Today’s phishing and social engineering threats move faster and employ more evasion tactics than ever. The initial goal? To bypass multi-layer defenses, including the last ditch “human firewall” of cyber aware employees.

To help  Security Operations Center (SOC) teams keep up with the growing volume of fast-moving social engineering threats and protect their organization, SlashNext and ThreatQuotient have partnered to integrate SlashNext Real-Time Phishing Threat Intelligence with the ThreatQ platform. Now, ThreatQ users can leverage the industry’s broadest, most up-to-the-minute phishing threat intelligence feed to speed threat hunting, expedite email phishing Incident Response (IR), and close the gaps in their phishing defenses by operationalizing a real-time phishing threat feed.

Incorporating SlashNext phishing threat intelligence with the ThreatQ platform will also reduce the cost of time-intensive research on suspicious URLs by checking them against definitive real-time threat intelligence rather than inconclusive URL or domain reputation-based systems. ThreatQ integrations with leading firewall vendors allow security teams to operationalize SlashNext threat intelligence for blocking, providing a real-time shield against live social engineering threats across all six major categories, not just credential stealing and malware sites. This enables companies to better protect their employees from zero-hour phishing threats, which is especially critical for larger organizations in industries such as financial services, government, defense, healthcare, energy, and large-scale manufacturing. 

This integration empowers IT security teams to enrich other intelligence sources to better understand and automate protection from zero-hour phishing and social engineering threats on the Web—regardless of phishing attack vector. The pairing of these two technologies gives users access to the combined strength of both companies providing up-to-the-minute intelligence on live malicious URLs, Domains, IPs, and IOC metadata, right in the ThreatQ platform.

SlashNext includes four phishing feed options – FQDNs, IPs, URLs and Wildcard URLs. In addition, there are four custom attributes that can be set as filters – Threat Type (phishing & social engineering, malware & exploit, callbacks/C2s), Threat Name (e.g., Fake Login Page, Scareware, Rogue Software, etc.), First Seen (contains the time when the threat was first observed as active), and Last Seen (contains the time when the threat was last observed as active).

For more information you can review the new Partner Solution Overview that describes how ThreatQ and SlashNext work together, lists the advantages and benefits of integration, and describes integration use cases or view the details in our ThreatQ Marketplace.

If you are interested in the ThreatQ and SlashNext integration, contact us for a demo or try SlashNext Real-Time Phishing Threat Intelligence free for 15 days to see what threats you’re missing.