ThreatQuotient has announced an integration with Intel 471, the premier provider of cybercrime intelligence for leading intelligence, security and fraud teams. The combination of Intel 471 Cybercrime Intelligence and the ThreatQ threat intelligence platform offers organisations real-time insight into existing and emerging threats within the cybercriminal underground, and equips them with proactive capabilities to mitigate impact to their organisations, assets and people.
Intel 471’s cybercrime intelligence is curated by infiltrating and maintaining access to closed sources where threat actors collaborate, communicate and plan cyber-attacks. Leveraging this underground access, Intel 471’s intelligence provides timely data and context on malware and adversary infrastructure. By centralising adversarial and malware intelligence within the ThreatQ platform, users are able to simplify complex security threats and automatically integrate the right intelligence across their security ecosystems to inform security decision makers.
“ThreatQuotient is pleased to partner with Intel 471 to provide organisations with enhanced resources to validate or improve their fraud controls and countermeasures. There is no single security solution that provides a silver bullet against attacks, so as an industry we must continuously innovate to support organisations in finding an optimal balance between system automation and expert analysis,” said Haig Colter, Director of Alliances, ThreatQuotient. “By using ThreatQ to automate certain actions and workflows, tools and people can work in unison, and security teams can focus resources on the most relevant threats and collaboratively investigate and respond to take the right actions faster.”
ThreatQ’s Open Exchange provides an extensible and flexible environment for analysts to make their security operations more efficient and effective. The integration of Intel 471 cybercrime intelligence supports a variety of use cases, including:
- Incident response and hunting – Additional IOCs (file- and network-based) and associated tools used by the threat actors deploying the malware are revealed, arming the organisation to enhance policies and rules to hunt for malicious activity and tools across their infrastructure.
- Fraud detection and mitigation – Early access to advanced fraud tactics and methodologies allows organisations to proactively detect and mitigate business impact through recommended courses of action, protecting profitability by validating or improving fraud controls and countermeasures.
- Patch Vulnerability and Management – Qualitative and contextual insight on vulnerabilities being discussed, pursued, weaponised and sold within the cybercriminal underground can be investigated in association with an organisation’s attack surface, enabling the prioritisation of vulnerabilities most relevant and impactful to business operations.
“Teams leveraging both Intel 471’s Intelligence and the ThreatQ platform can move beyond traditional correlation and pivoting of malicious tools, techniques and infrastructure leveraged by financially motivated cybercriminals,” said Lilian Dolgolenko, Director of Partnerships at Intel 471. “By ingesting Intel 471’s intelligence into ThreatQ, actionable threat data is revealed that can be customised to support SOAR, SIEM, investigative alerting and reporting. We look forward to supporting more organisations with enhanced security defense in-depth posture to disrupt and block attacks before they are carried out.”