ThreatQ
Offer a reference bonus
1.00

ThreatQ

ThreatQuotient, Inc.

-
ROI-
USD
Using2
Selling11

PitchThreatQ is the only Threat Intelligence Platform that centrally manages and correlates unlimited external sources.

Product features

Description

To understand and stop threats more effectively and efficiently your existing security infrastructure and people need to work smarter, not harder. ThreatQ can serve as an open and extensible threat intelligence platform that accelerates security operations through streamlined threat operations and management. The integrated, self-tuning threat library, adaptive workbench and open exchange allow you to quickly understand threats, make better decisions and accelerate detection and response.

HOW THREATQ WORKS:

THREAT LIBRARY
Shared Contextual Intelligence Using ThreatQ as a threat intelligence platform equips you with a threat library that automatically scores and prioritizes threat intelligence based on parameters you set. Prioritization is calculated across many separate sources, both external and internal, to deliver a single source of truth using the aggregated context provided. This removes noise, reduces risk of false positives and enables users to focus on the data that really matters.
  • Self-tuning
  • Context from external + internal data
  • Structured and unstructured data import
  • Custom enrichment source for existing systems

ADAPTIVE WORKBENCH
Combine Automation and Human Intelligence for Proactive Detection and Response Customer-defined configuration and integrations to work with your processes and tools. Customizable workflow and customer-specific enrichment streamline analysis of threat and event data for faster investigation and automates the intelligence lifecycle.
  • Consolidated view, unified opinion
  • Automatically prioritize based on all sources
  • Continuous threat assessment
  • Push-button operations using existing tools and processes
  • User-specific watch list widget

THREATQ INVESTIGATIONS
The industry’s first cybersecurity situation room ThreatQ Investigations solves the collaboration and coordination inefficiencies that exist across security operations to accelerate detection and response. As the first cybersecurity situation room, it streamlines investigations and improves active collaboration among and across teams. Team leaders can direct actions, assign tasks and see the results unfold in near real time.
  • Fuse together threat data, evidence and users
  • Accelerate investigation, analysis and understanding of threats in order to update your defense posture proactively
  • Drive down mean time to detect (MTTD) and mean time to respond (MTTR)
  • Build incident, adversary and campaign timelines
OPEN EXCHANGE Open and Extensible Architecture Enables Robust Ecosystem Import and aggregate external and internal data sources, integrate with existing enrichment and analysis tools, and export the right intelligence to the right tools at the right time to accelerate detection and response. Get more from your existing security investments by integrating your tools, teams and workflows through standard interfaces and an SDK/API for customization.
  • Bring your own connectors and tools
  • SDK / API for customization
  • Standard STIX/TAXII support

Problems that the product solves

Risk or Leaks of confidential information

Risk of attacks by hackers

Risk of data loss or damage

Decentralized IT systems

High costs of IT personnel

Values

Enhance Staff Productivity

Manage Risks

Testing

demo request

Characteristics (Threat Intelligence Platforms)

Own feed providers / feed prep analytics centers

Avaliable

Normalization, feed deduplication

Avaliable

Number of feed suppliers out of the box

100+

CSV files

Avaliable

JSON files

Avaliable

HTTP-feed

N/A

Email

Avaliable

STIX / TAXII Standards Support

Avaliable

Unstructured text data

Avaliable

The ability to enrich data from external sources (for example, WHOis, PassiveDNS, VirusTotal, etc.)

Avaliable

Connecting additional feed providers

Avaliable

Search for matches in SIEM events

Avaliable

Direct incident response through integration with third-party information security systems

Avaliable

Responding to incidents using complex algorithms (playbooks)

Avaliable

REST API Integration Capability

Avaliable

Manual adjustment of “weight” parameters for feed’s

Avaliable

Ability to build a graph of links between feed’s objects and internal artifacts

Avaliable

Transaction Features

Partner average discount

Deal protection

Average deal size

Average deal closing time

Scheme of work

 Scheme of work

Competitive products

User features

Roles of Interested Employees

Chief Information Officer

Chief IT Security Officer

IT Security and Risk Management

Organizational Features

IT Security Department in company

Company branches in different countries