How ThreatQ Works with Orchestration Tools

save
Share and earn Cybytes
Facebook Twitter Google+ LinkedIn Email

How ThreatQ Works with Orchestration Tools

POSTED BY JON WARREN

In previous blogs we’ve discussed how ThreatQ and ThreatQ Investigations augment and integrate with SIEM and ticketing systems. Here, I’ll explain how ThreatQ and ThreatQ Investigations work with orchestration and automation tools that may exist within your environment.

Although designed for different use cases, when combined the solutions provide integrated workflows that optimize time and user experience for both intelligence and security analysts.

Orchestration and automation tools are process-focused and will repeat execution of the same task or logical series of tasks. But because all threat data is not created equal, without first aggregating, scoring and prioritizing intelligence, you may not be applying automation appropriately. ThreatQ focuses on what is learned during the execution of that task to better position the organization for defense and response.

For example, because ThreatQ offers a threat intelligence library that is enriched with context for relevance and prioritization, orchestration tools can query ThreatQ for deployment-specific threat context, scores and data relationships. Orchestration tools can read, write and store threat context and metadata learned as part of running a playbook. Decisions are based on threat scores and context within ThreatQ, so that automation is being applied appropriately based on the latest intelligence.

ThreatQ and ThreatQ Investigations also benefit when used together with orchestration and automation tools. For example, orchestration and automation tools allow you to take the right action, faster by accelerating the execution of the response determined by ThreatQ Investigations. Furthermore, you can run playbooks and actions on demand as ‘Operations’ directly from ThreatQ and Threat Investigations. And, finally, while ThreatQ and ThreatQ Investigations work with a broad ecosystem of equipment, tools and technologies to operationalize threat intelligence, integration with orchestration and automation tools further extends the number of products compatible with ThreatQ.

To learn more, download our Orchestration Tools Technology Partnership Brief.

Stay tuned for our next blog in this series which will focus on how ThreatQ and ThreatQ Investigations work with visualization tools.

About ThreatQuotient™

ThreatQuotient™ understands that the foundation of intelligence-driven security is people. The company’s open and extensible threat intelligence platform, ThreatQ™, empowers security teams with the context, customization and prioritization needed to make better decisions, accelerate detection and response and advance team collaboration.

LEARN MORE

The post How ThreatQ Works with Orchestration Tools appeared first on ThreatQuotient.

Share this post and earn Cybytes
Facebook Twitter Google+ LinkedIn Email
Follow
80 Followers
About ThreatQuotient
ThreatQuotient™ understands that the foundation of intelligence-driven security is people. The company’s open and extensible threat intelligence platform, ThreatQ, provides defenders with the context, customization and collaboration needed to ensure that intelligence is accurate, relevant and timely to their business. Leading global companies are using ThreatQ as the cornerstone of their threat operations and management system, increasing security effectiveness and efficiency. For more information, visit http://www.threatquotient.com.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel