ThreatQuotient selected by Sysdig

Sysdig has standardised on the ThreatQ Platform for data-driven security operations, saving time and improving threat detection and research capabilities at scale.

  • 1 year ago Posted in

On the heels of a strong 2022 that resulted in multiple company growth records, ThreatQuotient™ is pleased to announce that the ThreatQ Platform was selected by Sysdig to help improve the Sysdig Threat Research Team’s detection rules and reporting as the volume of threat data and number of sources continue to grow. A full customer success story detailing this engagement can be found here.

 

As the leading cloud and container security company with customers in more than 40 countries, Sysdig stops attacks with no wasted time. With Sysdig, teams can detect threats in real-time using machine learning, curated rules and policies implemented by the Sysdig Threat Research Team. Sysdig’s deep runtime insight helps companies improve their security posture by focusing on the vulnerabilities, misconfigurations, and compliance gaps that create the greatest risk.

After evaluating multiple security operations platform providers, Sysdig determined that the ThreatQ Platform with the DataLinq Engine met key criteria and delivered additional valuable capabilities, including: effective threat intelligence management with support for different feeds, expiration of threat data, prioritisation of indicators, API-based integration, ease of export, and flexibility to adapt to the unique requirements of the cloud.

“Our use-case driven approach to the evaluation process clearly pointed us to the ThreatQ Platform to help us achieve our goals and demonstrate value back to the organisation quickly,” said Michael Clark, Director of Threat Research at Sysdig. “With the ThreatQ Platform, we can scale our threat research capabilities now and in the future. Whether that’s bringing in additional sources of intelligence, adding rules, or the addition of ThreatQ Data Exchange to share data across different teams.”

 

As a result of using the ThreatQ Platform, Sysdig’s threat research team gains the following benefits:

 

Additional context-rich detection rules

Threat detection rules can be created and fine-tuned faster with data from an expanded number of sources enriched with more context, resulting in better detections for customers. This is particularly important given the current geopolitical climate and rapidly evolving threat landscape.

Time saved for the Threat Research Team

The ThreatQ Platform automates tasks including data aggregation, deduplication, and normalisation. Additionally, based on parameters set by Sysdig Threat Research Team, the platform also automates enrichment, scoring, prioritisation, and expiration, which saves time and reduces noise.

Simplified and enhanced threat intelligence reporting

Visualisations make it easier for the team to analyse and report on what they see and share their intelligence with the broader security community with compelling graphics.

“Technology vendors and experienced software developers naturally consider build versus buy when exploring solutions for their security operations needs. Time and time again, we see the ThreatQ Platform’s flexible and extensible architecture stand out as an important factor for facilitating maximum control, efficiency, and speed,” said John Czupak, President and CEO, ThreatQuotient. “I am also proud that the expertise and responsiveness of ThreatQuotient’s team shines through during evaluation periods and beyond as a significant factor for selection. As a business we have our sights set on new goals for 2023 after a successful 2022, which included the largest deals in company history and a variety of industry award wins that reinforce ThreatQuotient’s position as a market leader in security operations.”

Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...