Threat Connect 2.2.4

Threat Connect - 2.2.4

tags: python | Threat Intelligence Platform | Cyber Risk Quantification

Table of Contents

• Description
• CDC Command Lines
• Workflows
• Rules
• Sensors
• Triggers
• Known Issues

Description

ThreatConnect is the only Platform to unite Cyber Risk Quantification (RQ), Threat Intelligence Platform (TIP) and Security Orchestration and Response (SOAR) capabilities, ThreatConnect is a decision and operational support platform that aligns the entire security lifecycle to the goal of reducing risk.

The ThreatConnect Platform delivers orchestration and automation capabilities that reduce job complexity for every stakeholder – from security executives, to risk teams, to threat intelligence experts, to security operations personnel and incident responders.

ThreatConnect is the only solution that natively combines cyber risk quantification, threat intelligence, orchestration and automation, analytics, and templated workflows relevant for all stakeholders – security and business executives, risk, threat intelligence, vulnerability, operations and response.

Integrating ThreatConnect with CyberProof Defense Centre(CDC) and injection of TC incidents as alerts in cdc with Associated Groups, Tags, Security Label, Attributes and many other fields.

CDC Command Lines

No CDC command lines

Workflows

• inject_tc_alert_to_cdc
  Inject Threat Connect alert to cdc using cdc async api.

• process_yara_files
  Process Yara files.

Rules

• cdc_new_alert_from_threatconnect
  Triggering inject new alert to CDC workflow when a new alert is created in threatconnect

Sensors

• ThreatConnectSensor
  Sensor to pull reported incidents from Threat Connect

Poll interval - 60s

Triggers

No triggers

Known Issues