by Julian DeFronzo | Apr 20, 2017 | Blog, Threat Intelligence
Recorded Future Custom Connector updates for ThreatQ POSTED BY JULIAN DEFRONZO We have made significant changes to ThreatQ’s Recorded Future Custom Connector to support Recorded Future’s new API changes and additional risk lists. By pulling in additional data from the...
by Wayne Chiang | Apr 18, 2017 | Blog, Threat Intelligence
Product Methodology: Operations vs. Sharing POSTED BY WAYNE CHIANG During the time when we were designing the initial phases of our threat intelligence platform (TIP), we determined that there were some important core principles that should drive how we built the...
by Ryan Trost | Apr 11, 2017 | Blog, Threat Intelligence
Blanket Deployment of Intelligence is Counterproductive POSTED BY RYAN TROST One of the core workflows within SOC/CIRT Teams these days is automatically consuming intelligence in the form of indicators and deploying them to detection technologies. It seems really easy...
by Ryan Trost | Apr 4, 2017 | Blog, Threat Intelligence
To Optimize Threat Operations, Start with Customized Scoring POSTED BY RYAN TROST Did you know that the threat scores intelligence providers and “blackbox” TIPs provide are generic, global risk scores? They aren’t specific to your company, or even your vertical....
by Julian DeFronzo | Mar 28, 2017 | Blog, Cybersecurity, Threat Intelligence
Project Honey Maid: Using ThreatQ to Research NoSQL Ransomware Attacks POSTED BY JULIAN DEFRONZO Part I: MongoDB Over the past few months, there has been a rise in ransomware-like attacks against many popular NoSQL databases, including MongoDB, Elasticsearch, and...
by Mike Clark | Mar 23, 2017 | Blog, Threat Intelligence
How to Use ThreatQ to Defend Against Ransomware POSTED BY MIKE CLARK Ransomware is still a major money maker for cyber criminals and victims are all over the board, ranging from individuals to major corporations. The attack isn’t complex and revolves around a very...
