Blog

Not all domain extensions carry equal risk. Some TLDs are dominated by legitimate commerce and communication. Others have become reliable infrastructure for phishing campaigns, malware distribution, and scam operations — so reliably that blocking them by namespace is...

Threat intelligence platforms are only as good as the intel flowing into them. You can have the cleanest workflow, the sharpest analysts, and the most elegant investigation UX — but if your IOC data is stale, incomplete, or stripped of context, you're making decisions...

alphaMountain now integrates directly with MISP as a native enrichment module. If you're running MISP to collect and share threat intelligence, you can now enrich your network indicators — IPs, domains, hostnames, and URLs — with alphaMountain's AI-powered risk...

Most enterprise security teams have solid coverage on email attachments, credential harvesting forms, and malware downloads. What they tend to have less visibility into is what happens inside the SaaS platforms their marketing departments live in every day. Meta...

The cybersecurity industry is entering the era of agentic cybersecurity, and in many organizations it has already begun. AI systems are no longer limited to assisting analysts with enrichment or automation tasks. Increasingly, they are investigating alerts, validating...

We've just updated the alphaMountain app in Splunkbase – the official app store for Splunk by Cisco. Read on to learn about the changes we made and how it's even more useful for threat analysts and incident responders.   Splunk URL Enrichment Has Been Too Shallow...