ThreatQuotient has released version 5 of the ThreatQ platform, which adds capabilities that are needed now to enable the future security operations centre (SOC), where data is the basis. A unique DataLinq Engine for connecting disparate systems and sources to enable extended detection and response (XDR), Smart Collections for driving automation, and an enhanced ThreatQ Data Exchange for bi-directional sharing of data, context, and threat intelligence are among the latest ThreatQ features.
“First-generation SOAR, TIP and XDR technologies have helped SOCs wage their battle against evolving attacks, but not without limitations; it’s time for security solutions to evolve as well. ThreatQuotient believes the foundation for the SOC of the future is data, which is why we doubled down on our DataLinq Engine in v5 of the ThreatQ platform,” said Leon Ward, VP of Product Management, ThreatQuotient.
He added, “Enabled by Smart Collections, and organizations have a strong foundation today to get more out of their data. We look forward to releasing more market leading innovations in 2022, because all data is security data and needs to be incorporated effectively into the security lifecycle.”
“Data equals context in security, and the fact that the data is often so widely spread throughout the typical organization means integrations are critical to detection and response,” said Jason Passwaters, COO, Intel 471.
He added, “ThreatQuotient’s open integration architecture makes bi-directional sharing easy between ThreatQ their DataLinq Engine and the Intel 471 TITAN Platform, which ultimately empowers our joint customers to make data-driven decisions and take the best course of action in response.”
“Data is critical to security because it gives the context needed to focus on relevant, high-priority issues. Ultimately, this focus empowers teams to work faster and more thoroughly when defending against evolving attacks,” said Michel Cazenave, President at Cyber Intelligence X sectors Alliance (CIX-A) and Regional CISO and CSO of PwC France.
“ThreatQuotient’s data-driven approach to security operations is perfectly aligned with the way top-performing teams work and capabilities like the DataLinq Engine, Threat Library and Data Exchange help them to work more efficiently and better manage risk.”
A typical SOC team has access to hundreds of technologies, feeds, and data sources from third parties. ThreatQ bridges the dots by bringing this vast amount of data together on a single work surface, allowing teams to be more thorough in their investigations, cooperation, reaction, and reporting. As a result, operations are more efficient and effective, as evidenced by time savings and additional FTEs, improved risk management, and increased confidence in identifying and responding to an occurrence.
The SOC of the future takes a data-driven approach to increase efficiency, has an open architecture that allows it to ingest any data source without restrictions, and provides balanced automation for teams to translate data-driven context into response, either natively or through tooling for human analysts. The following are some of the key enhancements in ThreatQ v5 that support the SOC of the future:
ThreatQ v5 is ThreatQuotient’s third product announcement in 2021, and it, along with the roughly 300 integrations already available on the ThreatQ Marketplace, demonstrates the company’s commitment to innovation and desire to assist enterprises in defending against emerging threats.