Threat clustering has evolved—but have our methods kept up?
Join Vertex’s hands-on workshop with @thesilence.bsky.social to explore real-world clustering, decision-making, and where current approaches fall short.
@pivotcon.bsky.social
pivotcon.org#agenda
Want to learn Synapse by doing?
KC7 has a hands-on Synapse module where you:
• Pivot through real data
• Investigate logs (email, web, servers)
• Track APT activity
A great way to build analyst skills
kc7cyber.com/m/a-storm-is...
#threatintel #cybersecurity #synapse
Merging threat clusters shouldn’t fork up your investigation.
New blog covers:
🔹 Moving data between layers (best practices)
🔹 Fixing accidental merges
🔹 Safely merging & recovering in Synapse
👉 vertex.link/blogs/merge-...
#threatintel #cybersecurity #osint
The Vertex Project is a proud sponsor of @firstdotorg.bsky.social in Munich this month!
Looking forward to supporting the CTI community. Find the full agenda here: www.first.org/conference/f...
This May, The Vertex Project hits a major milestone - and you can bet we’re going to celebrate 🎉
We’ve got a few things coming that we’re excited to share.
More soon 👀
vertex.link
#TheVertexProject #Infosec #CTI
We’re excited to be a @botconf.infosec.exchange.ap.brid.gy sponsor next week 🇫🇷
Proud to support the research and collaboration driving the fight against botnets and evolving threats.
Learn more here: www.botconf.eu
#Botconf #CTI #Infosec
A collaborative deep dive into clustering & attributing modern threat ecosystems, featuring a case study on APT41.
Learn more here: web.cvent.com/event/3854aa...
We’re proud Synapse is playing a part in the hands-on workshop at @ccdcoe #CyCon2026 with @lawsecnet.counterintelligence.pl, @euben.bsky.social, and Jiro Minier:
“Threat Actors Can Do Public-Private Partnership Too”
Threat clustering has evolved far beyond simple IOC pivots.
So why hasn’t the conversation around it?
Join us for a hands-on workshop using Synapse Enterprise @pivotcon.bsky.social to explore modern clustering challenges, real-world case studies, and where CTI needs to improve. pivotcon.org#agenda
From data models → investigations → training:
Our Q1 blogs cover how analysts can structure, explore, and operationalize intelligence more effectively.
4 posts worth your time 👇
vertex.link/blogs/inet-s...
vertex.link/blogs/inside...
vertex.link/blogs/censys...
vertex.link/blogs/learni...
ZERO FLOCKS GIVEN
Actually, some flocks given from our analysis.
We revisited our WiGLE Power-Up in Synapse to do some Flock Safety Device hunting
Signal data + context = actionable insight
Do you give a flock? Interested in learning more about the Synapse-WiGLE Power-Up vertex.link/blogs/wigle/
Workshop 2️⃣ : "How it Started / How it's Going - Threat Clustering Workshop 2.0 with Synapse Enterprise" - Jennifer Kolde @thesilence.bsky.social from @vertexproject.bsky.social
3/5
Honored to have received the Corporate Sourcing Supplier Excellence award from @paloaltonetworks.bsky.social at their Partner Awards 🎉
Grateful for the recognition and proud to support the community pushing cybersecurity forward.
Did you know Synapse has a Learning Tool?
Get hands-on with guided workflows + real-world examples to build skills fast.
More roles are asking for Synapse—start here.
vertex.link/blogs/learni...
Synapse gets even better with the community.
Join The Vertex Project Slack — where users trade models, workflows, and ideas. synapsechat.slack.com/ssb/redirect
We’re excited to sponsor @pivotcon.bsky.social!
The newly released agenda highlights something we care deeply about: analytical tradecraft — how researchers pivot through data to produce meaningful intelligence.
Explore the sessions:
pivotcon.org#agenda
ICYMI: We shared a demo from Ryann Hallback (reign) showing the Synapse Vertex-Triage Power-Up in action.
Using an OSINT triage workflow, she shows how CTI teams can combine Spotlight, Automation, and Messages to validate findings and focus on what matters most. www.youtube.com/watch?v=84oG...
Lesson #4: Tools don't catch insider threats. Analysts do.
Insider activity is subtle — individual data points look benign. Detection comes down to context and human judgment.
Synapse helps analysts connect the dots. But the insight? That's irreplaceable.
vertex.link/blogs/inside...
Indicator-driven defenses tell you what was bad yesterday. Proactive pattern recognition helps you anticipate what's bad tomorrow.
Our webinar walks through using the @censys.bsky.social-Synapse Power-Up to level up threat hunting
www.youtube.com/watch?v=raKQ...
Here’s what that looks like in practice 👇
Using colorize, analysts can instantly distinguish cold vs. warm infrastructure clusters based on created timestamps—making patterns easier to spot and pivots faster to execute.
A few weeks ago we dropped the colorize Storm command—bringing run-time colors to tables, maps, and force graphs.
In our Slack, Golo Mühr’s IBM X-Force team used it to instantly surface cold vs. warm infra clusters by their created timestamps.
How are you using colorize?
For reference, here is Golo's force graph visualization:
Missed the webinar with @censys.bsky.social?
Our follow-up blog shows how analysts can pivot from indicators to infrastructure patterns using the Synapse-Censys Power-Up — and turn findings into lasting intelligence.
Find it here: vertex.link/blogs/censys...
🎉A brand new Synapse Power-Up is here!
The new @DoppelHQ Synapse Power-Up brings Doppel alerts into the workflow, helping teams spot typosquatting, correlate activity, and take faster action.
A new step forward for brand protection inside Synapse: synapse.docs.vertex.link/projects/rap...
Staying ahead of the constant flow of intelligence data isn’t about collecting more, it’s about connecting the right signals faster.
Ryann Hallback (reign) shows how analysts cut through noise, link critical data, and move investigations forward with confidence. www.youtube.com/watch?v=84oG...
No analyst gets perfect information.
The best ones find a path forward regardless.
Lesson #3 from Operation Deepfake explores how real investigations require decisions under uncertainty and the discipline to revise them when new evidence appears.
Dive in: vertex.link/blogs/inside...
The team is together in Curaçao this week for some face time, planning, and collaboration 🌴
As a remote-first company, time onsite at The Vertex Project is a rare chance to align on what’s next — with good ideas, great conversations, and a little sunshine to help.
A login time
A download
A meeting invite
Harmless alone. Suspicious together.
Nothing stands out until you connect the dots — then the real story appears.
See all the lessons learned from Operation Deepfake here: vertex.link/blogs/inside...
Missed our webinar on tracking DDoSia’s rapidly changing infrastructure?
We covered how analysts use the Synapse–Censys Power-Up to enrich infrastructure, query host data, and spot fast-moving DDoS campaigns tied to hacktivist activity.
Watch on demand: www.youtube.com/watch?v=raKQ...
Oops! If you attempted our CYBERWARCON Challenge - Operation Deepfake - you likely received an error - our apologies! We “fixed the glitch” ;)
Try it here: vertex.link/blogs/inside...
