The InQuest Threat Exchange and an optional push/pull integration supported by InQuest cloud. If enabled, anonymous file hashes along with their threat vectors are pushed to the threat exchange. In turn, all newly seen file hashes are queried from the cloud prior to a deep dive analysis. This assists participating customers in both efficacy and performance.
On the performance front, if another instance of InQuest has already done the analysis on any given file, there's no need to burn CPU cycles on analyzing the file again.
On the efficacy front, customers benefit from a collective herd immunity. As customers have a variety of deployment configurations, from completely standalone to fully integrated with sandbox and multi-scanning technologies. Threat vectors received by InQuest cloud are evaluated and scored to ensure the most accurate classification.
Click below to learn more about how our threat intelligence helps to beat traditional security defenses.Read more