Getting Started - Becoming a Developer Partner (New)


This document is intended to provide solution providers with an understanding of how to become a Developer Partner with ThreatConnect. A Developer Partner is a ThreatConnect Technology Partner that chooses to develop one or more technology integrations into a ThreatConnect product.

This document is intended to provide guidance for Developer Partners interested in developing solutions for the ThreatConnect SOAR Platform at this time.

Primary Contacts

In order to ensure a successful relationship with ThreatConnect as a Developer Partner, you’ll need to define people to maintain the following roles within your organization:

  • Primary Business Contact

    • Can provide information on your product’s value within the market.

    • Responsible for coordinating legal processes and making connections with marketing and product teams as necessary.

  • Primary Technical Contact

    • Can provide information on your product’s value against the ThreatConnect product you’re looking to integrate with.

    • Responsible for serving as or delegating the role of solutions architect for your integration.

    • Should be familiar with Python 3, REST APIs.

    • Should be able to allocate access to your product’s APIs if necessary for testing.

Integration Support

As a Developer Partner, you’re responsible for supporting the integration that you develop. You will need to be prepared to support the components that you develop:

  • ThreatConnect provides our customers with support on issues related to our Products. Each customer also has Customer Success contacts that can generally advise them on our products.

  • You should be prepared to help your customers become enabled with your integration and support any issues they experience with the portions you develop.

  • The Technology Partners team provides support to you in supporting your integration. We are available to address development-level questions if you find an issue that requires input from us. We are also responsible for escalating and resolving any issues that you find are related to our Products.

On-Boarding as a Developer Partner

Submit a Partner Request

As an initial step, complete our Partners request form and select Technology or Integration Partner as the type to submit your initial information to us. The Partners request form is located here:

Sign our MNDA Document

In response to your partner form, we’ll respond back to you including a copy of our MNDA that you will need to review/sign if we do not already have one in place.

Become Familiar with ThreatConnect

Review our Platform Introduction Video ( This video provides a general overview of the ThreatConnect Platform. Regardless of your proposed use case, it’s important for you to develop an understanding of how the ThreatConnect Platform is used to ensure that your contribution is valuable.

Review our Integration Types

Visit select an integration type that best meets your use case.

Complete and Submit a Solution Brief Document

Grab the latest Solution Brief template here: Complete all of the required information within the Solution Brief based on the type of integration you’ve selected. After your Solution Brief is completed, submit it to us for review:

  1. Visit our approvals form where you should create an account for our ticket system.

    1. The approvals form is located here:

  2. After creating an account, complete the approval form:

    1. Select the Approval Type of “Solution Brief Approval”

    2. Provide a summary of your submission that includes your company and integration type. For example:

      1. ThreatSolutions External REST Integration

      2. SecuLast On-Demand Enrichment

    3. Attach your completed document to the form in the “Attachment” section.

    4. Send the document for review.

Please allow up to 3 business days for someone from the Technology Partners team to review your submission and reply to you with feedback.

Join an Introductory Call

We’ll reach out to you to schedule a call to discuss your solution further. This call will be broken into two parts:

  • Business Introductions and Goals - we’d like to discuss what you’re looking to accomplish with your proposal.

  • Technical Discussion and Review of Solution Brief - we’d like to ask questions about your proposal and discuss how it fits together with ThreatConnect products.

Your solutions architecture technical contact should plan to join this call and provide information on your proposal. We will also reciprocate and provide input and guidance.

As a consequence of this discussion, we will make a determination on how to proceed. The next step in this process would be to explore Solutions Development.