ThreatQ Integration with Infoblox Accelerates Response to Emerging ThreatsLIZ BUSH
ThreatQuotient was founded on the belief that you cannot defend against what you do not understand. Understanding comes from visibility and context, which is why I’m so excited to tell you about our new integration with Infoblox, whose solutions provide security teams with greater visibility and context into emerging threats that leverage IP addresses and domains for malicious purposes.
This integration comes at a perfect time. As distributed work models become the norm and the attack surface expands dramatically, Infoblox’s services are more important than ever – helping to keep workers secure wherever they may be. Infoblox is the leading provider of DNS, DHCP and IP address management services, focusing on managing and identifying Internet connections, regardless of network, device or location, and helping to identify risky connections. Infoblox DNS can put more than 45 million threat indicators to work for security teams by providing advanced DNS security as SaaS-based services from the cloud or as a hybrid on-premise/SaaS solution.
The combination of Infoblox DNS and IP address visibility and contextual data and the ThreatQ platform enables teams to categorize, manage and respond to threats faster and more efficiently. When Infoblox context about connections is integrated with the ThreatQ platform, analysts can:
- assess, categorize and manage security incidents faster
- eliminate unnecessary, duplicate and irrelevant indicators before they enter the network
- enforce security by blocking DNS requests to malicious resources (IP addresses and domains)
Joint customers get more value from their existing investments in Infoblox and ThreatQ. The integration eliminates the time-consuming, manual and error-prone task of monitoring for lookalike domains between Infoblox and their environment. Analysts can augment and enrich internal and external threat data within the ThreatQ Threat Library with threat data from Infoblox to accelerate analysis. And because the integration is bi-directional, ThreatQ can automatically add or remove indicators from your Infoblox service to enforce security policy and continuously strengthen security posture.