Alternatives to Google Threat Intelligence
Compare Google Threat Intelligence alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Google Threat Intelligence in 2026. Compare features, ratings, user reviews, pricing, and more from Google Threat Intelligence competitors and alternatives in order to make an informed decision for your business.
-
1
SOCRadar provides a unified, cloud-hosted platform designed to enrich your cyber threat intelligence by contextualizing it with data from your attack surface, digital footprint, dark web exposure, and supply chain. We help security teams see what attackers see by combining External Attack Surface Management, Cyber Threat Intelligence, and Digital Risk Protection into a single, easy-to-use solution. This enables your organization to discover hidden vulnerabilities, detect data leaks, and shut down threats like phishing and brand impersonation before they can harm your business. By combining these critical security functions, SOCRadar replaces the need for separate, disconnected tools. Our holistic approach offers a streamlined, modular experience, providing a complete, real-time view of your threat landscape to help you stay ahead of attackers.
-
2
Kroll Cyber Risk
Kroll
We are the world incident response leader. Merging complete response capabilities with frontline threat intelligence from over 3000 incidents handled per year and end-to-end expertise we protect, detect and respond against cyberattacks. For immediate assistance, contact us today. Tackle every facet of today and tomorrow’s threat landscape with guidance from Kroll’s Cyber Risk experts. Enriched by frontline threat intel from 3000+ incidents cases every year, our end-to-end cyber risk solutions help organizations uncover exposures, validate the effectiveness of their defenses, implement new or updated controls, fine-tune detections and confidently respond to any threat. Get access to a wide portfolio of preparedness, resilience, detection and response services with a Kroll Cyber Risk retainer. Get in touch for more info. -
3
CrowdStrike Falcon
CrowdStrike
CrowdStrike Falcon is a cloud-native cybersecurity platform that provides advanced protection against a wide range of cyber threats, including malware, ransomware, and sophisticated attacks. It leverages artificial intelligence (AI) and machine learning to detect and respond to threats in real time, offering endpoint protection, threat intelligence, and incident response capabilities. The platform uses a lightweight agent that continuously monitors endpoints for signs of malicious activity, providing visibility and protection without significant impact on system performance. Falcon’s cloud-based architecture ensures fast updates, scalability, and rapid threat response across large, distributed environments. Its comprehensive security features help organizations prevent, detect, and mitigate potential cyber risks, making it a powerful tool for modern enterprise cybersecurity. -
4
scoutTHREAT
LookingGlass Cyber Solutions
Cybersecurity is continuously evolving—both threat actor methods and security practitioner defense. Continuously adjusting to these evolving Tactics, Techniques, and Procedures (TTPs) is a challenge to even the most advanced security operations. Collecting high-quality intelligence is not enough—security teams must be able to contextualize, process, and put into practice the intelligence it ingests in order to protect their organization. As the volume of intelligence increases, your organization needs a scalable cybersecurity threat management platform. Automation and higher workflow reduces the need for costly analysts and team members, without compromising the efficacy of your cybersecurity program. Conceived by Goldman Sachs, scoutTHREAT is a Threat Intelligence Platform (TIP) that enables your cybersecurity program to identify threats before impact. -
5
Group-IB Threat Intelligence
Group-IB
Defeat threats efficiently and identify attackers proactively with a revolutionary cyber threat intelligence platform by Group-IB. Capitalize on your threat intelligence insights with Group-IB’s platform. Group-IB Threat Intelligence provides unparalleled insight into your adversaries and maximizes the performance of every component of your security with strategic, operational, and tactical intelligence. Maximize known and unlock hidden values of intelligence with our threat intel platform. Understand threat trends and anticipate specific cyber attacks with thorough knowledge of your threat landscape. Group-IB Threat Intelligence provides precise, tailored, and reliable information for data-driven strategic decisions. Strengthen defenses with detailed insight into attacker behaviors and infrastructure. Group-IB Threat Intelligence delivers the most comprehensive insight into past, present, and future attacks targeting your organization, industry, partners, and clients. -
6
CrowdStrike Falcon Adversary Intelligence
CrowdStrike
CrowdStrike Falcon® Adversary Intelligence provides cutting-edge threat intelligence to help organizations proactively identify and mitigate cyber threats. With access to over 250 adversary profiles, dark web monitoring, and real-time threat intelligence, businesses can strengthen their defense and accelerate response times. This platform integrates seamlessly into existing security operations, offering automated threat modeling, sandbox analysis, and the ability to automate security workflows. CrowdStrike Falcon® empowers organizations to stay ahead of emerging threats with comprehensive insights into adversary tactics, techniques, and procedures. -
