Focused on bringing ease of use to IT security automation, ThreatQ TDR Orchestrator addresses industry needs for simpler implementation and more efficient operations
ThreatQuotient™, a leading security operations platform innovator, today announced a new version of ThreatQ TDR Orchestrator, the industry’s first solution for a simplified, data-driven approach to security operations. Built on the ThreatQ Platform, the continued innovation of ThreatQ TDR Orchestrator includes enhanced automation, analysis, and reporting capabilities that accelerate threat detection and response across disparate systems.
The latest research from ThreatQuotient, planned for full release later in 2022, shows signs that adoption of security automation is advancing, as budgets in this area are increasing for 98% of companies. The data also indicates that organisations have become more confident in automation itself, with over 88% of companies having some level of trust in automation outcomes compared to only 59% in the year prior. However, 98% say they have experienced problems during implementation. To support organisations with security automation solutions that are easier to use, cheaper than traditional automation tools and learn over time, ThreatQuotient has prioritised the development of ThreatQ TDR Orchestrator to enable more efficient and effective operations that can be directly measured by time savings and FTEs gained, improved risk management, and greater confidence when detecting and responding to an event.
The latest version of ThreatQ TDR Orchestrator offers the following benefits:
- Prioritise automation on the most important events/alerts with context from threat intelligence and other internal and external sources. A feedback loop captures results to improve the automation flow over time.
- Playbooks are easier to maintain as a result of Smart Collections which are used to abstract automation logic. Atomic Automation allows for immediate action when a complex response is not needed; and Automation Packs for vulnerability prioritisation, indicator enrichment, XDR, and more use cases coming soon, help users get started with common use cases quickly.
- Less training is required up front as a result of a no-code user interface which also delivers a lower total cost of ownership over time, and enables users to rely less on their organisation’s technical resources which can be a bottleneck (e.g. waiting for internal developers to work through their backlog and write the playbook automations requested).
“Leveraging automation to do the heavy lifting and cut through the noise is vital to helping cybersecurity teams thrive under pressure. ThreatQuotient continues to innovate in a way that drives meaningful operational benefits to customers,” says Leon Ward, Vice President of Product Management at ThreatQuotient. “Many process-based SOAR platforms are designed such that only security engineers and analysts have the skills necessary to use them directly; making these traditional platforms hard to implement and maintain which drives higher costs over time. This ThreatQ TDR Orchestrator release reinforces the need for no-code solutions that empower operators to adapt to dynamic threat landscapes faster, and focus their energy on security operations workflows that provide critical business context.”
In an environment where security operations employee turnover is high, ThreatQuotient’s platform is well suited for increasing the number of people who know how to develop and maintain automation playbooks. ThreatQ’s data-driven approach means that anyone with business context can understand and maintain workflows, making teams more nimble and resilient. Additionally, Atomic Automation works at the “atomic” or lowest level, allowing an analyst to automate a single action or string of a few simple actions without needing a complex playbook. This enables analysts to pull data or push actions without actually needing to pivot from UI to UI for each of the products involved.
To learn more about ThreatQ TDR Orchestrator, register for ThreatQuotient’s upcoming webinar, ThreatQ Cyber Forum on ROI, taking place live on Wednesday 21st September at 10:00 am GMT. For a firsthand look at how ThreatQ, ThreatQ TDR Orchestrator, and ThreatQ Investigations can support your organisation’s security goals, register for the ThreatQ Online Experience, a unique interactive tour.
ThreatQuotient improves security operations by fusing together disparate data sources, tools and teams to accelerate threat detection and response. ThreatQuotient’s data-driven security operations platform helps teams prioritise, automate and collaborate on security incidents; enables more focused decision making; and maximises limited resources by integrating existing processes and technologies into a unified workspace. The result is reduced noise, clear priority threats, and the ability to automate processes with high fidelity data. ThreatQuotient’s industry leading data management, orchestration and automation capabilities support multiple use cases, including incident response, threat hunting, spear phishing, alert triage and vulnerability prioritisation, and can also serve as a threat intelligence platform. ThreatQuotient is headquartered in Northern Virginia with international operations based out of Europe, MENA and APAC. For more information, visit www.threatquotient.com.