QuoLab Technologies’ Security Operations Platform

Additional Info

CompanyQuoLab Technologies
Websitehttps://quolab.com/
Company size (employees)10 to 49

Overview

QuoLab’s Security Operations Platform (SOP) brings a unified defense approach to the security operations center (SOC) by taking the best of security orchestration, automation and response (SOAR) capabilities, merging those with the power of a threat intelligence platform (TIP), and enriching incident-related data with open-source intelligence. This unified platform empowers analysts to make the best possible incident response decisions at machine speeds and at scale while also bolstering proactive threat hunting capabilities for all other organizations who participate in QuoLab’s collaborative data sharing network. With access to unified workspaces, synergy is created between analysts, operators and technologies, and proactive security is achieved through data fusion, automated triage and analytics.

When integrated into a network, the platform becomes the workbench from which all actions take place, including the ingesting, analyzing, tracking, managing and investigating of threat data and alerts. The platform cuts data and malware processing times by 50% and increases the speed by which threats are matched by 480%. This reduction in overhead makes it possible for operators to focus on response and recovery from the most significant threats.

The platform automates the management of threat intelligence feeds through an extensive library of dedicated connectors with full support for MISP, STIX, OTX, YARA, and many more open formats. Its REST API allows organizations to configure and manage their own data integrations, while connectors for internal security controls ensure that critical data points are being tracked.

How we are different

●QuoLab is designed to deliver a collaborative environment that supports the acquisition and fusion of data sets while also enabling teams to support each other by interacting around cases instead of executing processes in a linear fashion. When integrated into a network, the platform becomes the workbench from which all actions take place, including the ingesting, analyzing, tracking, managing and investigating of threat data and alerts.


●Some of the key integrated tools that enable QuoLab to fit all of the needs of a forensics professional include AlienVault, whose Open Threat Exchange (OTX) enables collaborative defense with actionable, community-powered threat data, as well as Intel 471, which provides adversary and malware intelligence for security, fraud and intelligence teams. The adversary intelligence provided by Intel 471 focuses on infiltrating and maintaining access to closed sources where threat actors collaborate, communicate and plan cyberattacks. These tools allow forensics teams and organizations to collaborate on security cases in a controlled environment where they are in control of their data and the way it is leveraged.


●QuoLab’s robust list of integrations allow for interactions between both baseline and specialized tools, providing IR professionals with a framework that meets the needs of IR, TI analysts and security operations center (SOC) teams all in one dashboard. By delivering a single target centric case system where each case is documented over time, the various teams involved with response and remediation tasks get a streamlined and unified view. The same case system is used to document emerging threats by threat intelligence teams and vendors fusing the data sets, which facilitates alerts, sightings, prioritization, and hunting activities.