Upload
threatconnect
View
1.891
Download
4
Embed Size (px)
Citation preview
1All material confidential and proprietary
MALTEGO TRANSFORM SETApril 2014
Andy Pendergast – Product Director
2All material confidential and proprietary
AGENDA• Quick Overview
• What is ThreatConnect?• How are we using Maltego?• Getting Started
• Live Demo & Maltego Transform Set Walkthrough• Setup and Familiarization• A Few Use Cases
• Q&A Time
3All material confidential and proprietary
THREAT INTELLIGENCE PLATFORM
SOC
Incident Response
Threat Analysts
IT/Compliance
Malware Analysts
CISO/CIO
Intelligence Sources
Commercial
Open Source
Communities
Sharing
Internal
Actionable Integrations
SIEM
IPS/IDS, Firewalls
Gateways
Endpoint, Response
DLP, NAV
4All material confidential and proprietary
MORE THAN A FEED: PLATFORM & PROCESS
DiamondMethodology
AutomationCommunities RobustAPI
EnterpriseIntegrations
Workflow
Analyst
Control
Knowledge Management
Multiple Sources
Data Visualization
Aggregate
Act
Analyze
5All material confidential and proprietary
• Well-known and widely used data visualization and analytics software
• Visualize ThreatConnect data and relationships
• Pull the full context of Knowledge and Intelligence into Maltego Graphs
• Pivot from ThreatConnect data to other sources using Maltego transforms sets
MALTEGO INTEGRATION BENEFITS
6All material confidential and proprietary
BENEFITS OF MALFORMITY LABS PARTNERSHIP• Maintained server side transform set (easy upgrade and
maintenance)• Access to dedicated ThreatConnect Transform server • Over 100 transforms to pivot through ThreatConnect
relationships and data (and growing)• Available as part of new Team and Enterprise Subscriptions,
Private Cloud, or On-Premises Deployments
7All material confidential and proprietary
HOW IT WORKS
Transform Delivery
Server (TDS)Maltego Client
ThreatConnect Dedicated Transform
Server
API QueriesTransform Discovery and Queries
Configuration Updates and Query Results
API Responses
• All communications SSL encrypted• Server Transforms available if you have your own Maltego Server• Requires:
• Maltego Client• Malformity Labs TDS Seed URL (given with documentation)• ThreatConnect API AccessID and Key
8All material confidential and proprietary
DEMO TIME!
9All material confidential and proprietary
GETTING STARTED
Deployment OptionsPublic CloudPrivate CloudOn-Premises
30 Day Trial OptionsTeam EditionEnterprise
Edition
10All material confidential and proprietary
THANK YOU
@ThreatConnectCheck out our Twitter feed for the latest on shares, events, and
fun.
Want to Learn More? [email protected]
Ready for a Trial? Sign up Now!http://www.threatconnect.com/product/product_editions