ThreatConnect, Inc.®, provider of the industry’s only intelligence-driven security operations platform, is proud to announce the release of ThreatConnect version 6.0. Among other features in this new release, ThreatConnect introduces Workflow, which enables interactive intelligence-powered investigation and case management capabilities for Incident Responders, Security Operations Analysts, and Cyber Threat Intelligence Analysts. ThreatConnect’s Workflow functionality reduces the risk of missing critical steps and relevant artifacts, and decreases the time it takes to uncover relevant intelligence.
ThreatConnect Workflow allows security teams to investigate, track, and collaborate on information related to threats and incidents with automated and manual tasks and standardised, consistent processes - all from a central location. Security team members using the ThreatConnect Platform now have a mechanism that correlates artifacts from an investigation to existing intelligence, as well as historical case data from past incidents and investigations. The Platform allows users to not only enrich cases with both internal and external threat intelligence, but also generate intelligence from those cases to be used to enhance detection, prevention, and to build out a library of relevant threats facing the organisation. This leads to a more complete picture and better understanding of an organisation’s own internal threats.
Adam Vincent, ThreatConnect CEO, said, “With Workflow, we have realised the vision we had for the core capabilities of our Platform. Nine years ago we set out to build a platform with the necessary capabilities to improve the cyber analysis process. We led with threat intelligence, then developed orchestration and automation through Playbooks, and now, Workflows. With ThreatConnect, security teams have a Platform that is a single source for their intel, response plans, and processes that provides a common reference point enabling collaboration, consistency, and that increases accuracy for threat-based decision making.”
ThreatConnect’s combination of security orchestration, automation, and response (SOAR) plus threat intelligence, provides the ability to enhance human and machine-driven security processes with internal and external intelligence on threat actors, attack techniques using MITRE ATT&CK™, and traditional indicators of compromise. In addition to improving response time with consistent and documented processes, this allows teams to maximise the amount of internally sourced threat intelligence obtained from incident response and operations teams.
In addition to Workflow, other 6.0 features include:
ThreatConnect’s 6.0 release will be generally available to all existing and customers by the end of Q1.