Getting Started - Solutions Development Process

Overview

The purpose of this document is to describe the Solutions Development Process that ThreatConnect Developer Partners should use to develop an integration.

This is the second part of a multi-step process. Ensure that you’ve reviewed the https://threatconnect-techpartners.atlassian.net/wiki/spaces/DP/pages/966000641 page first as this contains initial steps for new Developer Partners.

This page applies to Developer Partners looking to integrate with the ThreatConnect SOAR Platform.

Getting Started

Gain Access to PartnerStage

We provide access to the ThreatConnect PartnerStage to provide you with a place to get hands-on familiarity with our Platform as well as develop and test your solution. We will discuss granting access to this environment as part of our technical call. The initial person to gain this access will become the Organization Administrator and can add others and create API credentials.

See our https://threatconnect-techpartners.atlassian.net/wiki/spaces/DP/pages/163988 guide for helpful information about this environment.

Integration Training

Depending upon the complexity of your integration and the type of integration you’ve selected, we may provide Integration Training to you. This is a technical training meant for your resources designing and developing your integration. We cover the success recipe from a tactical standpoint for how to ensure a valuable integration is developed. Your Solutions Engineer can facilitate scheduling this with you.

Transform Your Solution Brief Into a Solution Design

Based on the guidance from your technical call, you will be expected to extend your Solution Brief document into a complete https://threatconnect-techpartners.atlassian.net/wiki/spaces/DP/pages/35946538 document. Specific guidance for what should be provided is in the Solution Design template as well as on the specific Integration Description page for your selected integration type.

See our examples included in the Solution Design section for an idea of a finished product.

Submit Your Design for Approval

After your Solution Design is completed, submit it to us for review:

  1. Visit our approvals form: https://jira-tc.atlassian.net/servicedesk/customer/portal/12/group/28/create/110

    1. Select the Approval Type of “Solution Design Approval”

    2. Provide a summary of your submission that includes your company and integration type. For example:

      1. ThreatSolutions External REST Integration

      2. SecuLast On-Demand Enrichment

    3. Attach your completed document to the form in the “Attachment” section.

    4. Send the document for review.

Please allow up to 3 business days for someone from the Technology Partners team to review your submission and reply to you with feedback.

Sign the Technology Partners Agreement

We will provide you with a Technology Partners Agreement that must be signed in order for us to complete vetting on your integration.

Solution Development Process

Asset Development

Based on the approved Solution Design, you should begin work on your integration according to the information within the appropriate Integration Description that has been selected. During this time, you are expected to:

  • Complete your deliverable code based on the description in your design.

  • Perform unit testing against your code within your development environment.

  • For https://threatconnect-techpartners.atlassian.net/wiki/spaces/DP/pages/458975:

    • Work with the ThreatConnect Solutions Engineer to install your deliverable into the Platform.

  • For all in-platform integration types:

    • You perform in-platform testing against your solution to ensure that it works properly.

  • For all external integration types:

    • You perform testing within your own platform against your solution to ensure that it works properly.

  • You develop your User Documentation in accordance with our guidelines.

During this time, your ThreatConnect Solutions Engineer is available to provide technical assistance with any questions you may have.

Solution Vetting

After your assets are completed and ready for our review, they should be submitted as an approval:

  1. Visit our approvals form: https://jira-tc.atlassian.net/servicedesk/customer/portal/12/group/28/create/110

    1. Select the Approval Type of “Solution Vetting”

    2. Provide a summary of your submission that includes your company and integration type. For example:

      1. ThreatSolutions External REST Integration

      2. SecuLast On-Demand Enrichment

    3. Attach your complete assets:

      1. Deliverable packages based on Integration Type (in-platform integrations).

      2. User Documentation

    4. Submit your assets for review.

  2. We will reach out to you to request access to your Platform in order to complete our testing.

    1. Regardless of your integration type, we must have access to test all features of your integration in order to complete vetting.

  3. We will complete the vetting process against your integration. See this page for more information: https://threatconnect-techpartners.atlassian.net/wiki/spaces/DP/pages/458968

    1. We will provide any feedback on changes necessary and work together with you to complete the value in your integration.

We cannot complete the vetting process for your integration until after a Technology Partners Agreement is in place.

Solution Release

Once your solution has passed vetting, we’re able to release the integration. Depending on your integration:

  • If the integration lives in an external platform, you may release the integration through your normal channels at this point.

  • If the integration lives in the ThreatConnect SOAR Platform, we will publish your integration to our GitHub page within the appropriate section: https://github.com/ThreatConnect-Inc/

Once this solution is released, we can proceed into creating additional assets and assisting you in promoting this integration.