This document is intended to provide guidance on developing a published data sheet for an integration with the ThreatConnect Platform. The primary audience for this document will be ThreatConnect Developer Partners. A data sheet contribution allows joint prospects and customers easily digest the usefulness of an integration with a bit more detail than something like a video.
We recommend that you provide a data sheet with a Solutions-oriented Focus - communicating the problems that your integration solves for customers:
You should describe the general problem(s) that joint customers face.
You describe how your integration addresses the problems that you’ve outlined.
This focus is typically aimed at a decision-maker responsible for addressing the needs within their organization’s security program.
Your data sheet’s audience will be public and you should consider the users below your general audience based on this table:
User Group | Familiar with Your Product? | Familiar with ThreatConnect? |
|---|---|---|
Your customers and staff | Yes | No |
Your prospects | Maybe | No |
ThreatConnect customers and staff | No | Yes |
ThreatConnect prospects | No | Maybe |
Because of this, details should be communicated in a way that can be broadly understood by all of the consumers. We also encourage the content to be technical-leaning but should avoid overly-technical concepts (which can be included as a focus in your User Documentation):
Scripting inputs or heavily-formatted inputs (JSON objects)
Specific data structures
Complex concepts that cannot easily be simplified in a few statements
You should plan on applying your own branding to the data sheet in general but, as a Technology Partner, we can provide you with permission to use the ThreatConnect logo in your content.
We’ve found the following structure works well for a data sheet:
High-level overview of both solutions
Problem Statements
Solution Statements
Wrap-Up with Joint-Value Statements
Based on the structure below, we’ve provided some specific guidance for each one of these points in the sections below:
In this portion of the data sheet, provide the audience with a high-level understanding of your product. Some ideas of what to communicate:
Product category (EDR, Firewall, TI provider, etc)
Specific areas of focus
Up to three traits that distinguish your brand or offering
Statements in this section should remain high-level and we request that you do not include any general screenshots of your platform in this section.
We will supply this portion of your data sheet for you based specifically on how your integration interfaces with our Platform. For example, if you contribute a Threat Intelligence feed, we will provide a statement that focuses on our Threat Intelligence Platform features.
In this section, focus on the challenges that our joint customers face on a regular basis. We recommend using language that allows the problem to be broadly applicable. With each statement:
Avoid overly-specific or narrowly-crafted problem statements unless absolutely necessary
Consider up-leveling typical problem statements if your solution is highly technical
For example, if you provide adversary infrastructure geolocation data, up-level statements to investigating adversary infrastructure broadly if permitted.
Ensure that your problem statements are sufficiently distinct from one another
In this section, focus on showing the value of your integration. Specifically address the end-goal of your solution and avoid speaking about the functionality of your integration specifically. To assist with some translation and provide context, here are some common ways to transition from functional to solution-oriented:
Functional Statement | Solution-Oriented Statement |
|---|---|
Download phishing indicators from our feed into ThreatConnect | Deploy emerging phishing infrastructure indicators to stop attacks before they happen |
Enrich an IP address/host using our service | Get instant context for adversary infrastructure as part of your alert triage process |
Synchronize indicators from ThreatConnect into our service | Make informed decisions in our service using your curated intelligence from ThreatConnect |
You should provide 1-2 screenshots of your integration at this point. Consider using limited, but meaningful annotations to show specific details of the integration. Avoid screenshots with no clear context.
In this section, focus on reiterating the key points from the previous sections. Use slightly different language to communicate your message:
Reiterate the high-level value proposition of both your solution and ThreatConnect.
Reiterate the high-level value proposition of the integration.
Finish with a call to action: How to obtain the integration and a getting started trajectory.
Follow these steps in order to ensure that the publishing of your data sheet goes smoothly:
Please allow ThreatConnect to review your data sheet and make suggestions before you publish to any audience. We will want to review both the content as well as the layout/style.
Please publish your data sheet to your own website. We will make a link to your website for the sheet on our website as part of your integration listing.
Once your data sheet is published, ensure that your data sheet is appropriately linked in any existing or future items related to the integration such as integration listings or blogs on your own website.