Firas Ghanem, the Regional Director for the Middle East and Pakistan at ThreatQuotient, hopes to interact with We hope to interact with as many CISOs
Are you participating in GITEX 2021? If yes, which products and solutions will you be showcasing at GITEX Technology Week?
ThreatQuotient made its debut at GITEX in 2019, and this year we will be participating along with our distributor, Starlink. We will be showcasing ThreatQuotient solutions that support TIP, XDR, and SOAR approach. ThreatQ, our Threat Intelligence Platform (TIP), is an open and extensible tool that empowers organizations to automate the intelligence lifecycle, quickly understand threats, make better decisions, and accelerate detection and response.
It supports both standard and custom integrations, with feeds and security systems. Through these integrations the platform automates the aggregation, operationalization, and use of threat intelligence across the entire security infrastructure, supporting multiple use cases and increasing security effectiveness.
ThreatQ also enables data-driven Extended Detection & Response (XDR). Its adaptive data engine imports and aggregates external and internal data, curates and analyses it for decision making and action, and exports a prioritized data flow across the infrastructure.
Additionally, most Security Orchestration, Automation, and Response (SOAR) platforms take a process-driven approach to connect products within a workflow. However, for optimal detection and response, a data-driven approach is needed that prioritizes data and connects systems with that data. ThreatQ’s SOAR connects disparate systems to orchestrate and automate response.
What are your expectations from the event this year?
We hope to interact with as many CISOs and CTI heads as possible, engage with them, and explain how ThreatQuotient can aid them in their Security Operations and CTI practice. As the region’s biggest and most influential technology exhibition, GITEX Technology Week gives ThreatQuotient an excellent opportunity to introduce and demonstrate our products, solutions, and services to the region, and to increase the visibility of our ThreatQ platform. GITEX also gives us the opportunity to connect with our partners, existing or potential customers, as well as with individual experts.
What will be your theme of participation at GITEX?
Our focus this year is on being prepared and ready to act – well in advance of threats becoming an irreparable issue. Our key theme is Anticipation. First, we anticipate threats by leveraging the best in cyber threat intelligence. Then, we prioritize, automate, and collaborate using a platform that has been purpose-built for threat detection and response.
Here, ThreatQuotient’s ThreatQ can serve as an open and extensible threat intelligence platform that accelerates security operations through streamlined threat operations and management. The integrated, self-tuning threat library, adaptive workbench, and open exchange allow organisations to quickly understand threats and mitigate them.
How have your regional strategies changed in recent months?
Recently, ThreatQuotient has seen a rise in threats that exploit social engineering techniques – in 2020, almost a third of the breaches employed such tactics. Our strategy has currently evolved to focus on automation. We believe in a smart approach to automation, and in automating only what is relevant. This also allows you to define when exactly you’d want to run an automated action, and smartly prioritize the use of your resources.
An example of that is, for instance, if you have a series of events identifying potential malware samples. If some of those samples are determined by the ThreatQuotient Threat Library to be related to known high-profile adversaries and campaigns, then the automated actions taken will differ based on this context.
ThreatQuotient combines automation and human intelligence for proactive detection and response. We have customer-defined configurations and integrations, as well as customizable workflows and customer-specific enrichments to streamline the analysis of threat and event data. This results in faster investigation and automation of the intelligence lifecycle.