Reinventing How Organizations Can Use Threat IntelligencePOSTED BY JOHN CZUPAK
Introducing the Industry’s First Cybersecurity Situation Room
We ended last year with record results and performance and I’m proud to say that we’re carrying this momentum into this year with an innovative solution we’re announcing today. ThreatQ Investigations is the industry’s first cybersecurity situation room designed for collaborative threat analysis, shared understanding and coordinated response.
It’s an exciting, new solution that comes at a time when organizations are dealing with the reality that no matter how many defensive measures they put in place, breaches inevitably occur. Security operations need to transition from a protect and defend mentality to one that is more focused on detect and respond. ThreatQ Investigations enables this shift. With ThreatQ Investigations all teams that are part of security operations can work together to take the right actions faster than ever before and reduce MTTD (mean time to detection) and MTTR (mean time to respond).
In fact, Jeremy Scott, Director, Global Threat Research, Global Threat Intelligence Center (GTIC), NTT Security tells us: “Like many organizations, NTT Security is continuously working on new and improved ways to enhance the collection of data from various sources, correlating and analyzing that data with NTT Security’s own threat intelligence, and then using it to proactively protect against the real-world threats we face every day. ThreatQ Investigations enables our team to not only collaborate, coordinate and document investigations, but visually pivot through vast amounts of data to increase the effectiveness of our team and our analysis processes, ultimately providing stronger detections and threat intelligence for our customers.”
Built on top of the ThreatQ threat intelligence platform, the solution brings order to the chaos that occurs within security operations when teams work in silos – acting independently, inefficiently and unable to share intelligence and tasks easily. ThreatQ Investigations allows real-time visualization of an investigation as it unfolds within a shared environment, enabling teams to better understand and anticipate threats, as well as coordinate a response.
Even when teams work in different areas, geographies, time zones or shifts, they can still have real-time visibility into the actions taken, by whom and when. All parties involved in the investigation process can collaborate and coordinate their actions and accelerate overall security operations.
ThreatQ Investigations is another major milestone as we deliver on our vision to apply threat intelligence to improve security operations and solve problems that aren’t really being addressed today. You can watch this brief video of me, Ryan and Wayne to hear more.
We’re excited to unveil ThreatQ Investigations at RSA Conference 2018 next week. If you’re there, stop by our booth S2601 and we’ll be happy to show you the solution. We hope to see you there!