Browser extension that enables users to query ThreatConnect, add indicators, and group indicators directly from a supported browser.
Browser Extension v3 builds on the capabilities of previous versions with the addition of CAL natural language processing (NLP) that enables you to scan a web page and query the CAL NLP engine for matches on MITRE® ATT&CK® techniques. NLP looks for language that is indicative of MITRE ATT&CK techniques rather than looking for an exact match. When a technique is identified, you can hover over the text for additional insights on that technique and add relevant indicator information to your threat library for future investigations.
Users will also benefit from an updated Browser Extension interface for a more intuitive experience. Updates include ranking Indicators based on ThreatAssess score, a settings menu alphabetized by source, and the ability to filter between Groups and Indicators. With Browser Extension v3, you’ll maximize insights on MITRE ATT&CK techniques without having to track your findings in a spreadsheet.
With the ThreatConnect Browser Extension, users can scan an online resource for potential Indicators, query ThreatConnect for information about scan results, and import Indicators and Group Indicators directly into ThreatConnect from a supported web browser.
The ThreatConnect Browser Extension can scan various online resources for potential Indicators, including static and dynamic webpages, social media platforms, Google Docs files, email messages, and even ThreatConnect itself.
Users have the ability to:
Instantaneously access the insight of ThreatConnect at their fingertips, directly from the web browser they’re working from - fewer clicks means less frustration and quicker results.
Immediately leverage the global context from CAL, including classifiers from our analytics, anonymized observations/sightings of IOCs, and trending impressions information.
Quickly import disparate single indicators or batches of unstructured data along with associated source information into ThreatConnect without disrupting their investigative process - simply tag and import as a group when you’re ready.
Increase the value of their threat intelligence program by giving more users access at no additional cost and without the burden of learning and regularly accessing a new system.
In order to use the extension, users must be using a ThreatConnect version 6.7 or later.