A Conversation with Haig Colter, Director of Alliances at ThreatQuotient

Meet Haig Colter, Director of Alliances at ThreatQuotient, a strategic partner of Cybersixgill. Together, we empower organizations to bolster their cybersecurity posture and enable them to pre-empt attacks and expose threats and vulnerabilities with contextual intelligence.

• Why did ThreatQuotient select Cybersixgill? What benefits does this partnership bring to your customers?

We first heard of Cybersixgill from mutual customers and were impressed by their comprehensive collection of contextual threat intelligence from the deep, dark, and clear web. 

Cybersixgill is one of several CTI feeds available as an integration – our users utilize different intelligence feeds for their unique purposes, like brand protection and insights into nation-state-grade threat intelligence. Now, through this partnership, they have access to Cybersixgill’s advanced solutions for dark web monitoring and threat intelligence with attack surface and business context. This gives them a tremendous advantage in stopping their adversaries from launching an attack. 

• How does this partnership enable customers to improve their cybersecurity posture? What are the key benefits they can realize?

ThreatQ is a threat intelligence platform that provides tools for contextualizing and prioritizing intelligence so that security teams can respond swiftly to potential threats. Think of it as a workspace for security analysts. Our platform supports standard and custom integrations with feeds and security systems, and through these integrations, the platform automates the aggregation, operationalization, and use of threat intelligence across the entire security infrastructure. We support multiple use cases, increase security effectiveness, and help to accelerate security operations.

By combining Cybersixill’s solutions with the ThreatQ platform, our customers can leverage Cybersixgill’s threat intelligence to proactively analyze, investigate, and respond to threats as they emerge and maintain cyber resilience. Specifically, our users have access to Cybersixill’s comprehensive collection of contextual threat intelligence from the deep, dark, and clear web in a few ways: 

• DVE Intelligence correlates asset exposure and impact severity data with insights from a broad range of vulnerability sources from the deep, dark web 

• An Alerts page streamlines the monitoring process of an organization’s attack surface and reacting to threats through rich context and simplified access to actions and intelligence services 

• Darkfeed is the industry’s most comprehensive, automated IOC enrichment solution.

These solutions offer our customers several important benefits, such as the ability to streamline vulnerability management, improve alerting capabilities, and accelerate incident prevention and response.

Together, we are providing companies with an ideal solution to operationalize threat intelligence and make defenders more efficient.

• What big shifts/trends are you seeing that show organizations are taking cybersecurity more seriously? How does the partnership with Cybersixgill play a role in this?

Instead of trying to fix every vulnerability found as quickly as possible, more organizations are relying on vulnerability information to prioritize which issues to resolve first and be more efficient in how they act. As threats evolve, vulnerability management will help them stay abreast of what’s relevant to their business.

Additionally, organizations need solutions powered by advanced technologies like AI to stay ahead of threats and proactively protect themselves from an attack. Intelligence from Cybersixgill’s DVE Intelligence enables security teams to do just that. They can find, measure, prioritize, and remediate the risk of vulnerabilities through mapping vulnerabilities to an organization’s assets, automated CPE-CVE matching, MITRE ATT&CK mapping, context enrichment with threat actor discourse, dynamic exploitability scores, and integrated remediation information. Without question, this is a game-changer for security professionals.

• Tell us a little about yourself. How did you get started in cybersecurity, and what is your role at ThreatQuotient?

My background is in building networks. I started my career as a network engineer and systems administrator. As typical in these roles, when there was a network problem, I would troubleshoot using a protocol analyzer, which is used to explain how packets are being transmitted over a network. My career path eventually led me to cybersecurity. Going from network protocol to analyzing and information security was a logical path for me. Why? Because once I knew how protocols work across the network, I could easily understand how an adversary exploits a protocol to execute an attack.

Today, I am the Director of Alliances at ThreatQuotient. Over the past eight years in this role, I have worked with our technology partners to enhance and improve our integrations. Cybersixgill is part of our robust ecosystem. With the quality of their threat intelligence and our best-in-class platform, we are helping customers proactively defend against emerging threats.

More information about the Cybersixgill-ThreatQuotient integration is available at https://www.threatq.com/documentation/ThreatQuotient-and-Cybersixgill-Overview.pdf. To schedule a demo, please visit https://www.threatq.com/demo-threatq-cybersixgill/.