ThreatQuotient launches v5 of ThreatQ platform

News Desk -

Share

ThreatQuotient has released version 5 of the ThreatQ platform, which adds capabilities that are needed now to enable the future security operations centre (SOC), where data is the basis. A unique DataLinq Engine for connecting disparate systems and sources to enable extended detection and response (XDR), Smart Collections for driving automation, and an enhanced ThreatQ Data Exchange for bi-directional sharing of data, context, and threat intelligence are among the latest ThreatQ features.

“First-generation SOAR, TIP and XDR technologies have helped SOCs wage their battle against evolving attacks, but not without limitations; it’s time for security solutions to evolve as well. ThreatQuotient believes the foundation for the SOC of the future is data, which is why we doubled down on our DataLinq Engine in v5 of the ThreatQ platform,” said Leon Ward, VP of Product Management, ThreatQuotient.

He added, “Enabled by Smart Collections, and organizations have a strong foundation today to get more out of their data. We look forward to releasing more market leading innovations in 2022, because all data is security data and needs to be incorporated effectively into the security lifecycle.”

“Data equals context in security, and the fact that the data is often so widely spread throughout the typical organization means integrations are critical to detection and response,” said Jason Passwaters, COO, Intel 471.

He added, “ThreatQuotient’s open integration architecture makes bi-directional sharing easy between ThreatQ their DataLinq Engine and the Intel 471 TITAN Platform, which ultimately empowers our joint customers to make data-driven decisions and take the best course of action in response.”

“Data is critical to security because it gives the context needed to focus on relevant, high-priority issues. Ultimately, this focus empowers teams to work faster and more thoroughly when defending against evolving attacks,” said Michel Cazenave, President at Cyber Intelligence X sectors Alliance (CIX-A) and Regional CISO and CSO of PwC France.

“ThreatQuotient’s data-driven approach to security operations is perfectly aligned with the way top-performing teams work and capabilities like the DataLinq Engine, Threat Library and Data Exchange help them to work more efficiently and better manage risk.”

A typical SOC team has access to hundreds of technologies, feeds, and data sources from third parties. ThreatQ bridges the dots by bringing this vast amount of data together on a single work surface, allowing teams to be more thorough in their investigations, cooperation, reaction, and reporting. As a result, operations are more efficient and effective, as evidenced by time savings and additional FTEs, improved risk management, and increased confidence in identifying and responding to an occurrence.

The SOC of the future takes a data-driven approach to increase efficiency, has an open architecture that allows it to ingest any data source without restrictions, and provides balanced automation for teams to translate data-driven context into response, either natively or through tooling for human analysts. The following are some of the key enhancements in ThreatQ v5 that support the SOC of the future:

  • DataLinq Engine that “connects the dots” between data from all internal and external sources in an organization, such as SEIM/SOAR, identity, feeds, cloud, ticketing, and so on, so it can be evaluated and comprehended before a manual or automatic response is taken. Integrations with the technologies that security teams already use can be used to take action. 
  • ThreatQ Data Exchange gives ThreatQ systems more freedom and control over the data they provide. Teams with separate ThreatQ instances can work together by sharing IOCs, adversaries, TTP, and other information. This increased data interchange gives teams greater context to work with.
  • Smart Collections Improve analysis speed by categorizing data automatically and dynamically. This is accomplished through a process in which teams specify essential criteria in advance that automate the enhanced, curated, prioritized, and expired intelligence collected from data.

ThreatQ v5 is ThreatQuotient’s third product announcement in 2021, and it, along with the roughly 300 integrations already available on the ThreatQ Marketplace, demonstrates the company’s commitment to innovation and desire to assist enterprises in defending against emerging threats.