episode iv: a new scope

1All material confidential and proprietary

February 2016

EPISODE IV: A NEW SCOPE

2All material confidential and proprietary

Bhaskar KarambelkarData Science Lead

Dan ColeDirector of Product

Management

TODAY’S PRESENTERS

© 2016 ThreatConnect, Inc. All Rights Reserved

3All material confidential and proprietary

ONE PLATFORM FOR MAKING INTELLIGENCE DRIVEN SECURITY DECISIONS ACROSS YOUR ENTERPRISE

TI Team

SOC Team

IR Team

ISAC/ISAO

SIEM

IPS/IDS

End-point Protection

Firewalls/UTMIntelligence Feeds

Network Controls

Vulnerability Scanner

Web Proxy

Public Community

Private Community

CISO/ CIO

C-Suite/Board

4All material confidential and proprietary

THE THREATCONNECT PLATFORM

© 2016 ThreatConnect, Inc. All Rights Reserved

5All material confidential and proprietary

INTEGRATIONS

Premium Intelligence Solutions

6All material confidential and proprietary

7All material confidential and proprietary

New Dashboar

d

User Interface

NEW WAYS TO VISUALIZE YOUR INTEL

UI

8All material confidential and proprietary

Relevance

Accuracy

Quality

EVALUATE THE RETURN ON YOUR INVESTMENT IN YOUR THREAT INTELLIGENCE• Rate sources using a threat

rating and confidence rating scale

• Observations allow users to see how relevant their intelligence sources are in the platform

• False positives reporting capability

✓

9All material confidential and proprietary

JavaScript SDK

Application Spaces

UNITE AND EMPOWER YOUR THREAT INTEL TEAM

10All material confidential and proprietary

Intel Visualizati

on

Automated

Enrichment

MAKE ANALYSTS’ LIVES EASIER

11All material confidential and proprietary

DIAMOND MODEL

© 2016 ThreatConnect, Inc. All Rights Reserved

12All material confidential and proprietary

THREATCONNECT DASHBOARD

www.threatconnect.com/threatconnect-4-0-now-with-a-real-dashboard/

13All material confidential and proprietary

INDICATOR ACTIVITY

© 2016 ThreatConnect, Inc. All Rights Reserved

• Distinguish between enriched and non-enriched indicators

• Shows a trend-line to indicate cumulative growth

• Shows a breakdown by indicator type

• Scope of the data can be global/community/organization/ feed

14All material confidential and proprietary

SOURCE MAGIC QUADRANTS• Plots feed sources on threat ratings

v/s confidence quadrants

• Size determines quantity and opacity determines enrichment

• Allows comparison of feeds

• One stop shop to get to know, compare, and evaluate TI feeds

• Current metrics are more subjective than objective

© 2016 ThreatConnect, Inc. All Rights Reserved

15All material confidential and proprietary

INTELLIGENCE & ACTIVITIES

© 2016 ThreatConnect, Inc. All Rights Reserved

• Shows current value and a trend-line with historic data

• Trend-lines serve dual purpose

16All material confidential and proprietary

WHAT’S COMING?

© 2016 ThreatConnect, Inc. All Rights Reserved

Sharing incentives• More incentives for sharing data between community, with a symbiotic eco-system

Dashboard upgrade• More powerful and interactive dashboard

Enhanced metrics• More meaningful and objective metrics for IOC/feed ratings/confidence

More reporting and analysis features• More apps and features for data visualizations reporting and analysis

More powerful, streamlined SIEM integrations

17All material confidential and proprietary

THE FORCE IS STRONG WITH OUR PLATFORM

www.threatconnect.com/diamond-model-threat-intelligence-star-wars/

18All material confidential and proprietary

QUESTIONS?

© 2016 ThreatConnect, Inc. All Rights Reserved

19All material confidential and proprietary

• See a personalized Demo• www.threatconnect.com/request-a-demo

• Sign up for Free Account• www.threatconnect.com/free

TAKE ACTION

© 2016 ThreatConnect, Inc. All Rights Reserved

20All material confidential and proprietary

dcole@threatconnect.com

info@threatconnect.com

www.threatconnect.com

THANK YOU