7
Silent Push
Silent Push
Silent Push reveals adversary infrastructure, campaigns, and security problems by searching across the most timely, accurate and complete Threat Intelligence dataset available. Defenders can focus on stopping threats before they cause a problem and significantly improve their security operations across the entire attack chain whilst simultaneously reducing operational complexity. The Silent Push platform exposes Indicators of Future Attack (IOFA) by applying unique behavioral fingerprints to attacker activity and searching our dataset. Security teams can identify new impending attacks, rather than relying upon out-of-date IOCs delivered by legacy threat intelligence. Our solutions include: Proactive Threat Hunting - Identify and track malicious infrastructure before it’s weaponized. Brand & Impersonation - Protect your brand from phishing, malvertisement, and spoofing attacks. IOFA Early Detection Feeds - Monitor global threat activity with proactive intelligence.Starting Price: $100/month -
8
Cyble
Cyble
Cyble is a leading AI-native cybersecurity platform that delivers intelligence-driven defense to help organizations stay ahead of evolving cyber threats. Powered by its Gen 3 Agentic AI, Cyble offers autonomous threat detection, real-time incident response, and proactive defense mechanisms. The platform provides comprehensive capabilities including attack surface management, vulnerability management, brand protection, and dark web monitoring. Trusted by governments and enterprises worldwide, Cyble combines unmatched visibility with scalable technology to keep security teams ahead of adversaries. With advanced AI that can predict threats months in advance, Cyble helps reduce response times and minimize risks. The company also offers extensive research, threat intelligence reports, and personalized demos to support customer success. -
9
Cyware
Cyware
Cyware is the only company building Virtual Cyber Fusion Centers enabling end-to-end threat intelligence automation, sharing, and unprecedented threat response for organizations globally. Cyware offers a full-stack of innovative cyber fusion solutions for all-source strategic, tactical, technical and operational threat intelligence sharing & threat response automation. Cyware’s Enterprise Solutions are designed to promote secure collaboration, inculcate cyber resilience, enhance threat visibility and deliver needed control by providing organizations with automated context-rich analysis of threats for proactive response without losing the element of human judgment. Cyware solutions are pushing the boundaries of current security paradigms by utilizing advances in Machine Learning, Artificial Intelligence, Security Automation & Orchestration technologies to empower enterprises in adapting to the evolving threat landscape. -
10
ThreatMon
ThreatMon
ThreatMon is an AI-powered cybersecurity platform that combines comprehensive threat intelligence with cutting-edge technology to proactively identify, analyze, and mitigate cyber risks. It provides real-time insights across a wide range of threat landscapes, including attack surface intelligence, fraud detection, and dark web monitoring. The platform offers deep visibility into external IT assets, helping organizations uncover vulnerabilities and defend against emerging threats such as ransomware and APTs. With tailored security strategies and continuous updates, ThreatMon enables businesses to stay ahead of evolving cyber risks, enhancing their overall cybersecurity posture and resilience. -
11
Interpres
Interpres
Interpres is a threat-informed defense surface management platform that fuses and operationalizes prioritized adversarial techniques, tactics, and procedures with your unique threat profile, your unique security stack, and finished intelligence to identify coverage gaps, prioritize actions, optimize defenses and reduce risk. For too long, security leaders have been trying to defend everything without understanding the adversaries’ tradecraft, resulting in waste, inefficiency, and suboptimal defenses. For too long, you have been consuming telemetry without understanding its value while incurring all of its costs. Optimize your security stack to defend against prioritized threats targeting you. Execute clear, prioritized actions to tune, configure, and optimize your defense surface against prioritized threats. Holistically know your threat coverage from the endpoint to the cloud. Continuously monitor and systematically improve security posture. -
12
Vigilante Operative
Vigilante
Cyber threats are proliferating at an alarming rate and often result in data exfiltration, network infiltration, data loss, account activity takeover, compromised customer data and reputational damage to an organization. As threat actors become more aggressive and malicious, the burden on IT security professionals becomes greater, especially with tight budgets and limited resources. As these threats become overwhelming, it is more challenging for organizations to gain the upper hand. Operative is our advanced threat intelligence hunting service for enterprise organizations. Vigilante lives within the dark web community to remain ahead of emerging threats, enabling deeper visibility and providing a continuous feedback loop of insight into exposures such as: Third-party risk and exposure, leaked or stolen data, malicious campaigns, attack vectors. -
13
CleanINTERNET
Centripetal
