Blogs

In continuing my chat with Marc Solomon, CMO of ThreatQuotient, Marc and I discuss:

1. SOC integration. At its heart, SOAPA is an integrated heterogenous technology architecture for security operations, so I ask Marc how integration plays into ThreatQ’s strategy. Marc mentions that the platform includes bi-directional integration where ThreatQ consumes and provides data. What type of data? External threat data, enriched data, event data, etc. ThreatQuotient can be used as a SOAPA data broker, acting as the single source of truth for security operations.

Mark Solomon, CMO of ThreatQuotient. and I had a chance to get together and talk SOAPA recently. In part 1 of our video, Marc gives a brief description about what ThreatQ does and then we proceed to chat about:

1. What’s the deal with cyber threat intelligence (CTI)? For every SOC manager who tells me that threat intelligence is the foundation of security operations, another says that his or her organization struggles to operationalize threat intelligence. What’s going on here? Marc believes the term “threat intelligence” is somewhat poisoned and meaningless today. The real key is to collect, process, analyze, and act upon the CTI that aligns with your organization’s infrastructure, industry, location, etc., and then integrate it into every aspect of security ops.

Data warehouse modernization has become an essential move to meet the demands of the modern business. And it is easy to get lost in the hype when it comes to modernizing with a “cloud-first” or “cloud-only” approach. Organizations are drawn to the promise of ultra-simplicity, unlimited scale, improved agility, and ubiquitous accessibility. But for some organizations that are on this path, they are starting to see the tradeoffs they have made. One of those tradeoffs comes with price/performance. Not that modern cloud data warehouses do not perform well, but if you want the low-latency performance to truly support real-time, you will either have to pay for it (especially at scale as more end-users want access to the data) or minimize your ability to truly achieve real-time responsiveness. And it is forcing organizations to rethink their cloud data warehouse strategies. Maybe an on-premises data warehouse does have a place? And so does a cloud data warehouse?