Last week, ReliaQuest hosted its annual user conference, RQP3 (Plan, Partner, Propel), where over 650 employees, customers, and partners came together to share industry knowledge and participate in sessions around the theme: Automating Visibility and Response.
Over the course of three days, RQP3 attendees had the chance to participate in panel discussions and breakout sessions, get hands-on experience with the GreyMatter UI at the RQ Bar, and attend training courses in ReliaQuest University’s fully immersive labs. We’re proud to say we had over 125 customers receive their certifications for the new GreyMatter UI and over 200 complete multiple RQU certified SIEM and EDR trainings.
After spending the past week with CISOs and cybersecurity leaders from some of the largest organizations in the world, these are our three main takeaways from RQP3 2020:
1. Automating visibility – and response – is a top priority for security teams
The top concern for security teams continues to be the growing complexity of IT environments, as Jeff Pollard, VP, Principal Analyst at Forrester, explained in his keynote, “The Future of Cybersecurity.” From adding new tools to working in multi-cloud environments, this complexity creates challenges for enterprises.
In fact, according to ReliaQuest’s 2019 Security Technology Sprawl Survey, security teams are reaching their “security tool tipping point,” resulting in decreased visibility and response effectiveness with the addition of new tools, leading to increased organizational risk.
In a CISO panel discussion titled “Cybersecurity in 2025” led by ReliaQuest Founder and CEO Brian Murphy, we heard first-hand from industry-leading CISOs on the growing need to not only improve visibility in their organizations, but also the desire to feel confident in using automation for threat response.
How can security teams use automation to increase visibility and accelerate response in their organizations?
Enterprises can automate both the collection of data from disparate sources to expedite investigations, as well as the repetitive tasks and low-level decisions to maximize the efforts of their skilled team to accelerate incident response. ReliaQuest GreyMatter’s Investigate and Automate capabilities increase visibility for organizations and decrease response times by leveraging custom playbooks, as ReliaQuest’s VP of Product Management Jason Pfeiffer detailed in the session, “Elevating Security Model Performance with GreyMatter.” Along with GreyMatter’s Investigate and Automate capabilities, customers can also leverage GreyMatter’s Hunt capability to aggregate and normalize disparate sources to run proactive threat hunting campaigns.
Throughout the conference, attendees had the opportunity to experience their own direct access to ReliaQuest GreyMatter UI at the RQ technology bar. GreyMatter’s open UI will increase ReliaQuest customers’ visibility and transparency over their enterprise security operations, enabling teams to better identify and address risk. GreyMatter has also added native integrations to 29 top enterprise technologies, including the market share leaders in SIEM and EDR, as well as Amazon S3, Azure, and more — providing enterprises with centralized visibility, transparency, and faster response across their environments. Participants walked away with use cases for how they can improve visibility and automate detection and response within their own organizations.
2. Measuring and communicating success of security programs is more necessary than ever
We heard it emphasized in multiple sessions: finding metrics that properly communicate the value and status of a security program is a top-of-mind initiative for security leaders.
ReliaQuest COO, Colin O’ Connor, led a session titled, “Measuring Visibility: The Next Generation of Security Metrics,” in which he reviewed some of the latest metrics that CISOs are using to articulate the value and maturity of their security programs, particularly ways to measure risk, team performance, and tool efficacy. Some strategies CISOs are using to communicate value include benchmarking against past performance or peers, mapping to industry frameworks, and adding a monetary value to risk.
In a panel hosted by ReliaQuest Director of Service Delivery, Lauren Potter, and Manager of Service Delivery, Tricia Hoyt, a few leading CISOs dove into how they’re measuring the effectiveness of tools at their organizations. One piece of advice we took away from this session is to think of your security metrics from a business – not tool-centric – perspective, as this can help you gain support from the board, justify your budget, and ultimately maximize the effectiveness of your tools.
3. ReliaQuest GreyMatter’s innovative capabilities will be critical in helping security teams optimize their security models
As we’ve noted, metrics to help validate and optimize your security controls are a must-have going into 2020. One way to achieve this is through continual threat testing and cyber assurance.
At RQP3 2020, we provided attendees with a sneak-peek into ReliaQuest’s innovative capability for cyber assurance. Earlier this year, ReliaQuest acquired Threatcare and has been working on integrating Threatcare’s attack simulation capabilities into the ReliaQuest GreyMatter platform, with plans to make it available to customers later this year.
Marcus Carey, ReliaQuest Enterprise Architect and former founder and CEO of Threatcare, explained the value of continual validation and ReliaQuest’s unique approach to this in the session, “Cyber Assurance and the Future of Continual Testing and Validation.” Joined by ReliaQuest Director of Threat Management, Casey Martin, the two led us through ways in which the integrated capability set will provide validation of controls, content, and workflows to leadership, allowing for proactive improvements for security programs. Acting as part of the holistic GreyMatter platform, this capability will work with GreyMatter’s Hunt, Investigate, and Automate capabilities, allowing security teams to continually increase visibility and automate detection and response.
Security is a team sport
Since the focus of RQP3 was on improving outcomes, attendees had the chance to see how GreyMatter could integrate with their existing SIEM, EDR, multi-cloud and third-party applications, with technology integrations expected to grow to 100 by the end of 2020. ReliaQuest technical experts were available to answer product-specific questions and explain how GreyMatter provides transparency and expedites threat discovery, qualification, and containment.
Not only did attendees have the chance to demo and try out GreyMatter for themselves at the RQ Bar, they also had access to ReliaQuest University courses, including the very first hands-on training of our GreyMatter platform.
ReliaQuest fortifies the world’s most trusted brands against cyber threats with GreyMatter, its platform for proactive security model management. GreyMatter increases enterprise visibility while automating threat detection and response. It does this by unifying and integrating existing SIEM, EDR, multi-cloud, and third-party apps, to deliver a centralized, transparent view across the environment. The platform’s analytics provide actionable reporting and metrics that measure ongoing improvement of the security model, so teams can recognize and communicate success across the enterprise.