While traditional cybersecurity solutions remediate threats as they emerge, CleanINTERNET® shields against threats proactively, preventing them from reaching your network in the first place. The largest collection of high-confidence, high-fidelity commercial threat intelligence in the world, is operationalized so your defenses adapt and defend in parallel with the threat landscape. Applying over 100 billion indicators of compromise from real-time intelligence feeds, updated every 15 minutes, to protect your network. The fastest packet filtering technology on the planet is integrated at your network’s edge with no latency, enabling the use of billions of threat indicators so malicious threats are dynamically blocked from entering your network. Highly skilled analysts augmented by AI technology monitor your network, providing automated shielding based on real-time intelligence, and validated by human expertise. -
14
Mandiant Managed Defense
Google
Amplify your team and elevate your security with managed detection and response (MDR) services delivered by experts with years of frontline experience and backed by nation-grade threat intelligence. Identify, investigate and prioritize alerts in context so you can focus on threats that matter. Respond to attacks before they disrupt your business with the collective knowledge and experience of Mandiant. Gain dedicated experts to train, advise and elevate your program. Managed Defense knows more about attacker behavior and uses that knowledge to protect against advanced threats. We focus on the attacker tactics, techniques and procedures to reduce the average dwell time of a strategic ransomware actor from 72 days to 24 hours or less. Augment your defenses with a managed detection and response service backed by both Mandiant Threat Intelligence and Incident Response. Managed Defense includes standard and unique features to protect from stealthy and damaging attacks. -
15
Lumen Adaptive Threat Intelligence
Lumen Technologies
Adaptive Threat Intelligence helps security specialists quickly neutralize threats before they attack. Leveraging our global network visibility, we provide high-fidelity intelligence correlated to your IP addresses, combined with Rapid Threat Defense to proactively stop threats and simplify security. Automated validation technology developed and deployed by Black Lotus Labs tests newly discovered threats and validates the fidelity of our threat data, minimizing false positives. Rapid threat defense automated detection and response capabilities block threats based on your risk tolerance. Comprehensive virtual offering eliminates the need to deploy or integrate devices and data, and provides a single escalation point. Easy-to-use security portal, mobile app, API feed and customizable alerts that allow you to manage threat visualization and response with context-rich reports and historical views. -
16
Unit 42
Unit 42
As the threat landscape changes and attack surfaces expand, security strategies must evolve. Our world-renowned incident response team and security consulting experts will guide you before, during, and after an incident with an intelligence-driven approach. Proactively assess and test your controls against real-world threats targeting your organization, then communicate your security risk posture to your board and key stakeholders. Improve your business resilience with a threat-informed approach to breach preparedness and tighter alignment across your people, processes, technology, and governance. Deploy Unit 42 incident response experts to quickly investigate, eradicate and remediate even the most advanced attacks, working in partnership with your cyber insurance carrier and legal teams. As threats escalate, we act as your cybersecurity partner to advise and strengthen your security strategies. -
17
Real-time monitoring and analysis allowing you to quickly prioritize, investigate, and respond to hidden threats. A central view of potential threats with built-in workflows removes the complexity of threat protection. Be ready anytime for the audit with automated compliance. Get greater transparency monitoring users, applications, networks and devices. Data correlated and enriched to deliver purposeful intelligence on the threat and how to mitigate. Real-time threat identification and response powered by advanced threat intelligence reduces lead time to protect against threats such as phishing, insider threats, data exfiltration and Distributed Denial of Service (DDOS) attacks.
-
18
ThreatStream
Anomali
Anomali ThreatStream is a Threat Intelligence Platform that aggregates threat intelligence from diverse sources, provides an integrated set of tools for fast, efficient investigations, and delivers operationalized threat intelligence to your security controls at machine speed. ThreatStream automates and accelerates the process of collecting all relevant global threat data, giving you the enhanced visibility that comes with diversified, specialized intelligence sources, without increasing administrative load. Automates threat data collection from hundreds of sources into a single, high fidelity set of threat intelligence. Improve your security posture by diversifying intelligence sources without generating administrative overhead. Easily try and buy new sources of threat intelligence via the integrated marketplace. Organizations rely on Anomali to harness the power of threat intelligence to make effective cybersecurity decisions that reduce risk and strengthen defenses. -
19
Proofpoint Emerging Threat (ET) Intelligence
Proofpoint
