Home »  Editorial Desk »  ThreatQuotient-Advances-Industry-Threat-Intelligence-Sharing-With-Stronger-Data-Curation-Capabilities

ThreatQuotient Advances Industry Threat Intelligence Sharing With Stronger Data Curation Capabilities


 ThreatQuotient™, a leading security operations platform innovator, is addressing an industry need for more curated and data-driven threat intelligence with the availability of ThreatQ Data Exchange. Built on the foundation of ThreatQuotient’s flexible data model and support for open intelligence sharing standards, ThreatQ Data Exchange makes it simple to set up bidirectional sharing of any and all intelligence data within the ThreatQ platform and scale sharing across multiple teams and organizations of all sizes.

 

ThreatQ Data Exchange provides the ability to granularly define data collections for sharing, and easily connect and monitor a network of external systems with which to share data. Data collections are built using the existing Threat Library™ user interface and allow users to define the groupings of data they want to share, and can incorporate any data available in the Threat Library and are not limited to specific object types or attribute types. These data collections can be used for single connection feeds, reused for feeds to multiple external systems, and also used for internal analysis within the Threat Library and Custom Dashboards.

 

“An analyst’s ability to efficiently share focused, curated threat intelligence has a significant impact on the success of their organisation’s overall security operations. ThreatQ Data Exchange is a powerful new component of the ThreatQ platform and is critical for achieving more control over the collection and dissemination of threat data,” said David Krasik, Director of Product Management, ThreatQuotient. “ThreatQ Data Exchange allows our customers to create custom data feeds with their aggregated data to share within and external to their organisation. By providing the flexibility to share specific threat data without limitation or worry of exposing data that organisations prefer not to share, ThreatQuotient enables a collective understanding of threats and fosters a safer way to collaborate and share intelligence.”

 

Any multi-tiered threat intelligence sharing network where control and monitoring must be available to a global administrator will gain a faster and easier way to operationalise threat intelligence by using ThreatQ Data Exchange. For example: larger government entities with distinct intel teams and missions who continuously collaborate and share relevant intel; MSSPs that provide multi-sector or geo coverage to end customers; and large or medium-sized commercial organisations with a global presence or segmented business units. Individual teams can operate according to their specific requirements and missions, and collaborate with partners without limiting the breadth of data they want to share or leaking data they want to keep private. 

 

A principal cyber security analyst within the U.S. Department of Defense (DOD) shares, "ThreatQ has enabled us to organise our Cyber Threat Intelligence into a structured database that lets us use it in ways we previously could not. The consolidation and sharing of information related to each piece of intelligence and the automated ingest of many intelligence feeds has also increased the speed at which awareness is achieved throughout the organisation. We continue to pursue new ways to further push the automation and integration of ThreatQ into other security products to further utilise the intelligence we obtain through ThreatQ."

 

Today, the DOD is leveraging the ThreatQ platform to support the warfighter in tackling the vast amounts of data they have access to, understanding relevance and priority, and effectively and efficiently taking action. With ThreatQ Data Exchange, those services can share curated, vetted threat intelligence with their peers across the DOD. Because the exchange is bi-directional and point-to-point, any one of the participating partners has the ability to identify and share threat intelligence in the form of Indicators of compromise and known related indicators to the central aggregation point for distribution to the other partners. The ability to share curated threat intelligence with security counterparts creates a force multiplier for all participants.