Ovum’s Analysis of Threat Intelligence PlatformsPOSTED BY LIZ BUSH
If you plan to use one of the many security events this spring as an opportunity to research threat intelligence platforms (TIPs), consider arming yourself with the new Ovum Market Radar: Threat Intelligence Platforms report. This report can prevent “information overload” when attending these busy conferences. Ovum has done much of the legwork for you, so you can make the best use of your time – homing in on who to speak with, key questions to ask, what to expect and where to focus your attention.
You’re not alone when it comes to solving the threat intelligence management challenge. As threat levels continue to escalate, security teams are looking for ways to understand these threats so that they can protect themselves and mitigate risk more effectively.
This really isn’t a question of needing more threat feeds. Most organizations typically have more threat feeds than they know what to do with from commercial sources, open source, government, industry and existing security vendors. Not to mention the internal threat and event data and alerts spread across the organization and housed within various systems and tools. Sources like SIEM systems, log management repositories and case management systems contain events and associated indicators from inside your environment. What you need is a way to make better use of the data you have.
To gain a better understanding of threats, the first challenge is to aggregate these millions of global threat data points, translate them into a uniform format for analysis, and then enrich that intelligence with information from internal sources. This allows you to gain context to understand the who, what, where, when, why and how of an attack.
This is what TIPs are designed to do.
The ThreatQ platform goes much further:
- automating scoring and prioritization to reduce the noise so you can focus on what matters
- providing a shared understanding among teams that accelerates analysis
- enabling collaborative investigation and orchestrated response
- learning over time with a continuous feedback loop that improves security operations
The report by Ovum outlines the key capabilities of TIPs, the market landscape and main players, and more details on how ThreatQuotient stands apart. If you’re considering a TIP and want to get a third party’s perspective as you investigate your options, download this report now or read our announcement.