Software Advice Logo
Home
SOAR Software

ThreatConnect Threat Intelligence Platform (TIP)

ThreatConnect Threat Intelligence Platform (TIP)

RATING:

3.00

(1)
Visit Website
Overview
Reviews

About ThreatConnect Threat Intelligence Platform (TIP)

ThreatConnect is a cloud-based solution that helps businesses determine and prevent potential threats using security orchestration, automation and response (SOAR) capabilities. Supervisors can maintain a log of daily activities and receive automated notifications about high-risk issues. ThreatConnect comes with a dashboard, which allows organizations to gain an overview of security events via actionable analytics and generate operational reports. Managers can maintain case documentation using pre-defined templates, monitor historical trends and correlate them with identified risks. Additionally, it lets users receive crowdsourced intel about threats and collaborate with internal teams through the commenting functionality. ThreatConnect facilitates integration with s...
ThreatConnect threat analysis

ThreatConnect Threat Intelligence Platform (TIP) Reviews

Overall Rating

3.00

Ratings Breakdown

Secondary Ratings

Ease-of-use

1

Customer Support

3

Value for money

1

Functionality

3

Most Helpful Reviews for ThreatConnect Threat Intelligence Platform (TIP)

1 Review

Davis

Computer & Network Security, 11-50 employees

Used daily for less than 2 years

Review Source: Capterra
This reviewer was invited by us to submit an honest review and offered a nominal incentive as a thank you.

OVERALL RATING:

3

EASE OF USE

1

VALUE FOR MONEY

1

CUSTOMER SUPPORT

3

FUNCTIONALITY

3

Reviewed October 2022

ThreatConnect, great for data management, difficult to develope

ThreatConnect allowed for a small team to scale and manage enterprise threat intelligence and threat hunting capabilities, but was ultimately limiting when Playbook design and integration became too complex to develop, preventing the team from fully realizing the software's potential.

PROS

ThreatConnect allowed for multiple data types related to indicators of compromise for cybersecurity events to be collected, analyzed, enriched, and disseminated across customer environments. For example, a domain name could be uploaded, checked against threat feeds, and then enriched data including news articles and reports, attribution, and how ubiquitous the domain was across multiple client environments.

CONS

The Playbooks that allowed for enrichment, third-party tool integration (like a SIEM), were confusing and poorly documented. The pseudo-code logic, where blocks connected to other blocks as a visual representation of coding ideas, was designed to help non-programmers develop capability. In actual, a more code-like approach to the Playbook development would have been better. Instead, we were left with a lot of questions and little guidance on how to approach simple problems easily done in Python.

Reason for choosing ThreatConnect Threat Intelligence Platform (TIP)

Out of the box, ThreatConnect provided a baseline to manage and scale operations at a low cost - with the promise of greater integration and capability to be realized on-top of that baseline in the future.