Proofpoint ET Intelligence delivers the most timely and accurate threat intelligence. Our fully verified intel provides deeper context and integrates seamlessly with your security tools to enhance your decision-making. Knowing what types of threats exist is no longer enough to protect your people, data, and brand. Emerging Threat (ET) intelligence helps prevent attacks and reduce risk by helping you understand the historical context of where these threats originated, who is behind them, when have they attacked, what methods they used, and what they're after. Get on-demand access to current and historical metadata on IPs, domains, and other related threat intelligence to help research threats and investigate incidents. In addition to reputation intel, you get condemnation evidence, deep context, history, and detection information. It's all searchable in an easy-to-use threat intelligence portal that includes: Trends and timestamps of when a threat was seen and the associated category. -
20
Group-IB Unified Risk Platform
Group-IB
The Unified Risk Platform strengthens security by identifying the risks your organization faces. The platform automatically configures your Group-IB defenses with the precise insights required to stop attacks by threat actors, thereby making it less likely that an attack will be successful. Group-IB's platform monitors threat actors at all times in order to detect advanced attacks and techniques. The Unified Risk Platform quickly and accurately identifies early warning signs before attacks develop, fraud occurs or your brand is damaged, which reduces the risk of undesirable consequences. The Unified Risk Platform counters threat actors with insight into their modus operandi. The platform leverages a variety of solutions and techniques to stop attacks that target your infrastructure, endpoints, brand and customers, reducing the risk that an attack will cause disruption or recur. -
21
AT&T Managed Threat Detection and Response protect your organization with 24x7 security monitoring from AT&T Cybersecurity powered by our award-winning USM platform and AT&T Alien Labs™ threat intelligence. 24x7 proactive security monitoring and investigation from the AT&T SOC. Our expert SOC analysts leverage our decades of managed security expertise to help you to protect your business by monitoring and disrupting advanced threats around the clock. Built on Unified Security Management (USM) with multiple security capabilities in one unified platform, we go beyond other MDR services to provide centralized security visibility across your cloud, networks, and endpoints, enabling early, effective detection and a rapid time to deployment. Powered by AT&T Alien Labs threat intelligence with unrivaled visibility of the AT&T IP backbone, global USM sensor network, and the Open Threat Exchange (OTX), AT&T Alien Labs delivers continuous, tactical threat intelligence to the USM platform.Starting Price: $6,695 per month
-
22
Palo Alto Networks AutoFocus
Palo Alto Networks
Tomorrow's operations depend on unrivaled threat intelligence, today. Power up investigation, prevention and response with AutoFocus. Palo Alto Networks, provider of the industry-leading next-generation firewall, has made the world’s highest-fidelity repository of threat intelligence, sourced from the largest network of sensors, available for any team or tool to consume. AutoFocus™ contextual threat intelligence service is your one-stop shop for threat intelligence. Your teams will receive instant understanding of every event with unrivaled context from Unit 42 threat researchers, and you can embed rich threat intelligence in analyst’s existing tools to significantly speed investigation, prevention, and response. Get unique visibility into attacks crowdsourced from the industry’s largest footprint of network, endpoint, and cloud intel sources. Enrich every threat with the deepest context from worldrenowned Unit 42 threat researchers. -
23
Binary Defense
Binary Defense
To prevent breaches, you need complete cybersecurity protection. It takes a 24×7 security team to monitor, detect and respond to threats. Take the cost and complexity out of cybersecurity by extending your team and expertise. Our Microsoft Sentinel experts get your team deployed, monitoring, and responding faster than ever while our SOC Analysts and Threat Hunters always have your teams back. Guard the weakest points in your network – your laptops, desktops and servers. We provide advanced endpoint protection and system management. Gain comprehensive, enterprise-level security. We deploy, monitor and tune your SIEM with around-the-clock protection from our security analysts. Be proactive with your cybersecurity. We detect and thwart attackers before they strike by hunting for threats where they live. Identify unknown threats and prevent attackers from evading existing security defenses with proactive threat hunting. -
24
Learn what a digital risk protection solution is and how it can help you be better prepared by understanding who is targeting you, what they’re after, and how they plan to compromise you. Google Digital Risk Protection delivers a broad digital risk protection solution either via stand-alone self-managed SaaS products or a comprehensive service. Both options give security professionals visibility outside their organization, the ability to identify high-risk attack vectors, malicious orchestration from the deep and dark web, and attack campaigns on the open web. The Google Digital Risk Protection solution also provides contextual information on threat actors and their tactics, techniques, and procedures to provide a more secure cyber threat profile. Gain visibility into risk factors impacting the extended enterprise and supply chain by mapping your attack surface and monitoring deep and dark web activity.
