4 reasons why you should have an eye on ThreatQuotient

Earlier this month I spoke to Anthony Perridge, Regional Director at ThreatQuotient. ThreatQuotient allows for the consumption of threat intelligence from various and disparate sources. The team refereed to themselves as ‘still being in start up mode’. We’re exited to see where the company goes. Here are 4 reasons why you should keep an eye on them.  

1 – Turning data into threat intelligence

ThreatQuotient works by aggregating data from a variety of sources and then sending that data to where it needs to go. Be it to threat intelligence, to incident response or to create new signatures for IDS tools. ThreatQuotient’s real purpose is to help an organisation understand what data they have and to present it in a digestible manner. Anthony refereed to this as the following:

Once you have all this threat intelligence you need to do something with it, like: update the firewalls, update the IPS, raise an Incident or  respond to a ticketing system. What we do is; we help the threat Intel come in, we help organise it and we help make it  actionable by integrating with all the disparate technologies in an organisation. We could call ourselves: the glue, the bus or  the broker. In a typical enterprise there’s at least 40 different security technologies and the Palo Alto doesn’t work with the McAfee that doesn’t work with the Cisco. But we can be that common source of truth.

– Anthony Perridge

2- Saving time and staff

One of the main drawbacks with the setting up and running of a SOC is the resources required. Acquiring skilled analysts isn’t cheap so having a way to automate part of the process can drastically help reduce such burdens. Anthony explained how ThreatQuotient can be used to help this process:

You can imagine highly skilled and highly expensive security analysts going through PDFs or emails trying to pull out the relevant information. We automate all of that. You can imagine them trying to figure out the naming conventions of Alien Vault versus, the UK cert vs. CrowdStrike versus whoever. It’s painful and it’s slow. Imagine the threat intelligence people shouting across the room to the incident response people who shout across the room to the threat intelligence people. We give that a single pane of glass. Everything I’m talking about is being done by organisations, so we’re an efficiency operational type tool.

– Anthony Perridge

3 – A Customer driven experience

It’s hard to find the balance between outsourcing security and doing it in house. As ThreatQuotient is primarily focused towards larger businesses it’s offering requires some work by the customer. This being as while the ThreatQuotient platform will aggregate the data it is up to the customer to action it. Anthony put this in his own words by saying:

It’s very much customer driven so the customer needs to have a threat Intel SOC and incident response team to get value.  If they don’t have those attributes then you probably want to consume our service through an MSSP because you don’t have the people to get the value. We’re either doing direct touch with the large enterprise organisations or we’re working with MSSPs  because organisations don’t have those functions and they outsource the SOC.

– Anthony Perridge

4 – Understanding the bigger picture with open exchange

At the moment it’s easy to see attacks, data and resources as singular items. This is a mistake that so many organisations are currently taking. It’s important to link this information together to understand the bigger picture at hand. Anthony explained how ThreatQuotient could help tackle this:

Where it gets its value is in the open exchange. The more technologies we glue together in an organisation the more value the customer sees. This is  because more things are getting aggregated and consolidated into a single place and it becomes easier to work with the data, which should over time become intelligence.

– Anthony Perridge

That’s our four reasons why you should keep an eye on the team at ThreatQuotient. You can find out more at threatq.com.

James Stevenson

Im a Cyber Security enthusiast that loves all things to do with technology. I'm specifically interested in cyber security and ethical hacking.

You may also like...