Threat Intelligence Platform
Offer a reference bonus
1.00

Threat Intelligence Platform

ThreatConnect, Inc.

-
ROI-
USD
Using9
Selling12

PitchAutomate the Collection of Intel From All Sources

Product features

Description

With our Threat Intelligence Platform (TIP), centralize the aggregation and management of threat data no matter the source. Whether it’s Open Source data from OSINT Feeds, Blogs, or RSS Feeds; or indicators being sent from a threat intel feed provided by an ISAC or Premium Provider, we take that data and add additional context. Robust integrations with tools like your SIEM, EDR, and firewall pull internally generated logs into ThreatConnect for further enrichment. You’re provided with a place to organize and prioritize the data so you can then use it to drive actions inside and outside of the Platform. Agnostic and Extensible Integrations for Distributing Information to Other Security Tools
Intelligence collected within our Threat Intelligence Platform has the ability to dictate decisions being made across your technology stack. Send relevant and actionable insights from the TIP to other tools with our wide breadth of integrations and flexible Playbooks. Export Threat Intelligence Reports and share the information with other teams to help your organization stay up to date on relevant threats. Read more about how ThreatConnect helped a customer use relevant threat intelligence here. Dynamic Intel-driven Automation and Orchestration for Better Decision Making As additional context and associations are applied to an indicator, you are armed with intelligence that should influence decision making. But, indicators are dynamic and ever changing. And as they change, so should the processes tied to them. With ThreatConnect, intel-driven automation, orchestration, and response gives you the ability to adjust decisions on the fly based on the changes seen in the intelligence that is influencing the process. Your automated processes are made smarter with Playbooks that enable continuous dynamic decision-making. With ThreatConnect, you are able to centralize your intelligence, establish process consistency, scale operations, and measure your effectiveness all in one place. Make your security operations and analysts more efficient, while providing real-time insights to security leaders to make better business decisions. With ThreatConnect’s intelligence-driven security operations platform, your team has the ability to leverage threat intelligence, automation, and orchestration directly from one platform. Automation or orchestration informed by threat intelligence makes your pre-existing technology investments and your entire security team — including security operations and incident response — more efficient and more effective. A complete solution, ThreatConnect enables you to gain visibility into threats and understand their relevance to your organization, as well as increase efficiency with automation, task management, and orchestration. With ThreatConnect, every member of your security team — including leadership — benefits from using the same platform. A centralized system of record, ThreatConnect can measure the effectiveness of your organization with cross-platform analytics and customizable dashboards.

Product Features

  • Open Source Feeds
  • Ingest Premium Feeds
  • Access to CAL™ Data
  • TAXII Server
  • ThreatConnect Intelligence Source
  • Custom Dashboards
  • Automated Email Import
  • Manage Incidents and Tasks
  • Create Threat Intelligence
  • Orchestration
  • Custom Indicator Types

Problems that the product solves

Risk or Leaks of confidential information

Risk of attacks by hackers

Risk of data loss or damage

Decentralized IT systems

High costs of IT personnel

Values

Enhance Staff Productivity

Manage Risks

Testing

https://threatconnect.com/request-a-demo/ Contact: sales@softprom.com

Characteristics (Threat Intelligence Platforms)

Own feed providers / feed prep analytics centers

Avaliable

Normalization, feed deduplication

Avaliable

Number of feed suppliers out of the box

100+

CSV files

Avaliable

JSON files

Avaliable

HTTP-feed

Avaliable

Email

Avaliable

STIX / TAXII Standards Support

Avaliable

Unstructured text data

Avaliable

The ability to enrich data from external sources (for example, WHOis, PassiveDNS, VirusTotal, etc.)

Avaliable

Connecting additional feed providers

Avaliable

Search for matches in SIEM events

Avaliable

Direct incident response through integration with third-party information security systems

Avaliable

Responding to incidents using complex algorithms (playbooks)

Avaliable

REST API Integration Capability

Avaliable

Manual adjustment of “weight” parameters for feed’s

N/A

Ability to build a graph of links between feed’s objects and internal artifacts

N/A

Transaction Features

Partner average discount

Deal protection

Average deal size

Average deal closing time

Competitive products

User features

Roles of Interested Employees

Chief Information Officer

Chief IT Security Officer

IT Security and Risk Management

Organizational Features

IT Security Department in company

Company branches in different countries