THREATQ™
Purpose-built Threat Intelligence Platform for optimized
THREAT DETECTION, INVESTIGATION AND RESPONSE
Improve the efficiency and effectiveness of existing security operations by fusing together disparate data sources, tools and teams to accelerate threat detection, investigation and response. The platform starts with getting data in different formats and languages from different vendors and systems to work together. From there, it focuses on getting the right data to the right systems and teams at the right time to make security operations more data-driven, efficient and effective.
DATALINQ ENGINE
Connecting disparate systems and sources, this adaptive data engine imports and aggregates external and internal data; curates and analyzes data for decision making and action; and exports a prioritized data flow across the infrastructure for improved prevention, and accelerated detection and response.
Ingest
and aggregate structured and unstructured data via Marketplace apps and an open API.
Normalize
automatically from different sources, formats and languages into a single object.
Correlate
across atomic pieces of data to identify relationships and provide a unified view.
Prioritize
via customer controlled, dynamic scoring to ensure relevance and filter noise.
Translate
data into the format and language necessary for consumption across systems.
THREAT LIBRARY
The Threat Library serves as the single source of truth for threat detection and response data and related context. By storing and prioritizing the data collected from previous detections, investigations and incidents, the Threat Library serves as organizational memory and learns and improves over time.
Extensible Data Model
Extend and configure custom objects to support additional data types and address new use cases.
Dynamic Scoring
Automatically score and prioritize internal and external intelligence based on your parameters.
Smart Collections
Define specific data groups for categorization or action based on variables and characteristics.
THREATQ MARKETPLACE
Integrate your existing security solutions within a data-driven threat intelligence platform. ThreatQ supports an ecosystem of over 450 product and feed integrations, provides the ThreatQ Integration Framework including easy-to-use tools for custom integrations, streamlining threat detection, investigation and response across your security infrastructure.
THREATQ PLATFORM MODULES
INVESTIGATIONS
TDR ORCHESTRATOR
Simplify Security Automation, TIP and TDIR by making them data-driven, open and efficient.
Learn More >
DATA EXCHANGE
Learn More >
THE POWER OF THREATQ
The ThreatQ Platform supports the following use cases:
Threat Intelligence Management
Turn threat data into threat intelligence through context and automatically prioritize based on user-defined scoring and relevance. Learn More
Threat Hunting
Empower teams to proactively search for malicious activity that has not yet been identified by the sensor grid. Learn More
Incident Response
Gain global visibility to adversary tactics, techniques and procedures to improve remediation quality, coverage and speed. Learn More
Spear Phishing
Simplify the process of parsing and analyzing spear phish emails for prevention and response. Learn More
Alert Triage
Send only threat intelligence that is relevant to reduce the amount of alerts that need to be investigated. Learn More
Vulnerability Management
Focus resources where the risk is greatest and prioritize vulnerabilities with knowledge about how they are being exploited. Learn More