ThreatConnect Case Studies

The Customer needed an automated process to ingest indicators from ISAC communities and then to provide the data to their SIEM integration, QRadar. Automated ingestion would provide the customer’s Incident Response (IR) team the ability to monitor for relevant and actionable intelligence within their network. Learn More...

Needed to decrease the time between the Threat Intel team identifying indicators affecting their industry, and the Networking team implementing the appropriate block controls. Additionally, they wanted to make the process of requesting the block easier on the Threat Intel analysts. Learn More...

3 months after we launched, the customer was able to establish a streamlined communication process between the SOC and individual groups throughout the organization. This led to a decrease in the time it takes to notify the SOC of a potential incident or indicator of compromise, as well as an improvement in the quality and amount of historical data being housed for future queries. Learn More...

This was the first time this organization was deploying a security operations platform and they needed a trusted partner to help them mature their program and their usage of ThreatConnect along with it. Learn More...

The customer needed a Threat Intelligence Platform to replace an open source database (CRITS) that had become overloaded and unusable. The replacement platform needed to make conducting analysis easy in order to identify and mitigate suspected threats in a highly-scripted and automated environment. Learn More...

Needed a way to collaborate with partners to be able to streamline indicator enrichment and incident response to better identify and mitigate suspected threats in a timely, efficient manner. Learn More...