-
25
OpenCTI
Filigran
OpenCTI is an open source threat intelligence platform developed by Filigran, designed to help organizations collect, correlate, and leverage threat data at strategic, operational, and tactical levels. It provides a consolidated view of threat data from multiple sources, transforming raw data into actionable insights. It features a sophisticated knowledge hypergraph database, fully compliant with STIX standards, enabling deep context and relationships within threat intelligence. OpenCTI offers comprehensive visualizations and analytics, facilitating comparison and investigation within the knowledge graph. It integrates both technical and non-technical information into a unified system, linking each piece of threat intelligence to its original source for a complete analytical perspective. It also includes powerful case management capabilities, enhancing threat detection and response by centralizing incident-related data and fostering real-time collaboration. -
26
VulnCheck
VulnCheck
Unprecedented visibility into the vulnerable ecosystem from the eye of the storm. Prioritize response and finish taking action before the attacks occur. Early access to new vulnerability information not found in the NVD along with dozens of unique fields. Real-time monitoring of exploit PoCs; exploitation timelines; ransomware, botnet, and APT/threat actor activity. In-house developed exploit PoCs, packet captures to defend against initial access vulnerabilities. Integrate vulnerability assessment into existing asset inventory systems, anywhere package URLs or CPE strings are present. Explore VulnCheck, a next-generation cyber threat intelligence platform, which provides exploit and vulnerability intelligence directly into the tools, processes, programs, and systems that need it to outpace adversaries. Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't. -
27
Trellix Helix Connect
Trellix
To protect against advanced threats, organizations need to integrate their security and apply the right expertise and processes. Trellix Helix Connect is a cloud-hosted security operations platform that allows organizations to take control of any incident from alert to fix. Gain comprehensive visibility and control across your entire enterprise by collecting, correlating and analyzing critical data for meaningful threat awareness. Easily integrate security functions without extensive and costly cycles. Make informed and efficient decisions with contextual threat intelligence. Detect advanced threats with machine learning, AI and integrated real-time cyber intelligence. Gain critical context into who is targeting your organization and why. With a smart and adaptive platform, you can predict and prevent emerging threats, identify root causes and respond in real time. -
28
NESCOUT Cyber Threat Horizon
NESCOUT
NETSCOUT Cyber Threat Horizon is a real-time threat intelligence platform designed to provide visibility into the global cyber threat landscape, including DDoS attack activity. Leveraging data from NETSCOUT's ATLAS (Active Threat Level Analysis System), it offers insights into traffic anomalies, attack trends, and malicious activities observed across the internet. The platform empowers organizations to detect potential threats early by providing interactive visualizations, historical data analysis, and geolocation-based attack mapping. With its ability to track emerging threats and DDoS events as they unfold, NETSCOUT Cyber Threat Horizon is an invaluable tool for network administrators and security professionals seeking to enhance situational awareness and preemptively address risks. -
29
ATLAS Intelligence Feed (AIF)
NETSCOUT
NETSCOUT ATLAS Intelligence Feed (AIF) is an AI-powered threat intelligence service designed to strengthen adaptive DDoS protection. It delivers deterministically accurate, real-time threat intelligence based on NETSCOUT’s global visibility across a massive portion of internet traffic. The platform monitors hundreds of terabits per second of live traffic from thousands of networks worldwide to identify active threats. AIF automatically arms NETSCOUT Arbor DDoS protection products with up-to-date attack tactics, indicators of compromise, and malicious source intelligence. This automation enables faster, more accurate mitigation of inbound DDoS attacks without relying on manual intervention. The intelligence feed also helps block scanning, brute-force attempts, and outbound malicious traffic missed by traditional security stacks. By continuously adapting defenses as attacks evolve, ATLAS Intelligence Feed helps organizations maintain network availability and resilience. -
30
HivePro Uni5
HivePro
The Uni5 platform elevates traditional vulnerability management to holistic threat exposure management by identifying your enterprises' likely cyber threats, fortifying your weakest controls, and eliminating the vulnerabilities that matter most to reduce your enterprise risks. Minimizing your threat exposure and outmaneuvering cybercriminals requires enterprises to know their terrain, and the attacker’s perspective well. HiveUni5 platform provides wide asset visibility, actionable threat, and vulnerability intelligence, security controls testing, patch management, and in-platform, cross-functional collaboration. Close the loop on risk management with auto-generated strategic, operational, and tactical reports. HivePro Uni5 supports over 27 well-known asset management, ITSM, vulnerability scanners, and patch management tools out of the box, allowing organizations to utilize their existing investments. -
31
Secure Malware Analytics (formerly Threat Grid) combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware. With a robust, context-rich malware knowledge base, you will understand what malware is doing, or attempting to do, how large a threat it poses, and how to defend against it. Secure Malware Analytics rapidly analyzes files and suspicious behavior across your environment. Your security teams get context-rich malware analytics and threat intelligence, so they’re armed with insight into what a file is doing and can quickly respond to threats. Secure Malware Analytics analyzes the behavior of a file against millions of samples and billions of malware artifacts. Secure Malware Analytics identifies key behavioral indicators of malware and their associated campaigns. Take advantage of Secure Malware Analytics's robust search capabilities, correlations, and detailed static and dynamic analyses.
