www.ThreatConnect.com 3865 Wilson Blvd. | Suite 550 | Arlington, VA 22203

sales@threatconnect.com P: 1.800.965.2708

ThreatConnect Apps & Integrations

Threat Intelligence

OPEN SOURCE FEEDSPublicly available threat data from many sources, curated and vetted by the ThreatConnect Research team, to enhance your ability to response to threats

abuse.ch Feodo Tracker, Abuse.ch Ransomeware Tracker, abuse.

ch ZeuS Tracker, Bambanek, Blocklist.de, BotScout Bot, Botvrij,

BruteForceBlocker BL, CI Army List, Cryptam, Dan.me Tor List,

ETOpen Compromised IPs, GreenSnow Blocklist, Hybrid Analysis,

Liste Malware, Malshare Daily Malware List, Malware Domain

Blocklist, Malware Domain List, PDF Examiner, PhishTank, Rutgers

Attacker IPs, SARVAM, ThreatExpert, ViruSign, VXVault Source,

WSTNPHX Malware Email Addresses

PREMIUM THREAT INTELLIGENCE FEEDSGather, filter, normalize, and analyze premium threat intelligence

*AS OF SEPTEMBER 2018

PRODUCT

ThreatConnect Intelligence Source • • • •Accenture iDefense • • • •Booz Allen Hamilton Cyber4Sight • • • •Cofense Intelligence • • • •Crowdstrike Falcon Intelligence • • • •Digital Shadows • • • •Dragos WorldView • • • •FireEye iSight Intelligence • • • •Flashpoint • • • •Intel 471 • • • •Kaspersky Labs • • • •MISP • • •• ••R-CISC • • • •Recorded Future Risk List • • • •Secureworks • • • •Symantec Deepsight • • • •Zerofox • • • •

SIEMAggregate your internal logs and combine them with threat intell igence

PRODUCT

ArcSight ESM • • •• ••IBM QRadar • • •• ••LogRhythm • • • •McAfee ESM • • • •RSA Netwitness • • • •Securonix • • • •Splunk • • • •

• •Partner Built & SupportedKEY Bi-Directional SIEM Integration or App Playbooks App

NETWORK SECURITYEnhance your ability to detect, monitor, and protect your network or host against threats

PRODUCT

Acuity BluVector • • • •Centripetal Networks • • • •Cisco FirePower • • • •Cisco Umbrella • • •• ••Dragos • • • •Fidelis Cybersecurity Network • • • •Palo Alto Networks NGFW • • •• ••

3865 Wilson Blvd. | Suite 550 | Arlington, VA 22203

sales@threatconnect.com P: 1.800.965.2708

About ThreatConnect®

ThreatConnect arms organizations with a powerful defense against cyber threats and the confidence to make strategic business decisions. Built on the industry’s

only intelligence-driven, extensible security platform, ThreatConnect provides a suite of products designed to meet the threat intelligence aggregation, analysis and

automation needs of security teams at any maturity level. More than 1,600 companies and agencies worldwide deploy the ThreatConnect platform to fully integrate their

security technologies, teams, and processes with relevant threat intelligence resulting in reduced detection to response time and enhanced asset protection.

www.ThreatConnect.com© 2018 ThreatConnect, Inc. All Rights Reserved.

MALWARE ANALYSISDetect, analyse, and defend your organization against malware and indicators of compromise

PRODUCT

Cisco Threat Grid • •Lastline • • McAfee ATD • •Palo Alto Networks Wildfire • • ReversingLabs • •VMRay Analyzer • •

ENRICHMENT & ANALYSISEnrich and visualize your data to quickly see relationships and patterns

PRODUCT

Cisco Umbrella Investigate • • •• ••DomainTools • • •• ••Farsight Security • • • •IBM X-Force • •Maltego • • • •Polarity • • • •Recorded Future • • •• ••Silobreaker • • • •VirusTotal • • •• ••

INCIDENT RESPONSE & TICKETINGReceive full context behind an incident to allow you to prioritize and triage investigations faster

PRODUCT

Atlassian Jira • •DF Labs • • • •Exabeam • • • •FireEye TAP • • •• ••IBM Resilient • •RSA Archer • •ServiceNow • •

ORCHESTRATIONEnrich your automated security processes with threat intelligence and conduct defensive actions across your technologies

DECEPTIONGain additional insights and context behind an attacker on your network for stronger analysis

PRODUCT

Phantom • • • •Siemplify • • • •

PRODUCT

Attivo Networks • • • •Cymmetria MazeRunner • • • •

*AS OF SEPTEMBER 2018

ThreatConnect Apps & Integrations

• •Partner Built & SupportedKEY Bi-Directional SIEM Integration or App Playbooks App

ENDPOINT DETECTION & RESPONSEAutomatically send threat intelligence to your devices to easily detect and block malicious behavior

PRODUCT

Carbon Black Response • • • •Crowdstrike Falcon Host • • •• ••Tanium Detect • • •• ••

VULNERABILITY MANAGEMENTStrengthen your ability to identify, remediate, and mitigate vulnerabilities in your network

PRODUCT

Qualys • • • •Tenable SecurityCenter • • • •