Evaluating Threat Intelligence Solutions? Download the New Gartner Market GuidePOSTED BY LIZ BUSH
The surge in the number of remote workers, connected devices, email traffic and new technologies in use over the past few months, has created an explosion of opportunities for cybercriminals. Contract-tracing apps, news of vaccines and the impending election season will continue to fuel the flame, and with that, the need for threat intelligence. Now more than ever, security leaders need to understand the range of threat intelligence products offered and which solutions are best aligned with their organizational security needs. To help you make that determination, I encourage you to download your complimentary copy of the 2020 Gartner Market Guide for Security Threat Intelligence Products and Services.
In the report, Gartner analysts note, “Investment and client interest in threat intelligence platforms (TIPs) has increased in the past year.” What’s driving this?
Three of the key findings, that we also hear in conversations with security professionals, include:
- The need for threat intelligence across a range of use cases. Be it spear phishing, alert triage, threat hunting, fraud, incident response or vulnerability management, threat intelligence is the foundation for each use case and thus, the lifeblood of security operations. The ThreatQ platform allows you to integrate with complementary systems, playbooks and processes efficiently and effectively to take action faster. Whether the use case points you to technology for case management, ticketing, log management, SIEM, detection and prevention, or vulnerability scanning, each of these requires relevant and prioritized threat intelligence pumping through it in order to perform as promised.
- A rise in other functions in the organization using threat intelligence. Beyond the groups typically associated with the use cases outlined above – SOC analysts, threat intel analysts, network security, endpoint security, fraud and risk management, and incident responders – marketing and human resources departments are also using threat intelligence. For example, with access to relevant threat intelligence, marketing teams can understand how attackers use social media to compromise organizations and employees and identify steps they can take to mitigate risk. And human resources teams are great ambassadors for raising awareness and adoption of security policies among employees and reinforcing a cybersecure culture. An understanding of high-priority threats helps them focus on areas that matter most to the organization.
- The movement of TIPs to deliver full SOAR functionality, reducing the need for multiple tools to achieve SOAR. ThreatQuotient approaches SOAR by starting with the threat because we believe you cannot defend against what you do not understand. We have deep roots in threat intelligence management with our ThreatQ threat intelligence platform, but we also encompass automation, orchestration and incident response capabilities within our solutions. Bringing security teams, processes and technology together within the construct of a single security architecture, the platform drives efficiency and effectiveness, eliminating repetitive tasks so that analysts are free to focus on higher priority activities.
The recent global crisis has forever changed how businesses operate. Remote work will likely never return to previous levels. In fact, surveys show that a majority of employees currently working remotely would like to continue to do so at least occasionally, while others would like it to be their primary way of working. As we go more virtual and remote, and because disruptive events are inevitable, threat intelligence will remain critical to increasing business resiliency in the face of rising threats. If you’re considering an investment in threat intelligence products and services, download Gartner’s new Market Guide for a deeper understanding of how to evaluate the capabilities and features of threat intelligence offerings and how to take a use-case-based approach to match solutions to your needs.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Gartner Market Guide For Security Threat Intelligence Products and Services, Craig Lawson, Brad LaPorte, Mitchell Schneider, John Collins, Ruggero Contu, 20 May,2020