COVER STORY
nd-user
Frédéric Julhes, Director of Airbus Cybersecurity France
Airbus Cybersecurity
has strengthened its
threat intelligence with
ThreatQuotient. We hear
how ThreatQ has allowed the
company to offer a richer
threat intelligence service
that has more context and is
faster – with the result that it
is now able to continuously
deliver cyber intelligence
flows tailored to the needs
of its customers. Frédéric
Julhes, Director of Airbus
Cybersecurity France,
tells us more.
AIRBUS CYBERSECURITY
STRENGTHENS ITS
THREAT INTELLIGENCE
WITH THREATQUOTIENT
ow do you improve an
H
already mature and reliable
offering? For Airbus
Cybersecurity, the answer
was to enrich the threat intelligence
service it had been offering customers
since 2011 with contextual information
at scale.
“Since 2011, our threat intelligence
service has worked very closely with
our incident response teams. Among
other things, this has allowed us to
be very relevant and responsive when
it comes to tracking attackers,” said
Julien Menissez, Product Manager
for Managed Services in Europe at
Airbus Cybersecurity.
such as lists of IP addresses and other
indicators of compromise (IoCs).
Technical alerts are effective in blocking
specific attacks, often in an automated
way. However, when they are enriched
with relevant, contextual information they
can become real decision-making tools
allowing security analysts to answer
questions, such as: what do we know
about the attacker’s current targets and
campaigns? Are we a potential target for
this group in particular?
In theory this is attractive, but to deliver
this in practice Airbus Cybersecurity
needed to be equipped to offer a robust,
industry-ready service.
This proximity has paid off, enabling the
service to better contextualise alerts that
would otherwise remain purely technical,
“In 2015, we decided to create a
dissemination offering that would allow
customers operating their own SOC to
www.intelligentciso.com | Issue 26
51