QuoLab Enterprise provides a Full-Spectrum Threat Intelligence Platform to merge data fusion, analysis, and investigation, giving clients complete control over data on premise or cloud delivery.
QuoLab Enterprise licenses now available.
The Graph Data Model (GDM), the heart of QuoLab, is a flexible data storage catalog where relationships between all data points are identified in their entirety. Each time a new fact is inserted into the GDM it triggers a set of automated actions – contextualizing and enriching, with all the information made immediately available to the user. Restrictive, uninspired, user-defined queries through archaic databases are a thing of the past – with QuoLab all relevant content is immediately available, always up-to-date, and easily digestible by all users.
Case Management drives collaborative investigation lifecycle management through diverse case types such as Threat Actor Profiles and Investigations. Historical data is always kept in context with the Case Graph, providing valuable insight into past and current operations that otherwise would have been overlooked. From here analysts create and launch data-centric, case-based workflows leveraging diverse taxonomy, TLP classification protocols and more.
Tool integrations seamlessly allow interaction with baseline and more specialized tools, delivering an application framework which fits the needs of incident response, TI analysts and SOC operators in one. Integration examples include Shodan, VMRay, BinaryNinja as well as internal tools such as fuzzy hashing (tlsh), PE Metadata extraction, domain analysis and automated content extraction. This capability streamlines operations, making efficient use of SME capabilities, analytic resources, tools and processes.
Link analysis is the visual gateway into your data, moving beyond a single artifact into looking at how each part fits into the whole- tracking and contextualizing relationships between elements, data and users. The value provided from automated tagging, static and dynamic analysis results (e.g. VMRay and BinaryNinja) is rendered along with all relevant data feeds in the Link Analyzer, providing an easily consumed view on highly technical data points.
Dashboards inform and advise users on all aspects of their QuoLab instance, providing not only the number of artifacts, case types, and enrichment points but also strategic information on the value provided by a given Threat Intelligence feed or internal security control. These dashboards are customizable, with all data points in the platform being tracked and represented in concise, easy to read charts and graphs.
QuoLab Unified Threat Management Platform merges data fusion, analysis and investigation functionality. Organizations can collaborate to manage, monitor and hunt threats from an intuitive dashboard. With QuoLab’s Full Spectrum Cyber Platform, clients can do more with less- save time, and threat intel costs, while reducing analyst fatigue.
QuoLab’s On-Premise or cloud hosted Node delivery gives clients complete control over their data and flexibility across the entire organization. QuoLab’s Enterprise Edition, designed for mature organizations, offers true power, unlimited users and data connectors. The Team Node is developed for smaller teams and organizations and the End-Point Node allows for a multi-tenant configuration.
Give Us A Call
Four Inc. has been providing software solutions to the Federal Government for over 15 years. Knowing your requirements and necessary specifications we can assist in an initial sizing exercise and help you procure your QuoLab solution that best fits your needs.
Have questions? Contact us
The following contract vehicles can be utilized to procure QuoLab Enterprise (ITES-SW2, SEWPV)