Threat Intelligence

Save Valuable SOC Time and Speeds Up Threat Hunting


Leverage InQuest Threat Intelligence services to reduce time spent performing manual threat research - by improving your ability to predict, prevent, detect, hunt, and respond to emerging threats targeting your organization.

 

Challenge


The security industry has an abundance of open source and commercial threat intelligence feeds. Determining which (and how many) feeds are right for your organization - and then isolating signals from the noise - can be challenging. It is time-consuming, tedious work - even the most trained eyes.

Solution


The collection, processing, analysis, and normalization of raw threat intelligence information from disparate third-party open/closed sources, our customers' environments, and our own internal research is what differentiates InQuest Threat Intelligence services from traditional threat intelligence providers. Our threat intelligence and reputation services consist of data extracted from billions of file samples and indicators of compromise (IOCs) with a specific focus on the identification of goodware and malware content - as well as the activity associated with its execution. Enhance your security posture and maximize your existing security infrastructure investment by expanding your IOCs and overlaying our machine readable threat intelligence (MRTI) information on top of your alerts, logs, etc. Efficiently and effectively surface malware activity from your security tools that may otherwise go undetected for weeks or months.

InQuest Labs acquires, analyzes and incorporates unique threat intelligence information from hundreds of public, private and internal sources:

  • Internal sources include insights gathered from the continuous monitoring of a multi-Tbps+ composite alert stream and customer opt-in InQuest Threat Exchange
  • Public sources include OPSWAT, VirusTotal, Twitter and roughly 50 public reputation feeds
  • Private sources include Exodus Intelligence, Microsoft Active Protections Program Advanced Notification Service (MAPP ANS), and ZetaLytics

InQuest Labs uses this threat intelligence in its own efforts to develop new signatures and rules that are incorporated into FDR for our customers.

The Advantages of FDR Threat Intelligence


Collapse IOC Lead Time

Our Indicators of Compromise (IOC) lead times far surpass those of our competitors, and in some cases have resulted in customers being protected hundreds of days prior to public disclosure.

Save Valuable SOC Time

InQuest Threat Intelligence services reduce the amount of time spent performing manual threat research, which empowers your security operations and improves your ability to predict, prevent, detect, and hunt potential evasions.

Accelerate Emerging Threat Response

Threat hunters can quickly respond to emerging threats targeting your organization through the use of our threat intelligence services, which acquires, analyzes, and incorporates threat intelligence information from hundreds of public, private, and internal sources.

Operationalize your internal Threat Intelligence at Scale

Apply your Indicators of Compromise (IOCs) to the precise artifacts we capture and analyze.