-
32
Proofpoint Identity Threat Defense
Proofpoint
In an ever-changing hybrid world, your organization depends on its employees, their virtual identities, and the endpoints they operate on to build and protect its assets. Threat actors have found unique ways to move laterally across your cloud environments by exploiting such identities. You need an innovative and agentless identity threat detection and response solution to discover and remediate modern identity vulnerabilities—a key part of today’s attack chain. Proofpoint Identity Threat Defense, previously Illusive, gives you comprehensive prevention and visibility across all your identities so you can remediate identity vulnerabilities before they become real risks. You can also detect any lateral movements in your environments and activate deception to ensure threat actors are stopped in action before they gain access to your corporate assets. It doesn’t get better than knowing you can prevent modern identity risks and stop real-time identity threats in action, all in one place. -
33
Advanced protection to safeguard your inboxes. Email is still the No. 1 threat vector. Expand the scope of your defenses to detect dangerous threats and rapidly respond to and remediate new threats in real time. Identify the malicious techniques used in attacks targeting your organization. Understand the specific business risks and categorize threats to gain insight into the parts of your organization that are most vulnerable to attack. AI-driven threat detection uses multiple detection engines to simultaneously evaluate different portions of an incoming email. These verdict details help ensure accurate threat classification, identify business risk, and promote an appropriate response action. Threats come from numerous sources: phishing, business email compromise, malware, and ransomware. Defend against all of them with industry-leading threat intelligence that empowers you to act quickly.
-
34
NetWitness
NetWitness
NetWitness Platform brings together evolved SIEM and threat defense solutions that deliver unsurpassed visibility, analytics and automated response capabilities. These combined capabilities help security teams work more efficiently and effectively, up-leveling their threat hunting skills and enabling them to investigate and respond to threats faster, across their organization’s entire infrastructure—whether in the cloud, on premises or virtual. Gives security teams the visibility they need to detect sophisticated threats hiding in today’s complex, hybrid IT infrastructures. Analytics, machine learning, and orchestration and automation capabilities make it easier for analysts to prioritize and investigate threats faster. Detects attacks in a fraction of the time of other platforms and connects incidents to expose the full attack scope. NetWitness Platform accelerates threat detection and response by collecting and analyzing data across more capture points. -
35
The IronNet Collective Defense Platform leverages advanced AI-driven Network Detection and Response (NDR) capabilities to detect and prioritize anomalous activity inside individual enterprise network environments. The platform analyzes threat detections across the community to identify broad attack patterns and provides anonymized intelligence back to all community members in real-time, giving all members early insight into potential incoming attacks. By collaborating in real-time, companies and organizations across sectors can defend industries better, together, by seeing and fighting the same threats. When organizations collaborate to detect, share intelligence, and stop threats together in real time, they form a collective defense community. Discover how IronNet's Collective Defense platform, built on our IronDome and IronDefense products, enables organizations to realize the full benefits of this approach.
-
36
Constella Intelligence
Constella Intelligence
Continuously monitor thousands of data sources across the public, deep & dark web to gain the insights you need to detect and act on emerging cyber-physical threats before damage occurs. And accelerate your investigations by delving deeper into risks threatening your organization. Analyze monikers, enrich information with other datasets, and quickly unmask malicious actors to solve cybercrimes faster. Defending your digital assets against targeted attacks, Constella is powered by a unique combination of unparalleled breadth of data, technology and human expertise from world-class data scientists. Data to link real identity information to obfuscated identities & malicious activity to inform your products and safeguard your customers. Profile threat actors faster with advanced monitoring analysis, automated early warning and intelligence alerts. -
37
alphaMountain Threat Intelligence APIs and Feeds
alphaMountain AI
alphaMountain’s domain and IP threat intelligence powers many of the world’s leading cybersecurity solutions. High-fidelity threat feeds are updated hourly with fresh URL classification, threat ratings and actionable intelligence on over 2 billion hosts including domains and IP addresses. KEY BENEFITS: Get high-fidelity URL classification and threat ratings for any URL from 1.00 to 10.0. Receive fresh categorization and threat ratings updated every hour, syndicated via API or threat feed. See threat factors and other intelligence contributing to threat verdicts. USE CASES: Use threat feeds in your network security products such as secure web gateway, secure email gateway or next-generation firewall. Call the alphaMountain API from your SIEM to investigate threats or from your SOAR to automate responses such as blocking and policy updates. Detect if a URL is suspicious, contains malware, is a phishing site and which of 89 content categories the site belongs to.Starting Price: $300/month -
38
Maltiverse
Maltiverse
