ThreatQ 3.0
Companies are being challenged by too much threat data, and without comprehensive context, it is hard for operators to identify a starting point for investigations. ThreatQ 3.0 solves this challenge through automated prioritisation of intelligence based on customer-defined parameters. The platform combines and correlates data from multiple sources, both external and internal, and calculates a unified opinion with a single, transparent score. This unified opinion alleviates operator confusion in the case where threat data is rated differently by various providers or is lacking context behind how the rating was determined.
“ThreatQuotient can help organisations address major challenges for security operations and threat analyst teams by providing them with a platform for threat operations that can help them customise, prioritise and make use of their threat intelligence,” added Jon Oltsik, Senior Principal Analyst at Enterprise Strategy Group. “ThreatQuotient can enable organisations to achieve greater security, and foster improved, more effective collaboration across all teams that are part of the modern threat operations and IT environment.”
According to Gartner, "Threat intelligence platforms aid the SOC in bringing in external threat landscape context in a more efficient manner and assist with incident response, threat forecasting and threat intelligence sharing, ingesting many flavours of threat intelligence and then actioning it." Gartner, Inc., The Five Models of Security Operation Centres, Oliver Rochford, Craig Lawson, October 2015, Foundational December, 2016.
To address these challenges, ThreatQ has the only self-tuning Threat Library, updating priority and relevance based upon the customer-defined parameters, as more data and context comes into the system. With validated context and a stronger understanding of what data is the most relevant to their company, operators can cut through the noise and focus their investigations on the highest risk threats first. ThreatQ is the best platform to serve as the cornerstone for a company’s security operations and the use cases relying on threat intelligence.
ThreatQ enables successful cyber threat operations and management by empowering teams to collaborate on intelligence, manage defences across their infrastructure, and respond to threats effectively. ThreatQ 3.0 will be available in March 2017.
Partner Integration Program
The power of the ThreatQ platform lies in its open, extensible architecture, allowing for strong integration and interoperability with existing infrastructure. ThreatQuotient’s new Partner Integration Program is a robust ecosystem that leverages the ThreatQ Open Exchange through a software development kit (SDK), easy-to-use application programming interfaces (APIs) and a comprehensive set of industry-standard interfaces to fully integrate with the equipment, tools, technologies, people, organisations and processes that protect your business.
With over 50 integration partners, ThreatQ allows both standard integrations and BYO connectors and the platform can easily enable more. One new partner announced today includes Farsight Security, Inc.
“The ability to prioritise and respond quickly to threats facing your specific organisation is critical to fighting cybercrime today. Our DNS intelligence data – integrated into the easy-to-use ThreatQ platform – provides users with critical historical context on suspicious IP addresses and domain names that enables users to validate an existing threat or reveal previously unknown intelligence for your investigations,” said Andrew Lewman, CRO at Farsight Security, Inc. “We are proud to partner with ThreatQuotient, and look forward to working together to putting together the tools in place to improve decision making to reduce risk.”
