Launch of ThreatQ 3.0, new Partner Integration Program and Professional Services Surpasses Existing Solutions with Customer-Defined Prioritization, Intelligent Automation, Expanded Interoperability and Robust Threat Operation Services
RESTON, VA – Jan. 31, 2017 – ThreatQuotient™, a trusted threat intelligence platform innovator, today announced new ThreatQ platform advancements, a robust Partner Integration Program and Professional Services offerings to answer industry demand to make threat intelligence operational within the context of a company’s specific environment. With these new offerings, ThreatQuotient is leading the charge for security operators, threat analysts and business executives who need faster, richer insights to make accurate decisions and improve their security posture.
“The industry has realized that the aggregation and sharing of threat data is not enough to succeed. Threat intelligence platforms need to do more to support the utility of threat intelligence as part of security operations,” said Leon Ward, Senior Director, Product Management, ThreatQuotient. “ThreatQ has been purpose-built to support the threat operations within a company. It is designed to help customers focus their resources on the high-risk items that are most pertinent to their business.”
Companies are being challenged by too much threat data, and without comprehensive context, it is hard for operators to identify a starting point for investigations. ThreatQ 3.0 solves this challenge through automated prioritization of intelligence based on customer-defined parameters. The platform combines and correlates data from multiple sources, both external and internal, and calculates a unified opinion with a single, transparent score. This unified opinion alleviates operator confusion in the case where threat data is rated differently by various providers or is lacking context behind how the rating was determined.
“ThreatQuotient can help organizations address major challenges for security operations and threat analyst teams by providing them with a platform for threat operations that can help them customize, prioritize and make use of their threat intelligence,” added Jon Oltsik, Senior Principal Analyst at Enterprise Strategy Group. “ThreatQuotient can enable organizations to achieve greater security, and foster improved, more effective collaboration across all teams that are part of the modern threat operations and IT environment.”
According to Gartner, “Threat intelligence platforms also aid the SOC in bringing in external threat landscape context in a more efficient manner and assist with incident response, threat forecasting and threat intelligence sharing, ingesting many flavors of threat intelligence and then actioning it.” Gartner, Inc., The Five Models of Security Operation Centers, Oliver Rochford, Craig Lawson, October 2015, Foundational December, 2016.
To address these challenges, ThreatQ has the only self-tuning Threat Library, updating priority and relevance based upon the customer-defined parameters, as more data and context comes into the system. With validated context and a stronger understanding of what data is the most relevant to their company, operators can cut through the noise and focus their investigations on the highest risk threats first. ThreatQ is the best platform to serve as the cornerstone for a company’s security operations and the use cases relying on threat intelligence.
ThreatQ enables successful cyber threat operations and management by empowering teams to collaborate on intelligence, manage defenses across their infrastructure, and respond to threats effectively. ThreatQ 3.0 will be available in March 2017.
Partner Integration Program
The power of the ThreatQ platform lies in its open, extensible architecture, allowing for strong integration and interoperability with existing infrastructure. ThreatQuotient’s new Partner Integration Program is a robust ecosystem that leverages the ThreatQ Open Exchange through a software development kit (SDK), easy-to-use application programming interfaces (APIs) and a comprehensive set of industry-standard interfaces to fully integrate with the equipment, tools, technologies, people, organizations and processes that protect your business.
ThreatQ allows both standard integrations and BYO connectors and the platform can easily enable more. Representative partners in the program include: Cisco, CrowdStrike, DomainTools, Farsight Security, FireEye, Flashpoint, Phantom, Recorded Future, Symantec, Verisign, VirusTotal and Wapack Labs. The full list of over 50 integration partners can be found here.
The company’s new Professional Services team will work with customers to assess, design, and build their threat operations program to fit their needs. ThreatQuotient, together with their channel and managed services providers, offers services designed to ensure that threat intelligence will be operational and optimally utilized within a company, including program assessment and definition, platform design and training, integrations training, and custom connector development and implementation.
“The ThreatQ platform is the driving force behind our threat operations. Its Threat Library and workbench are key capabilities our SOC analysts and other security tools used to identify what adversaries are involved on a given detected attack,” said Antonin Hily, MSSP Director, Sopra Steria. “Our day-to-day SOC activities are heavily focused on enriching the intelligence attached to our customer’s adversaries to provide our customers with a full understanding of the risk mitigated by our service.”
“CrowdStrike has partnered with ThreatQuotient to enable mutual customers to correlate high fidelity threat intelligence from CrowdStrike Falcon Intelligence against events in their environment for faster identification, prioritization, and remediation of security events. This integration allows users to drive security decision-making based on accurate threat intelligence to protect their networks.” – Adam Meyers, Vice President of Intelligence, CrowdStrike
“The ability to prioritize and respond quickly to threats facing your specific organization is critical to fighting cybercrime today. Our DNS intelligence data – integrated into the easy-to-use ThreatQ platform – provides users with critical historical context on suspicious IP addresses and domain names that enables users to validate an existing threat or reveal previously unknown intelligence for your investigations. We are proud to partner with ThreatQuotient, and look forward to working together to putting together the tools in place to improve decision making to reduce risk.” – Andrew Lewman, CRO, Farsight Security, Inc.
“Today’s dynamic threat landscape requires a proactive, intelligence-led security model. We are excited to partner with ThreatQuotient, providing a means for joint customers to use our intelligence as part of the ThreatQ adaptive workbench to fuse additional context, increase relevance, and minimize risk of potential threats poised to disrupt their business.” – John Watters, EVP, FireEye Global Intelligence & Services
“Flashpoint partners with ThreatQuotient to provide curated Business Risk Intelligence (BRI) derived from the Deep & Dark Web to both of our clients. ThreatQuotient is able to operationalize our data to apply it to specific BRI use cases that help organizations make more intelligent decisions, and more quickly take action.” – Josh Lefkowitz, CEO and Co-Founder, Flashpoint
“In the quest to operationalize threat intelligence, integration between the ThreatQ and Phantom platforms enables new standards for speed and scale. The richness of their API and effectiveness of our community-powered approach results in bi-directional exchange of security data and the linkage of our robust ecosystems, setting customers up for an unlimited number of automated use cases.” – CP Morey, Vice President of Products and Marketing, Phantom
“In the face of highly sophisticated adversaries and escalating attack volumes, enterprises are moving rapidly to leverage cyber intelligence to develop more effective defensive strategies and tactics. ThreatQuotient’s enhanced platform and new services provide organizations with a means to more rapidly and effectively operationalize their DeepSight Intelligence to maximize risk reduction.” – Al Cooley, Director of Symantec DeepSight Intelligence
ThreatQuotient™ understands that the foundation of intelligence-driven security is people. The company’s open and extensible threat intelligence platform, ThreatQ, empowers security teams with the context, customization and prioritization needed to make better decisions, accelerate detection and response and advance team collaboration. Leading global companies use ThreatQ as the cornerstone of their threat operations and management system, increasing security effectiveness and efficiency. For more information, visit http://www.threatquotient.com.