About ThreatConnect Threat Intelligence Platform (TIP)
Most Helpful Reviews for ThreatConnect Threat Intelligence Platform (TIP)
Computer & Network Security, 11-50 employees
Used daily for less than 2 years
EASE OF USE
VALUE FOR MONEY
Reviewed October 2022
ThreatConnect, great for data management, difficult to develope
ThreatConnect allowed for a small team to scale and manage enterprise threat intelligence and threat hunting capabilities, but was ultimately limiting when Playbook design and integration became too complex to develop, preventing the team from fully realizing the software's potential.PROS
ThreatConnect allowed for multiple data types related to indicators of compromise for cybersecurity events to be collected, analyzed, enriched, and disseminated across customer environments. For example, a domain name could be uploaded, checked against threat feeds, and then enriched data including news articles and reports, attribution, and how ubiquitous the domain was across multiple client environments.CONS
The Playbooks that allowed for enrichment, third-party tool integration (like a SIEM), were confusing and poorly documented. The pseudo-code logic, where blocks connected to other blocks as a visual representation of coding ideas, was designed to help non-programmers develop capability. In actual, a more code-like approach to the Playbook development would have been better. Instead, we were left with a lot of questions and little guidance on how to approach simple problems easily done in Python.
Reason for choosing ThreatConnect Threat Intelligence Platform (TIP)
Out of the box, ThreatConnect provided a baseline to manage and scale operations at a low cost - with the promise of greater integration and capability to be realized on-top of that baseline in the future.