• Last Updated
    Jun 21, 2023
  • Version
    2.1.0
  • Compatibility
    ThreatQ versions >= 4.34
  • Best Practical Request Tracker for IR (RTIR)

    Overview

    The ThreatQuotient for Request Tracker connector ensures that Request Tracker tickets that have been created in ThreatQ are continuously synced with Request Tracker. It polls ThreatQ's API and checks for any updated/touched Request Tracker tickets (events). If it detects an updated Request Tracker ticket, it will find that ticket in Request Tracker and update it with the new information.

    The Request Tracker extension asynchronously works with Request Tracker to keep ThreatQ and Request Tracker up to date with each other. When this extension is installed, it will add new 'objects' to your Request Tracker instance.

     

    Request Tracker for Incident Response (RTIR) builds on all the features of RT and provides pre-configured queues and workflows designed for incident response teams. It's the tool of choice for many CERT and CSIRT teams all over the globe.

    RTIR has tools to correlate key data from incident reports, both from people and automated tools, to find patterns and link multiple incident reports with a common root cause incident.

    Manage communication to multiple interested parties including reporters, counterparts at other security teams collaborating on responses, and other internal teams coordinating countermeasures.

    The ThreatQ Integration with RTIR allows users to:

    Bring tickets from Request Tracker into ThreatQ
    Add indicators to ThreatQ event (ticket) and have them added to Request Tracker
    Set False Positives in ThreatQ from Request Tracker
    Add ThreatQ Link back to Request Tracker
    Add event attributes from ThreatQ to Request Tracker

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy