|Company size (employees)
|100 to 499
|Type of solution
ThreatQuotient believes that threat data and intelligence are the most valuable tools to identify, prevent, and respond to threats. To make use of it, however, organizations need an approach to security operations that relies on a single, systemic security architecture that supports all teams and use cases and continuously improves.
ThreatQ is an open and extensible threat intelligence platform that helps to automate the identification of noise and threats to reduce the number of items that need investigation and provide greater focus for the limited resources on the team. ThreatQ, the first platform for data-centric security operations, enables a shared understanding across teams and tools within an organization’s defense infrastructure.
Security operations teams use ThreatQ to apply customer-defined scoring of threat intelligence, quickly deploy threat data to existing sensor grids, and focus workflows on time to detect (TTD) and time to respond (TTR). The ThreatQ platform supports multiple use cases including incident response, threat hunting, spear phishing, alert triage, vulnerability management and serving as a threat intelligence platform, and supports future use cases by adapting to changing business needs.
In 2021, ThreatQuotient announced new capabilities: ThreatQ TDR Orchestrator, and ThreatQ Data Exchange.
ThreatQ TDR Orchestrator is a new data-driven automation capability for more efficient and effective threat detection and response. This capability enables users to control what actions are to be taken, when, and why through the use of data. ThreatQ Data Exchange is built on the foundation of ThreatQuotient’s flexible data model and support for open intelligence sharing standards, making it simple to set up bidirectional sharing of any and all intelligence data within the ThreatQ platform and scale sharing across multiple teams and organizations of all sizes.
How we are different
ThreatQ v5 uses a data-driven approach to improve efficiency, has an open architecture to ingest any data sources free of limitations, enables balanced automation for teams to translate data-driven context to drive response, either natively using machine automation or with tooling for human analysts. By providing the flexibility to share specific threat data without limitation or worry of exposing data that organizations prefer not to share, ThreatQuotient enables a collective understanding of threats and fosters a safer way to collaborate and share intelligence.
Today, the DoD is leveraging the ThreatQ Platform to support the warfighter in tackling the vast amounts of data they have access to, understanding relevance and priority, and effectively and efficiently taking action. With ThreatQ Data Exchange, those services can share curated, vetted threat intelligence with their peers across the DoD.
Key differentiators of the ThreatQ Platform:
- Ingests, normalizes, de-dupes and correlates threat data and events from external and internal sources into a single Threat Library, providing customer-defined controls so a company can customize scoring and prioritization of threats.
- Offers the most in-depth set of integrations in the industry to work seamlessly with and complement a wide range of solutions, including enrichment and analysis tools, orchestration, sensors, SIEM and log management, ticketing and intelligence feeds.
- Pricing is straight-forward without additional charges per integration or higher indicator counts. To address companies with less mature security operations they partner with MSSPs, jointly defining a threat intelligence service offering. ThreatQuotient also provides comprehensive support and professional services.