ThreatQ Data Exchange Unlocks the Value of Industry Threat Intelligence SharingDAVID KRASIK
There’s no doubt that an analyst’s ability to efficiently share curated threat intelligence has a significant impact on the success of their organization’s overall security operations. In fact, this capability is so important that removing barriers to sharing threat information is the first requirement outlined in the Executive Order issued by the White House on May 12, 2021.
At ThreatQuotient, solving this challenge is directly in our wheelhouse, which is why I’m so excited about the latest innovation. Already in use by ThreatQuotient customers, including the U.S. Department of Defense (DOD), ThreatQ Data Exchange is a powerful new component of the ThreatQ platform and is critical for achieving more control over the collection and dissemination of curated threat data.
Built on the foundation of ThreatQuotient’s flexible data model and support for open intelligence sharing standards, ThreatQ Data Exchange makes it simple to set up bidirectional sharing of any and all intelligence data within the ThreatQ platform and scale sharing across multiple teams and organizations of all sizes. ThreatQ Data Exchange provides the ability to granularly define data collections for sharing, and easily connect and monitor a network of external systems with which to share data. Data collections are built using the existing Threat Library™ user interface and allow users to define the groupings of data they want to share, and can incorporate any data available in the Threat Library and are not limited to specific object types or attribute types. These data collections can be used for single connection feeds, reused for feeds to multiple external systems and also used for internal analysis within the Threat Library and Custom Dashboards.
By providing the flexibility to share specific threat data without limitation or worry of exposing data that organizations prefer not to share, ThreatQuotient enables a collective understanding of threats and fosters a safer way to collaborate and share intelligence. Bidirectional communication allows teams to collect feedback from the parties they share with to better understand the security posture of the organization with respect to specific threats they are tracking, highlighting trending intelligence and pinpointing areas of weakness in the coverage. Two-way data exchange can also be used to build a centralized, global memory of threats.
ThreatQ Data Exchange is ideally suited for the following types of organizations:
- Government entities with distinct threat intelligence teams and missions that are federated and need to collaborate and share relevant intelligence.
- Large or medium-sized commercial organizations with locations worldwide or segmented business units that have different risk profiles based on geographic-, partner- and sector-specific nuances.
- Managed Security Services Providers (MSSPs) that provide multi-sector or geographic coverage to their customers.
A principal cyber security analyst within the U.S. Department of Defense (DOD) shares, “ThreatQ has enabled us to organize our Cyber Threat Intelligence into a structured database that lets us use it in ways we previously could not. The consolidation and sharing of information related to each piece of intelligence and the automated ingest of many intelligence feeds has also increased the speed at which awareness is achieved throughout the organization. We continue to pursue new ways to further push the automation and integration of ThreatQ into other security products to further utilize the intelligence we obtain through ThreatQ.” Learn more about how the DOD is leveraging ThreatQ Data Exchange.
ThreatQ Data Exchange is now available for users of the ThreatQ platform. Schedule a demo today.