sb-nz logo
Story image

ThreatQuotient extends professional services for security intelligence

ThreatQuotient has extended its professional services offering in a bid to enable enterprises to advance their security operations and take advantage of end to end services. Notably, the enhancements include new Assessment and Consulting Services.

ThreatQuotient’s global Professional Services team was first launched in 2017 and provides core capabilities to assess, design and build a threat-centric security operations function.

On the whole, the company is focused on helping organisations to transition from traditional signature-based monitoring, detection and response to an external, threat-focused program.

In addition to the current services of implementation, training and development, ThreatQuotient now offers consulting services that range from an initial assessment of current threat intelligence capabilities, to more in-depth and long-term process development.

According to ThreatQuotient, the ultimate goal is to mature a program to the point that a team can confidently address specific use cases like spearphishing, threat hunting and vulnerability management.

The company states its services can educate new cyber intelligence teams, refocus teams onto specific classes of threats, and operationalise an intelligence practice.

In addition, ThreatQuotient’s Professional Services also guides the development of a strategic plan, which embeds threat intelligence within all functions of security operations, by taking into account stakeholder analyses, risk identification and a one to three year growth plan.

The service also focused on empowering security executives to leverage the application of global threat intelligence to communicate effectively with their business leadership.

ThreatQuotient states it will help organisations to deploy the ThreatQ platform into their ecosystem, however companies do not have to be users of the platform to take advantage of the services if they wish to mature their operations and learn how to implement threat intelligence.

The company states its experts can provide additional support to create automated workflows, develop and/or map attributes against data sets or feeds, auto-enrich indicator sets, or provide specific deployment actions against intelligence.

As an example, since first integrating with MITRE ATT&CK in early 2018, ThreatQuotient has helped customers adopt and integrate the framework into their workflows to achieve a holistic view of their organisation’s specific attack vectors and what needs to be done to mitigate those attacks and defend against adversaries, the company states.

ThreatQuotient SVP Strategy Jonathan Couch says, “At ThreatQuotient, we know building a security operations program is hard, and building one that is threat-centric is even more difficult.

"Our team is here to help at every stage - from assessing whether a company will get value out of a threat intelligence program, all the way to helping the most mature and sophisticated teams diversify their use cases.

“With over 50 years of combined commercial and government threat intelligence and operational cybersecurity experience on the services leadership team, we are uniquely qualified and positioned to tailor solutions that meet the distinct needs and demands of an organisation’s security operations.”

ThreatQuotient VP International Anthony Perridge says, “ThreatQuotient’s services team uses best practices for threat intelligence and training to consult on applying the right processes and workflows, accelerating detection and response, and integrating ThreatQ with each enterprise’s unique ecosystem of pre-existing technologies to extend the architecture of their security operations.

“With our new assessment service, ThreatQuotient extends to help organisations that are new to threat intelligence answer an important but difficult question - are we ready to get value from a cyber threat intelligence program?

“If they are not, we can work to get them ready and help set up the people, processes, and technologies necessary to integrate intelligence into security operations and cyber risk management programs.”