Please view our webinar to learn the basics of our Maltego integration. https://attendee.gotowebinar.com/recording/2960337559231715841 Malformity Labs has developed a full transform set that allows for data from ThreatConnect™ to be integrated with the capabilities of Maltego. All ThreatConnect customers can take advantage of the Maltego transform set through the ThreatConnect™ API and a provided transform server. They can use this to: • Visualize the relationship between incidents, threats, adversaries, and indicators, • Leverage attributes belonging to indicators and threats to create Maltego Graphs without losing any of the contextual data within ThreatConnect, and • Pivot from ThreatConnect data and external open source data sources using other transform sets within Maltego.

1. 1All material confidential and proprietary
MALTEGO TRANSFORM SET
April 2014
Andy Pendergast – Product Director

2. 2All material confidential and proprietary
AGENDA
• Quick Overview
• What is ThreatConnect?
• How are we using Maltego?
• Getting Started
• Live Demo & Maltego Transform Set Walkthrough
• Setup and Familiarization
• A Few Use Cases
• Q&A Time

3. 3All material confidential and proprietary
THREAT INTELLIGENCE PLATFORM
SOC
Incident
Response
Threat
Analysts
IT/
Compliance
Malware
Analysts
CISO/CIO
Intelligence Sources
Commercial
Open Source
Communities
Sharing
Internal
Actionable Integrations
SIEM
IPS/IDS, Firewalls
Gateways
Endpoint, Response
DLP, NAV

4. 4All material confidential and proprietary
MORE THAN A FEED: PLATFORM & PROCESS
Diamond
Methodology
AutomationCommunities Robust
API
Enterprise
Integrations
Workflow
Analyst
ControlKnowledge
Management
Multiple
Sources
Data
Visualization
Aggregate ActAnalyze

5. 5All material confidential and proprietary
• Well-known and widely used data
visualization and analytics software
• Visualize ThreatConnect data and
relationships
• Pull the full context of Knowledge
and Intelligence into Maltego
Graphs
• Pivot from ThreatConnect data to
other sources using Maltego
transforms sets
MALTEGO INTEGRATION BENEFITS

6. 6All material confidential and proprietary
BENEFITS OF MALFORMITY LABS PARTNERSHIP
• Maintained server side transform set (easy upgrade and
maintenance)
• Access to dedicated ThreatConnect Transform server
• Over 100 transforms to pivot through ThreatConnect
relationships and data (and growing)
• Available as part of new Team and Enterprise
Subscriptions, Private Cloud, or On-Premises Deployments

7. 7All material confidential and proprietary
HOW IT WORKS
Transform
Delivery
Server (TDS)
Maltego Client
ThreatConnect
Dedicated
Transform
Server
API Queries
Transform
Discovery
and Queries
Configuration
Updates and
Query Results
API Responses
• All communications SSL encrypted
• Server Transforms available if you have your own Maltego
Server
• Requires:
• Maltego Client
• Malformity Labs TDS Seed URL (given with documentation)
• ThreatConnect API AccessID and Key

8. 8All material confidential and proprietary
DEMO TIME!

9. 9All material confidential and proprietary
GETTING STARTED
Deployment Options
Public Cloud
Private Cloud
On-Premises
30 Day Trial Options
Team Edition
Enterprise Edition

10. 10All material confidential and proprietary
THANK YOU
@ThreatConnect
Check out our Twitter feed for the latest on shares, events, and fun.
Want to Learn More?
sales@ThreatConnect.com
Ready for a Trial? Sign up Now!
http://www.threatconnect.com
/product/product_editions