ThreatQ Investigations Accelerates Security Operations through Threat Understanding, Collaborative Analysis and Coordinated Response
ThreatQuotient has announced the launch of ThreatQ™ Investigations, the industry’s first cybersecurity situation room designed for collaborative threat analysis, shared understanding and coordinated response. ThreatQ Investigations allows real-time visualization of an investigation as it unfolds within a shared environment, enabling teams to better understand and anticipate threats, as well as coordinate a response. The solution, built on top of the ThreatQ threat intelligence platform, brings order to the chaos of security operations that occurs when teams work in silos, acting independently, inefficiently and unable to share intelligence and tasks easily.
The industry is constantly driving to reduce MTTD (mean time to detection) and MTTR (mean time to
respond) through automation. However, acting fast alone is not enough; the key is determining the right
actions is taken faster than ever before. While it is now possible for organizations to prioritize and
contextualize millions of threat data points, it is still difficult to work through what information is most
relevant and determine the appropriate response. Taking action requires individuals and teams working
collaboratively to analyze and understand a threat, incident or situation before they can coordinate and
automate their response with confidence and reliability. Quickly developing this shared understanding
about a situation has been a considerable challenge. ThreatQ Investigations answers this challenge
providing a single visual representation of the complete situation at hand, including what actions were
taken, by whom and when.
“With different analysts and teams all working on parallel tasks, it is not uncommon to overlook key
commonalities that exist. With ThreatQ Investigations, everyone taking part in an investigation is
automatically able to see how the actions of others impact and further extend their own work,” said
Anthony Stitt, Regional Director APAC, ThreatQuotient. “ThreatQ Investigations fuses together threat
data, evidence, users and actions into a single, shared environment. This unique interface drives
collaboration between all parties involved in the investigation process.”
The dispersed nature of today’s security teams compounds the problem. ThreatQ Investigations
streamlines global collaboration while also giving individuals the freedom to test theories prior to
sharing with the group to ensure accuracy and relevance. Both those in technical roles performing
analysis, and the decision-makers relying on the outcomes, will benefit from ThreatQ Investigations.
Incident handlers, malware researchers, SOC analysts and investigation leads will all gain more control,
be able to take the right steps at the right time and accelerate overall security operations.
“Like many organizations, NTT Security is continuously working on new and improved ways to enhance
the collection of data from various sources, correlating and analyzing that data with NTT Security’s own
threat intelligence, and then using it to proactively protect against the real-world threats we face every
day,” said Jeremy Scott, Director, Global Threat Research, Global Threat Intelligence Center (GTIC), NTT
Security. “ThreatQ Investigations enables our team to not only collaborate, coordinate and document
investigations, but visually pivot through vast amounts of data to increase the effectiveness of our team
and our analysis processes, ultimately providing stronger detections and threat intelligence for our
customers.”
ThreatQ Investigations leverages the existing capabilities provided by the ThreatQ platform and allows
for the capturing, learning and sharing of knowledge. Use cases for ThreatQ Investigations include:
anticipation situations that accelerate understanding of emerging threats to update defense posture
proactively; response situations that enable the right responses to be determined and acted upon faster
than previously possible; and retrospective analysis to learn what can be improved in the future.
About ThreatQuotient
ThreatQuotient™ understands that the foundation of intelligence-driven security is people. The
company’s open and extensible threat intelligence platform, ThreatQ™, and cybersecurity situation
room solution, ThreatQ Investigations, empower security teams with the context, customization and
prioritization needed to make better decisions, accelerate detection and response, and advance team
collaboration. Leading global companies use ThreatQuotient solutions as the cornerstone of their
security operations and threat management system. ThreatQuotient is headquartered in Northern
Virginia with international operations based out of Europe and APAC. For more information,
visit https://threatquotient.com.