This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

Archer® Exchange Documentation

Browse the official Archer Exchange documentation for helpful tutorials, step-by-step instructions, and other valuable resources.

ThreatQuotient ThreatQ Integration

ThreatQuotient Logo.jpg

ThreatQuotient simplifies and accelerates security operations through a platform that creates a unified workspace for threat, SOC, and IR analysts to understand threats, perform investigations and collaborate across teams and tools. ThreatQuotients’ solutions reduce noise, highlight top priority threats and automate processes to provide greater focus and decision support.

 

The integration between Archer and ThreatQuotient simplifies the exchange of information between the two platforms in either direction, without requiring a user in either system to copy and paste data from one platform to the other. The integration enables Archer users to remain within the Archer interface while updating Archer with threat intelligence information from ThreatQ. Additionally, users of ThreatQ can pass  information to Archer seamlessly, including actions and assignments to other groups that map to an organization’s operational workflow, all while maintaining a history of work done.

 

Integration Features

ThreatQuotient integration with Archer enables organizations to:

  • Create an associated event in ThreatQ from an Incident to use that incident's context in ThreatQ and inform the Self Tuning Library
  • Update a pre-existing Event associated with an Incident to keep the IoC relationships and context up to date for scoring purposes
  • Allow a subset of incidents to be automatically created and synchronized against a TQ Event Type to use the incidents context in ThreatQ
  • Automatically update an associated incident when an Event is modified to reduce overall work on analysts

 

Solution and Platform Information

 

For More Information

To learn more about the ThreatQuotient RSA Ready certified integration, review the Implementation Guide.

 

For Additional Support

To learn more about ThreatQuotient, please contact sales@threatq.com or 703.574.9885. For technical support questions, please contact support@threatq.com.

Labels (1)
Labels:
0 Likes
Was this article helpful? Yes No
No ratings
Version history
Last update:
‎2021-03-15 12:27 PM
Updated by:
Valued Contributor Valued Contributor

Related Content

Article Dashboard
© 2021 RSA Security LLC or its affiliates.
All rights reserved.