ThreatQuotient has announced the company’s inclusion as a Representative Vendor in the 2020 Gartner Market Guide for Security Orchestration, Automation and Response (SOAR) solutions.
As defined by Gartner, SOAR solutions “combine incident response, orchestration and automation, and threat intelligence (TI) management capabilities in a single platform.”
SOAR platforms are evolving towards what ThreatQuotient has been developing for years – a full featured security operations platform designed to provide companies the relevant, contextual intelligence and automation needed to support multiple teams and capabilities. Threat intelligence is essential for security operations, and ThreatQuotient’s data-driven approach to SOAR provides high confidence in the intelligence being used, the decisions that are made and the incident response workflows that are executed.
ThreatQ is the engine behind this approach: a threat-centric security operations platform that aggregates, scores, and prioritises intelligence. With ThreatQ serving as a SOAR platform, organisations can unify their cybersecurity infrastructure and components into a single defense ecosystem, allowing them to accelerate security investigations and significantly improve the mean time to respond to cyberthreats. Additional use cases for ThreatQ beyond SOAR include threat intelligence management, threat hunting, spear phishing, alert triage and vulnerability management.
“We are encouraged by the evolving definition and industry understanding of SOAR, which is becoming more inclusive of threat intelligence and security incident response platforms,” said John Czupak, President and CEO. “ThreatQuotient’s approach to SOAR platforms starts with the threat, because we believe you cannot defend against or respond to what you do not understand. We believe Gartner’s latest Market Guide for SOAR Solutions validates the growing need for tools that are complementary to an organisation’s arsenal of products and processes already in place. We are committed to continuing to meet the market need for a security operations platform that improves the effectiveness of the SOC.”
Customer-controlled prioritisation within ThreatQ is based on an organisation’s risk profile and their own set of scoring parameters, and ThreatQ automatically filters out noise and reveals the right priorities for action. To ensure teams remain focused on high-priority threats and to reduce false positives, the self-tuning Threat Library automatically learns, recalculates and reevaluates priorities based on a continuous flow of new data and context into ThreatQ. Through automation and optimisation, ThreatQ can achieve results such as freeing-up two to three full-time security analysts for higher level tasks.