Coming October 25: PeerSpot Awards will be announced! Learn more

ThreatQ OverviewUNIXBusinessApplication

ThreatQ is #11 ranked solution in top Threat Intelligence Platforms and #13 ranked solution in SOAR tools. PeerSpot users give ThreatQ an average rating of 7.0 out of 10. ThreatQ is most commonly compared to ThreatConnect Threat Intelligence Platform (TIP): ThreatQ vs ThreatConnect Threat Intelligence Platform (TIP). ThreatQ is popular among the large enterprise segment, accounting for 63% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 20% of all views.
Buyer's Guide

Download the Threat Intelligence Platforms Buyer's Guide including reviews and more. Updated: September 2022

What is ThreatQ?

ThreatQ is a Threat Intelligence Platform (TIP) designed to enable threat operations and management. ThreatQ is the only solution with an integrated Threat Library, Adaptive Workbench and Open Exchange that help you to act upon the most relevant threats facing your organization and to get more out of your existing security infrastructure.

ThreatQ Customers
Radar, Bitdefender, Crowdstrike, FireEye, IBM Security

ThreatQ Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Yasir Akram - PeerSpot reviewer
Software Engineer at Freelancer
Real User
Top 10
Good reporting and pretty stable but needs to be simpler to use
Pros and Cons
  • "The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious."
  • "The solution should be simpler for the end-user in terms of reporting and navigating the product."

What is our primary use case?

Initially, the solution was assigned to just extract the reports we needed. We just integrated our threat feed URLs to the ThreatQ platform. We could create a report which was like a categorized report. We deployed these solutions for other customers. We had five or six customers for which we just deployed five to six VMs of ThreatQ on our customer devices and with our selections for the threat intelligence feed.

Therefore, we primarily use the solution to provide threat intelligence to our clients.

What is most valuable?

The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious. 

What needs improvement?

I'm not sure if the solution is currently missing any features. I haven't noticed anything that could be added.

The biggest challenge is the deployment. The installation of the ThreatQ only takes the highest specified and customer-specific VMs or machines in order to be deployed without errors. This needs improvement.

The solution should be simpler for the end-user in terms of reporting and navigating the product.

What do I think about the stability of the solution?

The solution is stable after the deployment and initialization of services. There haven't been any errors to speak of. It's not buggy. It doesn't crash or freeze. It's good.

Buyer's Guide
Threat Intelligence Platforms
September 2022
Find out what your peers are saying about ThreatQuotient, ThreatConnect, Recorded Future and others in Threat Intelligence Platforms. Updated: September 2022.
632,611 professionals have used our research since 2012.

What do I think about the scalability of the solution?

I can't really speak to the scalability as it's been a while since I've looked at the functionality of the solution.

How are customer service and support?

There was another team that handled technical support. As I never really spoke with them, I can't speak to how responsive or knowledgable they are.

Which solution did I use previously and why did I switch?

I've worked with another simpler intelligence platform in the past. It was called Tines. It was simple to integrate everything, and we just followed a video guide in order to implement it. I've also worked with Anomali.

Currently, I work with Kaspersky. We did an integration on it and we installed it on our Windows server to check its stability. As a software engineer, we worked on Ubuntu and Linux.

How was the initial setup?

The support team of ThreatQ set up a VM on our VPN, which was SlashNext's private VPN. Then we just initiated some system calls and ThreatQ provided us the configuration file with our settings (like our email, our API key, our URL, our category, etc.). They set up a VM on our private VPN cloud. And then they provided us the configuration file in which we just entered our details like our company URL, our API category, and API keys et cetera.

We could just add it on the configuration file. We just uploaded it to the ThreatQ server. After running the system calls, we just initiated the ThreatQ and then performed tasks on the UI, such as categorizing the reports. If we only wanted the report for phishing, then we just manipulated the data on the UI and just extracted the reports. That's all.

The deployment was complex. We used high hardware specifications. I don't remember the exact specifications, however, I recall them being high. There were some services that had some compatibility errors. That's why we had our VMs - to make sure that the customer would not face any errors. Everything's deployed with high specifications and custom specifications. That was the biggest challenge for us - to deploy on the customer VMs.

On average, deployment takes 15-20 minutes if it's deployed without any errors.

I was with one of the NetOps network admin during deployment. We were only two people and we just deployed and installed all services and we executed the deployment.

What about the implementation team?

The ThreatQ support team assisted us with the implementation.

What other advice do I have?

If we're talking about user experience, from the customer experience point of view, the UI should be simpler. It should be diagrammatically similar to Tines, which is very user friendly. Everything from reporting to event details could be simpler. The deployment should be lighter as well. A new user should know these two aspects of the solution before they consider implementing it.

Overall, I'd rate the solution seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Threat Intelligence Platforms Report and find out what your peers are saying about ThreatQuotient, ThreatConnect, Recorded Future, and more!
Updated: September 2022
Buyer's Guide
Download our free Threat Intelligence Platforms Report and find out what your peers are saying about ThreatQuotient, ThreatConnect, Recorded Future, and more!