QRadar • • •• ••LogRhythm • • • •McAfee ESM • • • •RSA Netwitness • • • •Securonix • • • •Splunk • • • •
• •Partner Built & SupportedKEY Bi-Directional SIEM Integration or App Playbooks App
NETWORK SECURITYEnhance your ability to detect, monitor, and protect your network or host against threats
PRODUCT
Acuity BluVector • • • •Centripetal Networks • • • •Cisco FirePower • • • •Cisco Umbrella • • •• ••Dragos • • • •Fidelis Cybersecurity Network • • • •Palo Alto Networks NGFW • • •• ••
3865 Wilson Blvd. | Suite 550 | Arlington, VA 22203
[email protected] P: 1.800.965.2708
About ThreatConnect®
ThreatConnect arms organizations with a powerful defense against cyber threats and the confidence to make strategic business decisions. Built on the industry’s
only intelligence-driven, extensible security platform, ThreatConnect provides a suite of products designed to meet the threat intelligence aggregation, analysis and
automation needs of security teams at any maturity level. More than 1,600 companies and agencies worldwide deploy the ThreatConnect platform to fully integrate their
security technologies, teams, and processes with relevant threat intelligence resulting in reduced detection to response time and enhanced asset protection.
www.ThreatConnect.com© 2018 ThreatConnect, Inc. All Rights Reserved.
MALWARE ANALYSISDetect, analyse, and defend your organization against malware and indicators of compromise
PRODUCT
Cisco Threat Grid • •Lastline • • McAfee ATD • •Palo Alto Networks Wildfire • • ReversingLabs • •VMRay Analyzer • •
ENRICHMENT & ANALYSISEnrich and visualize your data to quickly see relationships and patterns
PRODUCT
Cisco Umbrella Investigate • • •• ••DomainTools • • •• ••Farsight Security • • • •IBM X-Force • •Maltego • • • •Polarity • • • •Recorded Future • • •• ••Silobreaker • • • •VirusTotal • • •• ••
INCIDENT RESPONSE & TICKETINGReceive full context behind an incident to allow you to prioritize and triage investigations faster
PRODUCT
Atlassian Jira • •DF Labs • • • •Exabeam • • • •FireEye TAP • • •• ••IBM Resilient • •RSA Archer • •ServiceNow • •
ORCHESTRATIONEnrich your automated security processes with threat intelligence and conduct defensive actions across your technologies
DECEPTIONGain additional insights and context behind an attacker on your network for stronger analysis
PRODUCT
Phantom • • • •Siemplify • • • •
PRODUCT
Attivo Networks • • • •Cymmetria MazeRunner • • • •
*AS OF SEPTEMBER 2018
ThreatConnect Apps & Integrations
• •Partner Built & SupportedKEY Bi-Directional SIEM Integration or App Playbooks App
ENDPOINT DETECTION & RESPONSEAutomatically send threat intelligence to your devices to easily detect and block malicious behavior
PRODUCT
Carbon Black Response • • • •Crowdstrike Falcon Host • • •• ••Tanium Detect • • •• ••
VULNERABILITY MANAGEMENTStrengthen your ability to identify, remediate, and mitigate vulnerabilities in your network
PRODUCT
Qualys • • • •Tenable SecurityCenter • • • •