Cyber Threat Intelligence made simple for all types of businesses and independent analysts of cybersecurity. Maltiverse Freemium online resource to access aggregated sets of indicators of compromise with full context and history. When you have a cyber security incident and you need context to respond - you can access the database and search for the content manually. You can also connect the customized set of new threats to your Security Systems like SIEM, SOAR, PROXY or Firewall: Ransomware, C&C centers, malicious IP and URLs, Phishing Attacks, Other feeds.Starting Price: $100 per month -
39
C-Prot Threat Intelligence Portal is a powerful web service for providing access to information about cyber threats. C-Prot Threat Intelligence Portal offers the possibility to check different types of suspicious threat indicators such as files, file signatures, IP addresses, or web addresses. In this way, institutions are informed about potential threats and can take necessary precautions. Detect advanced threats using our advanced detection technologies, including dynamic, static, and behavioral analysis, and our global cloud reputation system with the C-Prot Threat Intelligence Portal. Access detailed information on specific malware indicators, as well as the tools, tactics, and attack types used by cyber attackers. Check for different indicators of suspicious threats such as IP address and web address. Understand threat trends and anticipate specific attacks with complete knowledge of your threat environment.Starting Price: Free
-
40
PassiveTotal
RiskIQ
RiskIQ PassiveTotal aggregates data from the whole internet, absorbing intelligence to identify threats and attacker infrastructure, and leverages machine learning to scale threat hunting and response. With PassiveTotal, you get context on who is attacking you, their tools and systems, and indicators of compromise outside the firewall—enterprise and third party. Investigation can go fast, really fast. Find answers quickly with over 4,000 OSINT articles and artifacts. Along with 10+ years of mapping the internet, RiskIQ has the deepest and broadest security intelligence on earth. By absorbing web data like Passive DNS, WHOIS, SSL, hosts and host pairs, cookies, exposed services, ports, components, and code. With curated OSINT and proprietary security intelligence, you can see everything—from every angle—on the digital attack surface. Take charge of your digital presence and combat threats to your organization. -
41
EclecticIQ
EclecticIQ
EclecticIQ enables intelligence-powered cybersecurity for government organizations and commercial enterprises. We develop analyst-centric products and services that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments. Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation, and threat hunting, as well as incident response efforts. And we tightly integrated our solutions with our customers’ IT security controls and systems. EclecticIQ operates globally with offices in Europe, United Kingdom, and North-America, and via certified value-add partners. -
42
ThreatCloud
Check Point Software Technologies
Real-time threat intelligence derived from hundreds of millions of sensors worldwide, enriched with AI-based engines and exclusive research data from the Check Point Research Team. Detects 2,000 attacks daily by unknown threats previously undiscovered. Advanced predictive intelligence engines, data from hundreds of millions of sensors, and cutting-edge research from Check Point Research and external intelligence feed. Up-to-minute information on the newest attack vectors and hacking techniques. ThreatCloud is Check Point’s rich cyber defense database. Its threat intelligence powers Check Point zero-day protection solutions. Mitigate threats 24×7 with award-winning technology, expert analysis and global threat intelligence. In addition, the service provides recommendations for tuning the customer’s threat prevention policies to enhance the customer’s protection against threats. Customers have access to a Managed Security Services Web Portal. -
43
Cyren
Cyren
Cyren Inbox Security is an innovative solution that turns the tables on the phishers and safeguards each and every Office 365 mailbox in your organization against evasive phishing, business email compromise (BEC) and fraud. Continuous monitoring and detection provide early exposure of evasive attack indicators and anomalies. Automated response and remediation for individual mailboxes and across all mailboxes in the organization will take care of the heavy lifting. Our unique crowd-sourced user detection closes the feedback loop on alerts, reinforcing your security training and providing valuable threat intelligence. Comprehensive, multi-dimensional presentation of critical threat characteristics to help analysts understand the evolving threat landscape. Improved threat detection for existing security products such as SIEM and SOAR solutions. -
44
Rapid7 Command Platform
Rapid7
The Command Platform provides attack surface visibility designed to accelerate operations and create a more comprehensive security picture you can trust. Focus on real risks with more complete visibility of your attack surface. The Command Platform allows you to pinpoint security gaps and anticipate imminent threats. Detect and respond to real security incidents across your entire network. With relevant context, recommendations and automation, expertly respond every time. Backed by a more comprehensive attack surface view, the Command Platform unifies endpoint-to-cloud exposure management and detection and response, enabling your team to confidently anticipate threats and detect and respond to cyber attacks. A continuous 360° attack surface view teams can trust to detect and prioritize security issues from endpoint to cloud. Attack surface visibility with proactive exposure mitigation and remediation prioritization across your hybrid environment. -
