ThreatQuotient Launches Data-Driven Approach to SOAR and XDR, Accelerating Detection & Response
ThreatQuotient, a leading security operations platform innovator, today announced ThreatQ TDR Orchestrator, a new data-driven automation capability for more efficient and effective threat detection and response. This capability enables users to control what actions are to be taken, when, and why through the use of data.
"The security industry's approach to automation has overlooked the vastly different needs of detection and response use cases," said Leon Ward, VP of Product Management, ThreatQuotient. "The focus of ThreatQ TDR Orchestrator is data, not process. In detection and response, what is learned when performing an action is far more important than the action itself. ThreatQuotient has seized an opportunity to define and provide automation in a way that reduces complexity for security teams."
With the shortage of security personnel, automation has become a key strategy to offload repetitive tasks and empower humans to conduct advanced security operations tasks more efficiently. To date, automation has been looked at as defining a process and the steps needed to complete that process. This approach ignores the fact that automation is much more than just running the process. In reality, there are three important stages of automation to define and address:
ThreatQ TDR Orchestrator puts the "smarts" in the platform and not the individual playbooks by using Smart Collections™ and data-driven playbooks. The application of Smart Collections and data-driven playbooks provides or simpler configuration and maintenance, and provides a more efficient automation outcome. This approach further addresses all three stages of automation - Initiate, Run and Learn - easily and efficiently by enabling users to curate and prioritize data upfront, automate only when relevant, and simplify actions taken. It can be used to complement other playbook capabilities through ThreatQuotient's ecosystem partners or users can define data-driven playbooks within the ThreatQ platform. To improve the platform "smarts", it will also capture what has been learned to improve data analytics, which in turn improves the initiation stage of automation.
Use cases for ThreatQ TDR Orchestrator include but are not limited to automating the following:
"Having high confidence in the data being used to trigger alerts is critical. ThreatQuotient's approach to security operations ensures that teams remain focused on high-priority threats through automation and optimization, achieving results such as freeing up multiple analysts for more important tasks," Ed Amoroso, CEO and Founder, TAG Cyber. "ThreatQuotient's data-driven approach to automation through ThreatQ TDR Orchestrator enables security teams to reduce the number of playbook runs and have confidence that the output is relevant and high priority."
ThreatQ TDR Orchestrator will be available in Summer 2021. To learn more about the benefits of data-driven automation, visit the ThreatQ TDR Orchestrator webpage.
For more information about ThreatQuotient, please visit www.threatquotient.com.
ThreatQuotient's mission is to improve the efficiency and effectiveness of security operations with a platform that accelerates and simplifies investigations and collaboration within and across teams and tools. Integrating an organization's existing processes and technologies into a unified workspace, ThreatQuotient's solutions reduce noise, highlight top priority threats and automate processes to provide greater focus and decision support while maximizing limited resources. ThreatQuotient's threat-centric approach supports multiple use cases including incident response, threat hunting, spear phishing, alert triage and vulnerability management, and also serves as a threat intelligence platform. ThreatQuotient is headquartered in Northern Virginia with international operations based out of Europe and APAC. For more information, visit www.threatquotient.com.
Keynote Presentation by Zoom
Keynote Presentation by Google
State of SD-WAN: â€œA View from the C-Suiteâ€