AUSTIN, Texas: #CTI--InQuest, renowned for in-depth file analysis of malware and threat intelligence that draws from a rich tapestry of both open-source and proprietary sources, is thrilled to announce a new integration with ThreatConnect’s TI Ops Platform. With this integration, InQuest’s critical indicators of compromise (IOCs) are instantly accessible for downstream use by popular SIEMs, endpoint, network, and cloud security tools. This enhances an organization’s threat detection and prevention capabilities and provides CTI analysts with dynamic updates for their Threat Library in ThreatConnect’s Platform.

Unique Insights for a Rapidly Evolving Landscape

InQuest’s InSights has carved a unique position for itself by offering unmatched visibility into indicators extracted from comprehensive file-based analyses. Spanning across its customer base, alliances, and proprietary analysis platforms, the intelligence gleaned provides security teams with insights into real-world attacks. Particularly, these insights emphasize threats from advanced actors known for their evasion tactics and penchant for targeting high-stakes sectors.

Powered by Internal Cutting-Edge Sources

Several internal sources lie at the heart of InQuest's state-of-the-art threat intelligence feeds, including the InQuest InSights C2 Feed, InQuest InSights TI Feed, InQuest Labs RepDB, InQuest Labs IOCDB, and InQuest Labs DFIDB. InQuest InSights C2 Feed is dedicated to spotlighting InQuest's innovative analysis on malware command and control (C2) infrastructure. This feed is primarily composed of the output of InQuest’s threat intelligence analyst work product as well as proprietary sources that are worked in conjunction. The InQuest InSights TI Feed is composed of indicators relating to adversary infrastructure used for malware staging, phishing, VPN and proxy endpoints, and attack origination including mail delivery, scanning and exploitation, and network penetration. This feed includes data from InQuest intelligence analysis and its partner networks. InQuest Labs RepDB is a robust collection of reputation data leveraged by the InQuest TI team to validate and contextualize InQuest Threat Intelligence. It consists of two dozen of the most trusted reputation datasets available privately and commercially as well as output of InQuest’s state-of-the-art Deep File Inspection® (DFI) technology. InQuest Labs IOCDB is a rich OSINT focused feed that contains hundreds of sources pulled from the Internet filtered and contextualized to provide high-quality indicators and data in a timely manner. InQuest Labs DFIDB is composed of indicators extracted from publicly shared files as well as files uploaded to labs.inquest.net for analysis by InQuest DFI file analysis.

Together, the synthesis of reputation data, open source intelligence, and unparalleled data from InQuest's file and infrastructure analyses presents a panoramic and in-depth understanding of the contemporary threat landscape.

Seamless Integration with ThreatConnect

Introducing InSights into ThreatConnect equips CTI and Security Operations teams with an invaluable addition to their threat libraries, to fortify threat detection, prevention, and response. The integration allows teams to harness ThreatConnect's innate enrichment capabilities, enabling them to craft detailed internal reports, facilitate thorough response investigations, and utilize InQuest for focused IOC hunting scenarios.

If you’d like to learn more, check out the ThreatConnect marketplace or view our blog.

About ThreatConnect

ThreatConnect enables threat intelligence operations, security operations, and cyber risk management teams to work together for more effective, efficient, and collaborative cyber defense and protection. With ThreatConnect, organizations infuse ML and AI-powered threat intel and cyber risk quantification into their work, allowing them to orchestrate and automate processes to get the necessary insights and respond faster and more confidently than ever before. Over 200 enterprises and thousands of security professionals rely on ThreatConnect daily to protect their organizations' most critical assets.

About InQuest

InQuest empowers private and public sectors to identify, detect, and prevent advanced malware, ransomware, phishing, fraud attacks, breaches, and data loss incidents. Its industry-leading File Detection and Response (FDR) solutions stop file-borne breaches and incidents, automate threat hunting with real-time intelligence, and force multiply SOC and SecOps across the globe. For more information, visit inquest.net.

Fonte: Business Wire