ThreatQ Threat Intelligence Platform

Additional Info

CompanyThreatQuotient
Websitehttp://www.threatq.com
Company size (employees)50 to 99

Overview

ThreatQuotient believes that threat data and intelligence is the most valuable tool to identify, prevent and respond to threats. However, to make use of this, organizations need an approach to security operations that relies on a single, systemic security architecture that supports all teams and use cases and continuously improves.

This approach is grounded in the ability to look at the entirety of a problem and prioritize it by answering fundamental questions, including: What can be immediately and automatically filtered out? What is a known threat and needs attention – either automatically or requires human intelligence (either by a person or team)? What are the items that need more investigation? The goal is to automate the identification of noise and threats to reduce the number of items that need investigation and provide greater focus for the limited resources on the team. This is the role of the ThreatQ threat intelligence platform. It provides the context and foundational understanding that is needed for effective security operations.

ThreatQ enables a shared understanding across teams and tools within an organization’s defense infrastructure. It supports both reactive use cases (responding to events) as well as proactive use cases (anticipating threats, orchestrating and synchronizing threat intelligence across systems). ThreatQ becomes a single source of truth for all threat data and intelligence across systems and teams, allowing them to collaborate. Threat intelligence becomes the glue for an integrated defense and coordinated response.

By deploying ThreatQ to provide structure to cyber intelligence and perform core workflows, organizations can regain the analytical productivity and efficiency of Security Operations Center (SOC) analysts. ThreatQ’s ability to automatically re-prioritize millions of indicators without requiring constant analyst intervention also eliminates the need for a team of analysts performing the typical tasks of the intelligence lifecycle.

How we are different

1) Customer-defined Prioritization – ThreatQ ingests, normalizes, de-dupes and correlates threat data and events from external and internal sources into a single Threat Library. When new data or context enters the system, from any source or feedback captured from current tools and teams, ThreatQ will automatically re-prioritize millions of indicators, adversaries, etc. This continuous threat assessment ensures that highest priority threats are identified, understood, acted upon and learned from.


2) Deep integrations and ecosystem – ThreatQ is an open and extensible platform built on APIs to integrate with any system or tool. This architecture allows for deep integrations and bi-directional data sharing, enabling the orchestration, automation and synchronization of cyber threat intelligence across systems and teams.


3) Go to Market – ThreatQuotient’s pricing and go to market models simplify the consumption of a TIP. Pricing is straight-forward without additional charges per integration or higher indicator counts. To address companies with less mature security operations we partner with MSSPs, jointly defining a threat intelligence service offering. We also provide comprehensive support and professional services.