episode iv: a new scope
TRANSCRIPT
1All material confidential and proprietary
February 2016
EPISODE IV: A NEW SCOPE
2All material confidential and proprietary
Bhaskar KarambelkarData Science Lead
Dan ColeDirector of Product
Management
TODAY’S PRESENTERS
© 2016 ThreatConnect, Inc. All Rights Reserved
3All material confidential and proprietary
ONE PLATFORM FOR MAKING INTELLIGENCE DRIVEN SECURITY DECISIONS ACROSS YOUR ENTERPRISE
TI Team
SOC Team
IR Team
ISAC/ISAO
SIEM
IPS/IDS
End-point Protection
Firewalls/UTMIntelligence Feeds
Network Controls
Vulnerability Scanner
Web Proxy
Public Community
Private Community
CISO/ CIO
C-Suite/Board
4All material confidential and proprietary
THE THREATCONNECT PLATFORM
© 2016 ThreatConnect, Inc. All Rights Reserved
5All material confidential and proprietary
INTEGRATIONS
Premium Intelligence Solutions
6All material confidential and proprietary
7All material confidential and proprietary
New Dashboar
d
User Interface
NEW WAYS TO VISUALIZE YOUR INTEL
UI
8All material confidential and proprietary
Relevance
Accuracy
Quality
EVALUATE THE RETURN ON YOUR INVESTMENT IN YOUR THREAT INTELLIGENCE• Rate sources using a threat
rating and confidence rating scale
• Observations allow users to see how relevant their intelligence sources are in the platform
• False positives reporting capability
✓
9All material confidential and proprietary
JavaScript SDK
Application Spaces
UNITE AND EMPOWER YOUR THREAT INTEL TEAM
10All material confidential and proprietary
Intel Visualizati
on
Automated
Enrichment
MAKE ANALYSTS’ LIVES EASIER
11All material confidential and proprietary
DIAMOND MODEL
© 2016 ThreatConnect, Inc. All Rights Reserved
12All material confidential and proprietary
THREATCONNECT DASHBOARD
www.threatconnect.com/threatconnect-4-0-now-with-a-real-dashboard/
13All material confidential and proprietary
INDICATOR ACTIVITY
© 2016 ThreatConnect, Inc. All Rights Reserved
• Distinguish between enriched and non-enriched indicators
• Shows a trend-line to indicate cumulative growth
• Shows a breakdown by indicator type
• Scope of the data can be global/community/organization/ feed
14All material confidential and proprietary
SOURCE MAGIC QUADRANTS• Plots feed sources on threat ratings
v/s confidence quadrants
• Size determines quantity and opacity determines enrichment
• Allows comparison of feeds
• One stop shop to get to know, compare, and evaluate TI feeds
• Current metrics are more subjective than objective
© 2016 ThreatConnect, Inc. All Rights Reserved
15All material confidential and proprietary
INTELLIGENCE & ACTIVITIES
© 2016 ThreatConnect, Inc. All Rights Reserved
• Shows current value and a trend-line with historic data
• Trend-lines serve dual purpose
16All material confidential and proprietary
WHAT’S COMING?
© 2016 ThreatConnect, Inc. All Rights Reserved
Sharing incentives• More incentives for sharing data between community, with a symbiotic eco-system
Dashboard upgrade• More powerful and interactive dashboard
Enhanced metrics• More meaningful and objective metrics for IOC/feed ratings/confidence
More reporting and analysis features• More apps and features for data visualizations reporting and analysis
More powerful, streamlined SIEM integrations
17All material confidential and proprietary
THE FORCE IS STRONG WITH OUR PLATFORM
www.threatconnect.com/diamond-model-threat-intelligence-star-wars/
18All material confidential and proprietary
QUESTIONS?
© 2016 ThreatConnect, Inc. All Rights Reserved
19All material confidential and proprietary
• See a personalized Demo• www.threatconnect.com/request-a-demo
• Sign up for Free Account• www.threatconnect.com/free
TAKE ACTION
© 2016 ThreatConnect, Inc. All Rights Reserved
20All material confidential and proprietary
www.threatconnect.com
THANK YOU