45
LifeRaft Navigator
Navigator
Consolidate, assess, and investigate intelligence in a single platform. Collect and alert on data relevant to your security operations from social media, deep web, and darknet sources 24/7. Our unified intelligence platform automates collection and filtering, and provides a suite of investigative tools to explore and validate threats. Uncover critical information that impacts the security of your assets and operations. Navigator monitors the internet 24/7 with custom search criteria to detect high-risk threats to your people, assets, and operations from diversified sources. Finding the needle in the haystack is a growing challenge for security operations teams. Navigator provides advanced filtering tools to capture the breadth of the online threat landscape. Uncover, explore, and use a variety of sources to validate intelligence related to threat actors, events, and special interest projects or security issues. -
46
Seqrite HawkkHunt
Seqrite
Stop the most sophisticated hidden threats and adversaries efficiently with unified visibility, and powerful analytics using Seqrite HawkkHunt Endpoint Detection and Response (EDR). Gain complete visibility through robust and real-time intelligence from a single dashboard. Proactive threat hunting process to detect threats, and perform in-depth analysis to block breaches. Simplify alerts, data ingestion, and standardization from a single platform to respond to attacks faster. Get deep visibility and high efficacy, actionable detection to rapidly uncover and contain advanced threats lurking in the environment. Get unparalleled end-to-end visibility through advanced threat hunting mechanisms under one consolidated view across security layers. Intelligent EDR automatically detects lateral movement attacks, zero-day attacks, advanced persistent threats, and living off-the-land attacks. -
47
FortiGate NGFW
Fortinet
High threat protection performance with automated visibility to stop attacks. FortiGate NGFWs enable security-driven networking and consolidate industry-leading security capabilities such as intrusion prevention system (IPS), web filtering, secure sockets layer (SSL) inspection, and automated threat protection. Fortinet NGFWs meet the performance needs of highly scalable, hybrid IT architectures, enabling organizations to reduce complexity and manage security risks. FortiGate NGFWs are powered by artificial intelligence (AI)-driven FortiGuard Labs and deliver proactive threat protection with high-performance inspection of both clear-text and encrypted traffic (including the industry’s latest encryption standard TLS 1.3) to stay ahead of the rapidly expanding threat landscape. FortiGate NGFWs inspect traffic as it enters and leaves the network. These inspections happen at an unparalleled speed, scale, and performance and prevent everything from ransomware to DDoS attacks. -
48
Bitdefender Advanced Threat Intelligence
Bitdefender
Fueled by the Bitdefender Global Protective Network (GPN), Bitdefender Advanced Threat Intelligence collects data from sensors across the globe. Our Cyber-Threat Intelligence Labs correlate hundreds of thousands of Indicators of Compromise and turn data into actionable, real-time insights. By delivering our top-rated security data and expertise directly to businesses and Security Operations Centers, Advanced Threat Intelligence bolsters security operations success with one of the industry’s broadest and deepest bases of real-time knowledge. Improve threat-hunting and forensic capabilities with contextual, actionable threat indicators on IPs, URLs, domains and files known to harbor malware, phishing, spam, fraud and other threats. Decrease time to value by seamlessly integrating our platform-agnostic Advanced Threat Intelligence services into your security architecture, including SIEM, TIP and SOAR. -
49
ESET Inspect
ESET
ESET Inspect is an advanced endpoint detection and response (EDR) tool designed by ESET to provide comprehensive visibility, threat detection, and incident response capabilities for businesses. It helps organizations identify, investigate, and mitigate sophisticated cyber threats that bypass traditional security measures. ESET Inspect monitors endpoint activities in real time, using behavioral analysis, machine learning, and threat intelligence to detect suspicious behavior, anomalies, and potential security breaches. It integrates seamlessly with ESET’s endpoint protection platform, providing a unified view of network security and enabling security teams to respond quickly to threats through automated or manual actions. With features like threat hunting, detailed reporting, and customizable alerts, ESET Inspect empowers businesses to enhance their cybersecurity defenses and proactively address potential vulnerabilities. -
50
Netcraft
Netcraft
Netcraft is a global leader in brand impersonation detection, disruption, and takedown solutions. Its Digital Risk Protection (DRP) platform provides a comprehensive, automated defense across the entire external threat landscape. By combining decades of internet infrastructure expertise with cutting-edge artificial intelligence, Netcraft ensures brands are protected with unmatched speed, accuracy, and scale. Netcraft's online brand protection capabilities extend across detection, monitoring, disruption, and enforcement, delivering operational value at scale. Capabilities include: - Detection 100+ categories of digital threats, including phishing, brand impersonation, and fake social media profiles. - Takedown processes supported by automation and established infrastructure relationships. - Advanced brand monitoring and reporting that integrate seamlessly into enterprise workflows. - Proven ability to reduce the availability of active threats and preserve customer trust.
