ThreatQuotient Launches ThreatQ v5
November 2021 by Marc Jacob
ThreatQuotient™ announced v5 of the ThreatQ platform, launching capabilities needed today to support the security operations center (SOC) of the future, where data is the foundation. ThreatQ’s newest features include a unique DataLinq Engine for connecting disparate systems and sources to enable extended detection and response (XDR), Smart Collections for driving automation, and an enhanced ThreatQ Data Exchange for bi-directional sharing of data, context and threat intelligence.
The typical SOC team has access to dozens of technologies, feeds and third-party data sources. ThreatQ connects the dots, bringing this wealth of data together into a common work surface, providing data-driven security context that enables teams to be more thorough in their investigations, collaboration, response and reporting. The result is more efficient and effective operations that can be directly measured by time savings and FTEs gained, improved risk management, and greater confidence when detecting and responding to an event.
The SOC of the future uses a data-driven approach to improve efficiency, has an open architecture to ingest any data sources free of limitations, and enables balanced automation for teams to translate data-driven context to drive response, either natively using machine automation or with tooling for human analysts. Key updates available in ThreatQ v5 that support the SOC of the future include:
● DataLinq Engine that “connects the dots” across data from all sources, internal and external, in an organization, including SEIM/SOAR, identity, feeds, cloud, ticketing, etc. so it can be analyzed and understood prior to taking a manual or automated response. Actions can be taken through integrations with the tools security teams already use.
● ThreatQ Data Exchange provides improved flexibility and control over data shared between ThreatQ systems. Teams with separate instances of ThreatQ can collaborate by sharing IOCs, adversary, TTPs, etc. with one another. This increased data exchange provides more context for teams to do their jobs.
● Smart Collections provide improved analysis speeds by automatically and dynamically categorizing data. This is done through a process in which teams define key criteria in advance that automate how intelligence culled through data is enriched, curated, prioritized and expired.
ThreatQ v5 is the company’s third product announcement in 2021 and, along with reaching nearly 300 integrations available on the ThreatQ Marketplace, is further proof of ThreatQuotient’s dedication to innovation and desire to help organizations defend against evolving threats. For more information, please visit www.threatquotient.com.