ThreatConnect announces its series of partner-centered Playbooks applications to help orchestrate and automate security processes. These new applications focus on enriching indicators, analyzing malware, and exporting indicators for further analysis and security event triage.
“We continue to work with industry-leading partners to help our customers better manage and improve their security processes. Adding these important Playbook applications to our growing list ensures that ThreatConnect allows organizations to have more control, automation and effectiveness in their response to threats and to protect their businesses.”, said ThreatConnect CEO Adam Vincent.
New Playbooks applications include:
IBM X-Force enrichment
ThreatConnect has created 5 new Playbooks apps that allow users to retrieve a variety of IBM X-Force enrichments based on the specified indicator type. With this series of Playbooks, users can query IBM X-Force to retrieve DNS records, IP reports, Malware reports, URL reports, and WHOIS records.
McAfee Advanced Threat Detection (ATD)
ThreatConnect has created 3 new Playbooks apps that allow users to submit files and URLs to McAfee ATD for zero-day malware analysis. Users can also leverage Playbooks to retrieve a malware report from McAfee ATD based on a specified Hash value.
Malware Information Sharing Platform (MISP)
With 2 new playbooks apps for MISP, ThreatConnect users can export indicators from ThreatConnect to MISP as either Events or Attributes. These apps can create any attribute based on Category and Type within the MISP data model.