ThreatQ Platform and ThreatQ Investigations allow Thales to pioneer market-leading personalized threat intelligence services
ThreatQuotient™, a leading security operations platform innovator, and Thales (Euronext Paris: HO), today announced that Thales has successfully standardized on the ThreatQ Platform to develop and scale its advanced, personalized, threat intelligence services. Thales now operates the largest Cyber Threat Intelligence (CTI) team in Europe and has elevated its CTI practice into a strategic advantage, with a team of 50 threat intelligence and geopolitical analysts now delivering highly personalized threat intelligence to clients worldwide. The team utilizes the ThreatQ Platform to deliver integrated, tailored, and prioritized threat intelligence drawn from a rapidly expanding number of diverse threat data sources and cybersecurity tools.
Thales advanced cybersecurity products are used by critical infrastructure organizations to enable proactive cyber defense in 68 countries worldwide. In 2016, the company sought to develop a future-proofed solution to incorporate threat data more effectively into its detection and response portfolio.
The solution had to be capable of scaling to integrate the fast-growing volume of threat data sources, while also being able to curate and deliver timely intelligence based on each customer’s unique threat environment. Crucially, Thales wanted a solution that delivered actionable data for its internal security operations centers, and those of its clients.
ThreatQuotient, and its flexible ThreatQ Platform, were selected due to:
Comprehensive integration and customization capabilities: ThreatQ’s comprehensive library of APIs and custom connectors can be written and deployed quickly to integrate with existing tools and threat intelligence sources, allowing the Thales team to aggregate, normalize, correlate, and prioritize massive amounts of raw threat data into actionable intelligence.
Advanced collaboration and visualization tools: Key to the successful creation of the Thales CTI team was the ability to work together across languages and geographies, pooling data and detection information through ThreatQ’s collaboration and visualization tools to gain a full picture of the threat landscape.
Strong service and support ethos: ThreatQuotient and Thales formed a strong partnership allowing Thales to draw on ThreatQuotient’s CTI leadership and expertise to overcome any challenges fast.
Ivan Fontarensky, Technical Director, CyberDetect and Respond at Thales, underlines ThreatQ’s role in developing the company’s CTI practice: “Threat intelligence is mandatory and was essential to the ramp-up of our cybersecurity portfolio of solutions. We share a common vision with ThreatQuotient and, with the most mature and robust platform on the market, we knew they could help us industrialize our intelligence model to support our needs worldwide.”
The Thales CTI team now works with the SOC teams and the Incident Response (IR) teams on:
Alert triage: analyzing intelligence and enriching it with additional threat data and context to reduce false positives, improve alert quality and prioritize actions.
Investigation and response: using ThreatQ Investigations to gain deeper insight into the activities and motivations of specific threat actors and sharing information on attack paths and impacts.
Research and reporting: Thales helps clients get ahead of attacks through its popular CyberThreat Hitmap, which offers strategic insight into top targeted regions, sectors, attack origins and malware, delivering around 300 reports a year.
Cyrille Badeau, Vice President, International Sales at ThreatQuotient, adds: “We are very proud of the part the ThreatQ Platform and the ThreatQuotient team have played in enabling Thales to establish and scale its pioneering cyber threat intelligence service. Our open platform allows Thales to adapt its intelligence model to each client, delivering timely, personalized CTI that puts them in a proactive position to deal with cyberthreats. Our relationship with Thales is a model partnership for sharing expertise that demonstrates how organizations can turn CTI into a strategic advantage for themselves and their customers.”
Fontarensky concludes: “Our partnership with ThreatQuotient has helped us grow from a team of one to 50 in a few years and become the largest CTI provider in Europe. Today threat intelligence is strategic to our cybersecurity products and research and to our continued market leadership.”
Visit AITechPark for cutting-edge Tech Trends around AI, ML, Cybersecurity, along with AITech News, and timely updates from industry professionals!