Getting Started - Becoming a Developer Partner

Overview

This document is intended to provide solution providers with an understanding of how to become a Developer Partner by developing an approved integration for the ThreatConnect Platform. This document is geared towards both a business and technical audience with specific items called out for each focus.

Requirements

Primary Contacts

In order to begin this process, you’ll need to define two key resources:

  • Primary Business Contact - Responsible for coordinating business-related conversations and meeting the business needs for integrations.

    • This person should have a firm understanding of your product’s value proposition and how you interact with SOAR Platforms.

    • This person should be familiar with the process of handling legal documents within your business.

    • This person should be familiar with the key resources within your marketing and product teams and able to involve them as appropriate for our activities.

  • Primary Technical Contact - Responsible for coordinating technical conversations and meeting technical objectives for integrations.

    • This person should have a firm understanding of your product’s value proposition and how you interact with SOAR Platforms.

    • For integrations that may live in the ThreatConnect Platform, this person should have experience with Python 3 and working with common frameworks is required.

    • This person should be familiar with your product’s APIs, should have access to an API specifically for testing, and should be able to grant new access to the API for our testing.

Other Requirements

  • The ability to provide ongoing support for your integration directly with your customers that make use of it.

    • We provide our customers with support for our Platform but ask you to support your specific integration.

    • We support you with any issues that you may find in your integration that requires assistance from us.

Developer Partner On-Boarding Process

Complete our Technology Partner Form

Complete this form and select Technology or Integration Partner as the type to submit your initial information to us.

Sign our MNDA Document

We will send you our MNDA document for you to sign in preparation for discussions with us on your integration scenario.

Become Familiar with ThreatConnect

Review our https://threatconnect-techpartners.atlassian.net/wiki/spaces/DP/pages/237535233. This video provides a general overview of the ThreatConnect Platform. Regardless of your proposed use case, it’s important for you to develop an understanding of how the ThreatConnect Platform is used to ensure that your contribution is valuable.

Review our Integration Types

Visit https://threatconnect-techpartners.atlassian.net/wiki/spaces/DP/pages/343834636and select an integration type that best meets your use case.

Complete and Submit a Solution Brief Document

Grab the latest Solution Brief template here. Complete all of the required information within the Solution Brief based on the type of integration you’ve selected. After your Solution Brief is completed, submit it to us for review:

  1. Visit our approvals form where you should create an account for our ticket system.

  2. After creating an account, complete the approval form:

    1. Select the Approval Type of “Solution Brief Approval”

    2. Provide a summary of your submission that includes your company and integration type. For example:

      1. ThreatSolutions External REST Integration

      2. SecuLast On-Demand Enrichment

    3. Attach your completed document to the form in the “Attachment” section.

    4. Send the document for review.

Please allow up to 3 business days for someone from the Technology Partners team to review your submission and reply to you with feedback.

Join a Technical Call

We’ll reach out to you to schedule a technical call with a ThreatConnect Solutions Engineer to discuss your proposal further. We can provide guidance on how to further extend your integration scenario and ensure that it aligns properly with one of our https://threatconnect-techpartners.atlassian.net/wiki/spaces/DP/pages/343834636.

This is an opportunity for your technical resources to join the call and discuss any development-related questions with us.

Sign our Technology Partnership Agreement

We’ll provide you with our Technology Partnership Agreement form that we ask that you review and sign. This formalizes our relationship and allows things such as co-marketing, joint use of marks, and other possibilities with your integration once it is complete.

Gain Access to PartnerStage Access

We provide access to the ThreatConnect PartnerStage to provide you with a place to get hands-on familiarity with our Platform as well as develop and test your solution. We will discuss granting access to this environment as part of our technical call. The initial person to gain this access will become the Organization Administrator and can add others and create API credentials.

See our guide for helpful information about this environment.

Transform Your Solution Brief Into a Solution Design

Based on the guidance from your technical call, you will be expected to extend your Solution Brief document into a complete document. Specific guidance for what should be provided is in the Solution Design template as well as on the specific Integration Description page for your selected integration type.

Submit Your Design for Approval

After your Solution Design is completed, submit it to us for review:

  1. Visit our approvals form:

    1. Select the Approval Type of “Solution Design Approval”

    2. Provide a summary of your submission that includes your company and integration type. For example:

      1. ThreatSolutions External REST Integration

      2. SecuLast On-Demand Enrichment

    3. Attach your completed document to the form in the “Attachment” section.

    4. Send the document for review.

Sign the Technology Partners Agreement

We will provide you with a Technology Partners Agreement that must be signed in order for us to complete vetting on your integration.

Solution Development Process

Asset Development

Based on the approved Solution Design, you should begin work on your integration according to the information within the appropriate Integration Description that has been selected. During this time, you are expected to:

  • Complete your deliverable code based on the description in your design.

  • Perform unit testing against your code within your development environment.

  • For :

    • Work with the ThreatConnect Solutions Engineer to install your deliverable into the Platform.

  • For all in-platform integration types:

    • You perform in-platform testing against your solution to ensure that it works properly.

  • For all external integration types:

    • You perform testing within your own platform against your solution to ensure that it works properly.

  • You develop your User Documentation in accordance with our guidelines.

Solution Vetting

After your assets are completed and ready for our review, they should be submitted as an approval:

  1. Visit our approvals form:

    1. Select the Approval Type of “Solution Vetting”

    2. Provide a summary of your submission that includes your company and integration type. For example:

      1. ThreatSolutions External REST Integration

      2. SecuLast On-Demand Enrichment

    3. Attach your complete assets:

      1. Deliverable packages based on Integration Type (in-platform integrations):

        1. Threat Intelligence Feed - TCX File created using tcpackage.

        2. Playbooks App - ABX File exported from AppBuilder.

        3. Playbook Template - PBX File export from Playbook Designer.

      2. User Documentation

    4. Submit your assets for review.

  2. We will reach out to you to request access to your Platform in order to complete our testing.

    1. Regardless of your integration type, we must have access to test all features of your integration in order to complete vetting.

  3. We will complete the vetting process against your integration as described here.

    1. We will provide any feedback on changes necessary and work together with you to complete the value in your integration.

Launch and Joint Marketing

Once your integration has been approved from the vetting process, we will work with you to publish it appropriately. Some examples of typical ways it is published:

  • For in-platform integrations, packages and documentation are published on the ThreatConnect GitHub (Playbook-related items here, Threat Intelligence Feed-related items here).

  • Partners are asked to take the lead on all collateral (data sheets, press releases, etc.) with ThreatConnect available to assist with any content creation.

  • Integrations are listed on our website here.

  • Technology Partners are listed on our website here.

Our teams can work together to identify appropriate opportunities for publishing.