We changed our name from IT Central Station: Here's why
Get our free report covering ThreatConnect, Recorded Future, ReversingLabs, and other competitors of ThreatQ. Updated: January 2022.
563,208 professionals have used our research since 2012.

Read reviews of ThreatQ alternatives and competitors

Yasir Akram
Software Engineer at Freelancer
Real User
Top 10
Good reporting and pretty stable but needs to be simpler to use
Pros and Cons
  • "The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious."
  • "The solution should be simpler for the end-user in terms of reporting and navigating the product."

What is our primary use case?

Initially, the solution was assigned to just extract the reports we needed. We just integrated our threat feed URLs to the ThreatQ platform. We could create a report which was like a categorized report. We deployed these solutions for other customers. We had five or six customers for which we just deployed five to six VMs of ThreatQ on our customer devices and with our selections for the threat intelligence feed.

Therefore, we primarily use the solution to provide threat intelligence to our clients.

What is most valuable?

The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious. 

What needs improvement?

I'm not sure if the solution is currently missing any features. I haven't noticed anything that could be added.

The biggest challenge is the deployment. The installation of the ThreatQ only takes the highest specified and customer-specific VMs or machines in order to be deployed without errors. This needs improvement.

The solution should be simpler for the end-user in terms of reporting and navigating the product.

What do I think about the stability of the solution?

The solution is stable after the deployment and initialization of services. There haven't been any errors to speak of. It's not buggy. It doesn't crash or freeze. It's good.

What do I think about the scalability of the solution?

I can't really speak to the scalability as it's been a while since I've looked at the functionality of the solution.

How are customer service and technical support?

There was another team that handled technical support. As I never really spoke with them, I can't speak to how responsive or knowledgable they are.

Which solution did I use previously and why did I switch?

I've worked with another simpler intelligence platform in the past. It was called Tines. It was simple to integrate everything, and we just followed a video guide in order to implement it. I've also worked with Anomali.

Currently, I work with Kaspersky. We did an integration on it and we installed it on our Windows server to check its stability. As a software engineer, we worked on Ubuntu and Linux.

How was the initial setup?

The support team of ThreatQ set up a VM on our VPN, which was SlashNext's private VPN. Then we just initiated some system calls and ThreatQ provided us the configuration file with our settings (like our email, our API key, our URL, our category, etc.). They set up a VM on our private VPN cloud. And then they provided us the configuration file in which we just entered our details like our company URL, our API category, and API keys et cetera.

We could just add it on the configuration file. We just uploaded it to the ThreatQ server. After running the system calls, we just initiated the ThreatQ and then performed tasks on the UI, such as categorizing the reports. If we only wanted the report for phishing, then we just manipulated the data on the UI and just extracted the reports. That's all.

The deployment was complex. We used high hardware specifications. I don't remember the exact specifications, however, I recall them being high. There were some services that had some compatibility errors. That's why we had our VMs - to make sure that the customer would not face any errors. Everything's deployed with high specifications and custom specifications. That was the biggest challenge for us - to deploy on the customer VMs.

On average, deployment takes 15-20 minutes if it's deployed without any errors.

I was with one of the NetOps network admin during deployment. We were only two people and we just deployed and installed all services and we executed the deployment.

What about the implementation team?

The ThreatQ support team assisted us with the implementation.

What other advice do I have?

If we're talking about user experience, from the customer experience point of view, the UI should be simpler. It should be diagrammatically similar to Tines, which is very user friendly. Everything from reporting to event details could be simpler. The deployment should be lighter as well. A new user should know these two aspects of the solution before they consider implementing it.

Overall, I'd rate the solution seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Get our free report covering ThreatConnect, Recorded Future, ReversingLabs, and other competitors of ThreatQ. Updated: January 2022.
563,208 professionals have used our research since 2012.