The document outlines the integration of ThreatConnect with Maltego, a data visualization and analytics software, emphasizing its features and benefits for threat intelligence and incident response. It includes information on the setup, deployment options, and a demonstration of the Maltego transform set, alongside options for accessing the platform via different cloud and on-premises solutions. Overall, it highlights the capabilities for data visualization, automation, and knowledge management within cyber threat analysis.

1. 1All material confidential and proprietary
MALTEGO TRANSFORM SET
April 2014
Andy Pendergast – Product Director

2. 2All material confidential and proprietary
AGENDA
• Quick Overview
• What is ThreatConnect?
• How are we using Maltego?
• Getting Started
• Live Demo & Maltego Transform Set Walkthrough
• Setup and Familiarization
• A Few Use Cases
• Q&A Time

3. 3All material confidential and proprietary
THREAT INTELLIGENCE PLATFORM
SOC
Incident
Response
Threat
Analysts
IT/
Compliance
Malware
Analysts
CISO/CIO
Intelligence Sources
Commercial
Open Source
Communities
Sharing
Internal
Actionable Integrations
SIEM
IPS/IDS, Firewalls
Gateways
Endpoint, Response
DLP, NAV

4. 4All material confidential and proprietary
MORE THAN A FEED: PLATFORM & PROCESS
Diamond
Methodology
AutomationCommunities Robust
API
Enterprise
Integrations
Workflow
Analyst
ControlKnowledge
Management
Multiple
Sources
Data
Visualization
Aggregate ActAnalyze

5. 5All material confidential and proprietary
• Well-known and widely used data
visualization and analytics software
• Visualize ThreatConnect data and
relationships
• Pull the full context of Knowledge
and Intelligence into Maltego
Graphs
• Pivot from ThreatConnect data to
other sources using Maltego
transforms sets
MALTEGO INTEGRATION BENEFITS

6. 6All material confidential and proprietary
BENEFITS OF MALFORMITY LABS PARTNERSHIP
• Maintained server side transform set (easy upgrade and
maintenance)
• Access to dedicated ThreatConnect Transform server
• Over 100 transforms to pivot through ThreatConnect
relationships and data (and growing)
• Available as part of new Team and Enterprise
Subscriptions, Private Cloud, or On-Premises Deployments

7. 7All material confidential and proprietary
HOW IT WORKS
Transform
Delivery
Server (TDS)
Maltego Client
ThreatConnect
Dedicated
Transform
Server
API Queries
Transform
Discovery
and Queries
Configuration
Updates and
Query Results
API Responses
• All communications SSL encrypted
• Server Transforms available if you have your own Maltego
Server
• Requires:
• Maltego Client
• Malformity Labs TDS Seed URL (given with documentation)
• ThreatConnect API AccessID and Key

8. 8All material confidential and proprietary
DEMO TIME!

9. 9All material confidential and proprietary
GETTING STARTED
Deployment Options
Public Cloud
Private Cloud
On-Premises
30 Day Trial Options
Team Edition
Enterprise Edition

10. 10All material confidential and proprietary
THANK YOU
@ThreatConnect
Check out our Twitter feed for the latest on shares, events, and fun.
Want to Learn More?
sales@ThreatConnect.com
Ready for a Trial? Sign up Now!
http://www.threatconnect.com
/product/product_editions