ThreatQuotient Integrates with Intel 471 Cybercrime Intelligence
June 2020 by Marc Jacob
ThreatQuotient™ announced an integration with Intel 471, the premier provider of cybercrime intelligence for leading intelligence, security and fraud teams. The combination of Intel 471 Cybercrime Intelligence and the ThreatQ™ threat intelligence platform offers organisations real-time insight into existing and emerging threats within the cybercriminal underground, and equips them with proactive capabilities to mitigate impact to their organisations, assets and people.
Intel 471’s cybercrime intelligence is curated by infiltrating and maintaining access to closed sources where threat actors collaborate, communicate and plan cyber-attacks. Leveraging this underground access, Intel 471’s intelligence provides timely data and context on malware and adversary infrastructure. By centralising adversarial and malware intelligence within the ThreatQ platform, users are able to simplify complex security threats and automatically integrate the right intelligence across their security ecosystems to inform security decision makers.
ThreatQ’s Open Exchange provides an extensible and flexible environment for analysts to make their security operations more efficient and effective. The integration of Intel 471 cybercrime intelligence supports a variety of use cases, including:
Incident response and hunting – Additional IOCs (file- and network-based) and associated tools used by the threat actors deploying the malware are revealed, arming the organisation to enhance policies and rules to hunt for malicious activity and tools across their infrastructure.
Fraud detection and mitigation – Early access to advanced fraud tactics and methodologies allows organisations to proactively detect and mitigate business impact through recommended courses of action, protecting profitability by validating or improving fraud controls and countermeasures.
Patch Vulnerability and Management – Qualitative and contextual insight on vulnerabilities being discussed, pursued, weaponised and sold within the cybercriminal underground can be investigated in association with an organisation’s attack surface, enabling the prioritisation of vulnerabilities most relevant and impactful to business operations.