New release helps security leaders move beyond assumptions and static assessments with a real-time view of risk grounded in financial impact.
Arlington, VA – October 1, 2025 – ThreatConnect, the leader in threat and risk-informed cyber defense, today announced the launch of Risk Quantifier (RQ) 9.0, the first platform to deliver a Continuous Controls Monitoring (CCM) capability that automatically measures control effectiveness, maps it to attacker behaviors, and ties it to real-time financial exposure.
With RQ 9.0, security teams can move beyond assumptions and quarterly snapshots to answer the questions that matter most: How well are we defended right now? What are we exposed to? What would it cost the business if we don’t act?
RQ 9.0 also supports core phases of the emerging Continuous Threat Exposure Management (CTEM) framework by continuously identifying exposures, validating their impact, and enabling prioritized, measurable remediation.
“RQ 9.0 brings defensibility, clarity, and speed to security decision-making,” said Balaji Yelamanchili, CEO at ThreatConnect. “It empowers leaders to cut through the noise, continuously monitor risk posture, and tie every cyber decision to tangible business impact.”
What’s New in RQ 9.0?
RQ 9.0 delivers four key advancements that set a new standard in cyber risk quantification:
- Continuous Controls Monitoring (CCM): RQ 9.0 automatically ingests telemetry from across the security stack to measure the effectiveness of current defenses against active threats right now – no manual data pulls, no assumptions.
- MITRE Technique-Level Financial Modeling: Every control gap is linked to a financially based risk estimate at the attacker behavior level. This enables financially prioritized actions to be aligned with the MITRE ATT&CK framework.
- Unified Risk View: The new Global Mitigations Dashboard provides a dynamic snapshot of enterprise-wide security coverage, showing which techniques are blocked, which assets are at risk, and what needs action, all in one place.
- Contextualized Threat Intelligence: RQ 9.0 uniquely integrates bespoke, relevant threat intel (not generic feeds) into CCM analytics, ensuring defenses are validated against the threats that matter most to your environment.
Together, these capabilities create an actionable, continuously evolving model of cyber risk, grounded in real-time information from your environment.
Why It Matters
Unlike tools that rely on static snapshots, manual inputs, or siloed metrics, RQ 9.0 delivers:
- Dynamic, Evidence-Based Decision Making: Recommendations evolve automatically based on live telemetry from your environment, not outdated reports or assumed data.
- Contextual Threat Intelligence: RQ 9.0 applies bespoke threat intelligence to focus defenses on relevant adversary behaviors, turning generic data into tailored, defensible action.
- Automated, Financially Prioritized Remediation: RQ 9.0 continuously maps attacker techniques to real-time control performance, so teams can focus where risk is highest, supporting key stages of the CTEM lifecycle.
- Unified Risk Intelligence Across Teams: A single, shared view connects technical controls, threat activity, and financial exposure, from the SOC to the C-suite.
RQ 9.0 doesn’t just show you where you’re vulnerable; it shows which actions provide you the most significant risk mitigations.
Why Now?
With shrinking budgets, rising threats, and escalating accountability, security leaders need:
- Continuous alignment between threats, controls, and business risk
- To maximize existing security control investments by optimizing configurations to reduce exposure to real threats
- Justification for budget requests grounded in live financial exposure
- Real-time metrics for board and regulatory reporting
- A practical path to fulfilling the most critical phases of CTEM: Prioritization, validation, and mobilization, without standing up another platform.
“RQ 9.0 is the first platform to close the loop between threat activity, defensive posture, and financial impact, and to do it continuously,” said Jerry Caponera, GM of Risk Quantification at ThreatConnect.
Learn more about ThreatConnect RQ 9.0
About ThreatConnect
ThreatConnect enables defenders to continuously manage threat exposure and improve cyber resilience. Our threat and risk-informed defense products help more than 250 global enterprises contextualize threats, prioritize decisions based on business impact, and take rapid, confident action. The platform unites threat intelligence, risk quantification, and security operations into a single intelligence hub.