Skip to main content

Optiv ThreatDNA Platform and ThreatBEAT Service

December 19, 2019

Optiv recognized the need for intelligence-driven operations years ago. In 2013, we created the Global Threat Intelligence Center (gTIC), integrating content feeds, services and support for clients. Now, with ThreatDNATM, Optiv is advancing our intelligence operations capabilities to include orchestration, automation and integration to provide more immediate analytics for our clients.

What is the ThreatDNA Platform?

It’s a real-time contextualized threat intelligence platform integrated into core Optiv services and products. We have integrated people, processes and technology to achieve actionable intelligence outcomes. ThreatDNA results focus on integration into business processes, such as threat identification and response, vulnerability risk management and incident response.

What is ThreatBEATSM?

ThreatBEAT is an integrated component of ThreatDNA, a real-time threat-focused visibility and analytics engine. ThreatBEAT provides telemetry and correlation of threats including – but not limited to – hacking, intrusion and computer viruses. ThreatBEAT enables us and our clients to maintain and monitor trends and analytics related to threats in an environment, sector, geo-location, CVE vulnerability exploitation and attribution to specific computer viruses and adversaries.

Why the change?

Reimagining how to integrate valued intelligence into business processes for clients is the focus of Optiv intelligence operations. The team also regularly performs lab-qualified intelligence analysis, a critical component of trust and confidence impacting all intelligence services supported by Optiv.

Also in 2020, Optiv will be more focused on visionary developments for a host of new service offerings to be evaluated and launched in 2020 with a focus on augmented intelligence services that best meet the needs of clients in their business outcomes.

Integrating intelligence means overcoming major challenges

Organizations best consume intelligence when they have a robust IT function and solid security governance in place. Because most organizations struggle at operational capabilities, consistency and integration intelligence usually requires a very high level of effort to do well across multiple teams in an organization, particularly in large global organizations.

As a security solutions integrator, Optiv has teams across the organization that add impact and leverage intelligence in their operations. Our focus on clear long-term strategic outcomes is a huge part of what helped us overcome early challenges even as we embraced change.

The gTIC team also focuses on understanding client environments, obtaining feedback, and evaluating needs to ensure the best possible intelligence outcomes. Each client is different, with some requirements overlapping. All clients need integration into specific business processes, like threat identification and strategic priorities, to improve a defensive posture against those threats. ThreatDNA has championed this feedback and visibility, especially when looking at the threat data for hundreds of clients, to identify the best solutions possible with a massive improvement in visibility.

Optiv has embraced the need for consistent, capable staff by implementing a CyberSTRAND training program. This includes complex, customized on-premise classroom instruction and evaluations, on-the-job training and use of external education for malware analysis, analyst mindset and network detection and response. In 2019 Optiv implemented a new training program to harmonize roles and responsibilities further and mature the understanding of teams in malware analysis, forensics, network architecture, and endpoint security. CyberSTRAND is now a central solution for our Security Operations staff to develop and maintain training specific to their job and team.

Closing Thoughts

Our gTIC team is committed to providing world-class intelligence internal to our operations to ensure the best quality service outcomes for clients. Expect to see advancements in all intelligence-related services and solutions with us in 2020, starting with the delivery of daily SITREP reports to clients -- scheduled for late January 2020.

We look forward to partnering with you as we seek to improve intelligence-driven operations in 2020.


    Ken Dunham

By: Ken Dunham

Senior Director, Technical Cyber Threat Intelligence

See More

Related Blogs

June 19, 2019

Managing Identity in the Digital World

Understanding who has access to systems and data has never been more important. The demand for mobility and accessibility which has driven the move to...

See Details

June 12, 2019

Is Your IDM Technology Healthy?

So, is your IDM programme healthy? If it is built to implement a holistic and strategic vision for identity governance and administration across your ...

See Details

October 15, 2015

Accessible Threat Intelligence

Threat intelligence is a term that has entered our vocabulary as security practitioners over the last couple of years. According to Gartner, threat in...

See Details

How Can We Help?

Let us know what you need, and we will have an Optiv professional contact you shortly.


Privacy Policy

Stay in the Know

For all the latest cybersecurity and Optiv news, subscribe to our blog and connect with us on Social.

Subscribe

Join our Email List

We take your privacy seriously and promise never to share your email with anyone.

Stay Connected

Find cybersecurity Events in your area.