ThreatQ Data Exchange allows analysts to easily share curated threat intelligence

ThreatQuotient is addressing an industry need for more curated and data-driven threat intelligence with the availability of ThreatQ Data Exchange. Built on the foundation of ThreatQuotient’s flexible data model and support for open intelligence sharing standards, ThreatQ Data Exchange makes it simple to set up bidirectional sharing of any and all intelligence data within the ThreatQ platform and scale sharing across multiple teams and organizations of all sizes.

  • Tuesday, 13th July 2021 Posted 3 years ago in by Phil Alsop

ThreatQ Data Exchange provides the ability to granularly define data collections for sharing, and easily connect and monitor a network of external systems with which to share data. Data collections are built using the existing Threat Library™ user interface and allow users to define the groupings of data they want to share, and can incorporate any data available in the Threat Library and are not limited to specific object types or attribute types. These data collections can be used for single connection feeds, reused for feeds to multiple external systems, and also used for internal analysis within the Threat Library and Custom Dashboards.

 

“An analyst’s ability to efficiently share focused, curated threat intelligence has a significant impact on the success of their organisation’s overall security operations. ThreatQ Data Exchange is a powerful new component of the ThreatQ platform and is critical for achieving more control over the collection and dissemination of threat data,” said David Krasik, Director of Product Management, ThreatQuotient. “ThreatQ Data Exchange allows our customers to create custom data feeds with their aggregated data to share within and external to their organisation. By providing the flexibility to share specific threat data without limitation or worry of exposing data that organisations prefer not to share, ThreatQuotient enables a collective understanding of threats and fosters a safer way to collaborate and share intelligence.”

 

Any multi-tiered threat intelligence sharing network where control and monitoring must be available to a global administrator will gain a faster and easier way to operationalise threat intelligence by using ThreatQ Data Exchange. For example: larger government entities with distinct intel teams and missions who continuously collaborate and share relevant intel; MSSPs that provide multi-sector or geo coverage to end customers; and large or medium-sized commercial organisations with a global presence or segmented business units. Individual teams can operate according to their specific requirements and missions, and collaborate with partners without limiting the breadth of data they want to share or leaking data they want to keep private.

 

A principal cyber security analyst within the U.S. Department of Defense (DOD) shares, "ThreatQ has enabled us to organise our Cyber Threat Intelligence into a structured database that lets us use it in ways we previously could not. The consolidation and sharing of information related to each piece of intelligence and the automated ingest of many intelligence feeds has also increased the speed at which awareness is achieved throughout the organisation. We continue to pursue new ways to further push the automation and integration of ThreatQ into other security products to further utilise the intelligence we obtain through ThreatQ."