ThreatQuotient Enables Companies to Scale Security Operations Through Effective and Efficient Use of Threat Intelligence
Internal security operations teams work smarter, not harder with cybersecurity automation that balances human workflow management with automation
ASHBURN, VA. USA – October 1, 2024 – ThreatQuotient™, a leading security operations platform innovator, today announced Version 6 of the ThreatQ Platform, a major upgrade with significant enhancements to the platform and multiple modules. Dedicated to providing security operations center (SOC) and cyber threat intelligence analysts with a simplified, data-driven approach to automating their work, the ThreatQ Platform has more than 30 new feature innovations and improvements since version 5.0.
- Scaling collaboration with easy intelligence sharing
With industries experiencing more attacks than ever before, collaborating and sharing threat intelligence is a vital capability to scale security operations. The platform focuses on human workflow management combined with data-driven automation, enabling internal teams to scale processes quickly to be more effective and to deliver more efficacy in their outcomes. It achieves this through a fine balance of human know-how combined with automation and machine intelligence.
The platform enables not only the quick sharing of threat intelligence but also a host of new integrations and enhanced STIX2.1/TAXII interoperability, providing superior ecosystem partner support. In the past 12 months, the number of available workflow actions has doubled to deliver further momentum to the ThreatQ Marketplace, including key use cases such as automated hunting in multiple SIEM platforms.
Leon Ward, Vice President Product Management, ThreatQuotient comments:
“Organizations have never experienced the volume and impact of attacks that they've witnessed in recent quarters, but on the positive side, defenders collectively have never had so much hands-on experience in responding to those same incidents. Through collaboration and sharing, defenses can be scaled so others are able to respond faster and more accurately, which is what we aim to do through the enhancements that we have built into the ThreatQ Platform. Sharing of key intelligence at scale with third parties has never been easier through the new integrated TAXII server included in ThreatQ Data Exchange.”
- Scaling workflows by combining humans, automation, and AI
The ThreatQ Platform delivers scalable workflows that strike a balance between human management and automation. ThreatQ ACE uses natural language processing and keyword matching to automatically identify and extract valuable threat intelligence from unstructured text in data feeds.
Additionally, the platform has powerful integrations with generative AI tools such as ChatGPT to accelerate contextual information gathering and sharing. Security professionals can leverage generative AI through the ThreatQ Platform to draft plain text descriptions of detected threats.
- Scaling the ecosystem with the ThreatQ Integration Framework
ThreatQuotient delivers automation, scale, sharing and seamless support via an ecosystem of over 450 product and feed integrations available from its online marketplace. Integrations include intelligence feeds, security tools, enrichment services, sandboxes, and many more. In addition, ThreatQuotient provides the ThreatQ Integration Framework with intuitive tools to customize integrations or build custom integrations from scratch. ThreatQuotient continues to develop new capabilities to improve the user experience for analysts. This includes Batch Actions, a capability focused on the ticketing use case that enables users to reduce their workload by easily batching related tickets for remediation (e.g. a single ticket for a CVE that lists affected systems that need to be remediated instead of a ticket per system).
ThreatQuotient customer Thales has deep experience of using the ThreatQ Platform to scale its advanced, personalized threat intelligence service. The company has built one of the largest Cyber Threat Intelligence Services in Europe using the ThreatQ Platform delivering tailored, prioritized threat intelligence drawn from diverse threat data sources and cybersecurity tools. Ivan Fontarensky, Technical Director, CyberDetect and Response at Thales, said: “Our partnership with ThreatQuotient has helped us grow from a team of one to 50 in a few years and become the largest CTI provider in Europe. Today threat intelligence is strategic to our cybersecurity products and research and to our continued market leadership.”
The latest cybersecurity automation research from ThreatQuotient, which will launch in November 2024, highlights that to fight today’s adversaries, threat intelligence teams need to scale their capabilities. The research highlights that automation is providing tangible benefits in a continuously unpredictable environment with 98% of survey respondents seeing budget increases for cybersecurity automation and nearly 40% now securing net new budgets rather than diverting it from other areas. Additionally, trust in cybersecurity automation is rising as users gain confidence. The research reveals that more than half of organizations regularly share threat intelligence with partners and suppliers and 48% share threat intelligence through official industry channels, which underlines the value of developing solutions that enable faster and more comprehensive intelligence sharing.
In the last 12 months, ThreatQuotient has taken additional steps to partner with more industry peers, and recently announced that the ThreatQ Platform is now available in AWS Marketplace. ThreatQuotient’s mission is to enable cybersecurity teams to optimize threat detection, investigation, and response. Additionally, as it has focused on extending its ecosystem, earlier this year it announced its membership in the Electricity Information Sharing and Analysis Center’s (E-ISAC) vendor affiliate program. This partnership marks a significant step forward in fortifying the cybersecurity defenses of North America's electricity grid against evolving threats.
To learn more about the latest integrations and features available within the ThreatQ Platform, request a demo or visit our ThreatQ v6 resources for more information.
About ThreatQuotient
ThreatQuotient improves security operations by fusing together disparate data sources, tools and teams to accelerate threat detection and response. ThreatQ is the first purpose-built, data-driven threat intelligence platform that helps teams prioritize, automate and collaborate on security incidents; enables more focused decision making; and maximizes limited resources by integrating existing processes and technologies into a unified workspace. The result is reduced noise, clear priority threats, and the ability to automate processes with high fidelity data. ThreatQuotient’s industry leading integration marketplace, data management, orchestration and automation capabilities support multiple use cases including threat intelligence management and sharing, incident response, threat hunting, spear phishing, alert triage and vulnerability management. ThreatQuotient is headquartered in Northern Virginia with international operations based out of Europe, MENA and APAC. For more information, visit www.threatquotient.com.
Media Contact
Paula Elliott
C8 Consulting for ThreatQuotient
Paula@c8consulting.co.uk
+44 7894 339645