1All material confidential and proprietary

MALTEGO TRANSFORM SETApril 2014

Andy Pendergast – Product Director

2All material confidential and proprietary

AGENDA• Quick Overview

• What is ThreatConnect?• How are we using Maltego?• Getting Started

• Live Demo & Maltego Transform Set Walkthrough• Setup and Familiarization• A Few Use Cases

• Q&A Time

3All material confidential and proprietary

THREAT INTELLIGENCE PLATFORM

SOC

Incident Response

Threat Analysts

IT/Compliance

Malware Analysts

CISO/CIO

Intelligence Sources

Commercial

Open Source

Communities

Sharing

Internal

Actionable Integrations

SIEM

IPS/IDS, Firewalls

Gateways

Endpoint, Response

DLP, NAV

4All material confidential and proprietary

MORE THAN A FEED: PLATFORM & PROCESS

DiamondMethodology

AutomationCommunities RobustAPI

EnterpriseIntegrations

Workflow

Analyst

Control

Knowledge Management

Multiple Sources

Data Visualization

Aggregate

Act

Analyze

5All material confidential and proprietary

• Well-known and widely used data visualization and analytics software

• Visualize ThreatConnect data and relationships

• Pull the full context of Knowledge and Intelligence into Maltego Graphs

• Pivot from ThreatConnect data to other sources using Maltego transforms sets

MALTEGO INTEGRATION BENEFITS

6All material confidential and proprietary

BENEFITS OF MALFORMITY LABS PARTNERSHIP• Maintained server side transform set (easy upgrade and

maintenance)• Access to dedicated ThreatConnect Transform server • Over 100 transforms to pivot through ThreatConnect

relationships and data (and growing)• Available as part of new Team and Enterprise Subscriptions,

Private Cloud, or On-Premises Deployments

7All material confidential and proprietary

HOW IT WORKS

Transform Delivery

Server (TDS)Maltego Client

ThreatConnect Dedicated Transform

Server

API QueriesTransform Discovery and Queries

Configuration Updates and Query Results

API Responses

• All communications SSL encrypted• Server Transforms available if you have your own Maltego Server• Requires:

• Maltego Client• Malformity Labs TDS Seed URL (given with documentation)• ThreatConnect API AccessID and Key

8All material confidential and proprietary

DEMO TIME!

9All material confidential and proprietary

GETTING STARTED

Deployment OptionsPublic CloudPrivate CloudOn-Premises

30 Day Trial OptionsTeam EditionEnterprise

Edition

10All material confidential and proprietary

THANK YOU

@ThreatConnectCheck out our Twitter feed for the latest on shares, events, and

fun.

Want to Learn More? sales@ThreatConnect.com

Ready for a Trial? Sign up Now!http://www.threatconnect.com/product/product_editions