ThreatQuotient™ announced an integration with Intel 471, the premier provider of cybercrime intelligence. The combination of Intel 471 Cybercrime Intelligence and the ThreatQ™ threat intelligence platform offers organizations real-time insight into existing and emerging threats within the cybercriminal underground and equips them with proactive capabilities to mitigate impact to their organizations, assets, and people.
Intel 471’s cybercrime intelligence is curated by infiltrating and maintaining access to closed sources where threat actors collaborate, communicate, and plan cyber-attacks. Leveraging this underground access, Intel 471’s intelligence provides timely data and context on malware and adversary infrastructure. By centralizing adversarial and malware intelligence within the ThreatQ platform, users are able to simplify complex security threats and automatically integrate the right intelligence across their security ecosystems to inform security decision-makers.
“ThreatQuotient is pleased to partner with Intel 471 to provide organizations with enhanced resources to validate or improve their fraud controls and countermeasures. There is no single security solution that provides a silver bullet against attacks, so as an industry we must continuously innovate to support organizations in finding an optimal balance between system automation and expert analysis,” says Haig Colter, Director of Alliances at ThreatQuotient. “By using ThreatQ to automate certain actions and workflows, tools and people can work in unison, and security teams can focus resources on the most relevant threats and collaboratively investigate and respond to take the right actions faster.”
ThreatQ’s Open Exchange provides an extensible and flexible environment for analysts to make their security operations more efficient and effective. The integration of Intel 471 cybercrime intelligence supports a variety of use cases, including:
- Incident response and hunting – Additional IOCs (file- and network-based) and associated tools used by the threat actors deploying the malware are revealed, arming the organization to enhance policies and rules to hunt for malicious activity and tools across their infrastructure.
- Fraud detection and mitigation – Early access to advanced fraud tactics and methodologies allows organizations to proactively detect and mitigate the business impact through recommended courses of action, protecting profitability by validating or improving fraud controls and countermeasures.
- Patch Vulnerability and Management – Qualitative and contextual insight on vulnerabilities being discussed, pursued, weaponized, and sold within the cybercriminal underground can be investigated in association with an organization’s attack surface, enabling the prioritization of vulnerabilities most relevant and impactful to business operations.
“Teams leveraging both Intel 471’s Intelligence and the ThreatQ platform can move beyond traditional correlation and pivoting of malicious tools, techniques, and infrastructure leveraged by financially motivated cybercriminals,” said Lilian Dolgolenko, Director of Partnerships at Intel 471. “By ingesting Intel 471’s intelligence into ThreatQ, actionable threat data is revealed that can be customized to support SOAR, SIEM, investigative alerting, and reporting. We look forward to supporting more organizations with enhanced security defense-in-depth posture to disrupt and block attacks before they are carried out.”