Alternatives to Leviathan Lotan
Compare Leviathan Lotan alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Leviathan Lotan in 2026. Compare features, ratings, user reviews, pricing, and more from Leviathan Lotan competitors and alternatives in order to make an informed decision for your business.
-
1
ManageEngine Endpoint Central
ManageEngine
ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the entire endpoint lifecycle, all from a single console. With automated patching across Windows, Mac, Linux and 1,000+ third-party applications, it ensures vulnerabilities are mitigated before attackers can exploit them. Its next-gen antivirus (NGAV) feature, powered by AI-driven behavioural detection, provides 24/7 protection against ransomware, malware, and zero-day threats. Endpoint Central further strengthens enterprise defenses with a broad set of security capabilities, including vulnerability assessment and mitigation, peripheral device control, data loss prevention, application control, endpoint privilege management, encryption with FileVault and BitLocker, and browser security. -
2
ManageEngine Log360
Zoho
Detect, investigate, and resolve security incidents and threats using a single, scalable SIEM solution. Log360 provides you with actionable insights and analytics-driven intelligence for real-time security monitoring, advanced threat detection, incident management, and behavioral analytics-based anomaly detection. Built as the bedrock for your SOC, ManageEngine Log360 comes with out-of-the-box correlation and workflow rules, dashboards, reports, and alert profiles to help you address vital security issues with little manual intervention. -
3
ConnectWise SIEM
ConnectWise
ConnectWise SIEM (formerly Perch) offers threat detection and response backed by an in-house Security Operations Center (SOC). Defend against business email compromise, account takeovers, and see beyond your network traffic. Our team of threat analysts does all the tedium for you, eliminating the noise and sending only identified and verified treats to action on. Built with multi-tenancy, ConnectWise SIEM helps you keep clients safe with the best threat intel on the market.Starting Price: $10 per month -
4
SOC Prime Platform
SOC Prime
SOC Prime operates the world’s largest and most advanced platform for collective cyber defense that cultivates collaboration from a global cybersecurity community and curates the most up-to-date Sigma rules compatible with over 28 SIEM, EDR, and XDR platforms. SOC Prime’s innovation, backed by the vendor-agnostic and zero-trust cybersecurity approach, and cutting-edge technology leveraging Sigma language and MITRE ATT&CK® as core pillars are recognized by the independent research companies, credited by the leading SIEM, XDR & MDR vendors, and trusted by 8,000+ organizations from 155 countries, including 42% of Fortune 100, 21% of Forbes Global 2000, 90+ public sector institutions, and 300+ MSSP and MDR providers. Driven by its advanced cybersecurity solutions, Threat Detection Marketplace, Uncoder AI, and Attack Detective, SOC Prime enables organizations to risk-optimize their cybersecurity posture while improving the ROI of their SOC investments. -
5
SecLytics Augur
SecLytics
Conventional TIPs alert you about threats when they are already knocking at your network door. SecLytics Augur uses machine learning to model the behavior of threat actors and create adversary profiles. Augur identifies the build-up of attack infrastructure and predicts attacks with high-accuracy and low false positives before they even launch. These predictions are fed to your SIEM or MSSP via our integrations to automate blocking. Augur builds and monitors a pool of more than 10k adversary profiles, with new profiles identified daily. Augur identifies threats before day zero and levels the playing field by removing the element of surprise. Augur discovers and protects against more potential threats than conventional TIPs. Augur detects the buildup of cybercriminal infrastructure online before attack launch. The behavior of infrastructure acquisition and setup is both systematic and characteristic. -
6
TruKno
TruKno
Keep up with how adversaries are bypassing enterprise security controls based on the latest cyber attack sequences in the wild. Understand cyber attack sequences associated with malicious IP addresses, file hashes, domains, malware, actors, etc. Keep up with the latest cyber threats attacking your networks, your industry/peers/vendors, etc. Understand MITRE TTPs (at a ‘procedure’ level) used by adversaries in the latest cyber attack campaigns so you can enhance your threat detection capabilities. A real-time snapshot of how top malware campaigns are evolving in terms of attack sequences (MITRE TTPs), vulnerability exploitation (CVEs), IOCs, etc. -
7
KELA Cyber Intelligence Platform
KELA Cyber
Automatically uncover your attack surface by leveraging attackers’ perspectives for proactive protection. Neutralize risk by monitoring your case objectives and assets so that your teams can get actionable intelligence that prevents crimes. We help companies proactively detect and remediate relevant cyber threats, reducing manual workload and enhancing cybersecurity ROI. Strengthen nation-state defenses. Access targeted, actionable intelligence for countering diverse cyber threats. Utilize rich on-premises data and expert insights to enhance efficiency, reduce false positives, and streamline threat profiling. Discover your attack surface from the attacker’s view. Analyze the adversary’s perspective of your company. This comprehensive understanding allows you to assess the level of risk your organization faces and to prioritize security measures accordingly. Combat digital fraud involving online payments, refunds, bank cards, loyalty programs, and more. -
8
Netwrix Threat Manager
Netwrix
Threat detection software from Netwrix to detect and respond to abnormal behavior and advanced attacks with high accuracy and speed. IT infrastructures are getting more complex and the volume of sensitive information stored there is skyrocketing. At the same time, the threat landscape is evolving rapidly, with attacks becoming more sophisticated and more costly. Improve your threat management processes and know about anything suspicious happening in your network, whether it’s an external attack or an insider threat, with real-time alerts delivered via email or mobile notifications. Maximize the value of your investments and enhance security across the IT ecosystem by sharing data between Netwrix Threat Manager and your SIEM and other security solutions. Respond immediately upon threat detection by taking advantage of the extensive catalog of preconfigured response actions, or by integrating Netwrix Threat Manager with your own business processes using PowerShell or webhook facilities. -
9
Binary Defense
Binary Defense
To prevent breaches, you need complete cybersecurity protection. It takes a 24×7 security team to monitor, detect and respond to threats. Take the cost and complexity out of cybersecurity by extending your team and expertise. Our Microsoft Sentinel experts get your team deployed, monitoring, and responding faster than ever while our SOC Analysts and Threat Hunters always have your teams back. Guard the weakest points in your network – your laptops, desktops and servers. We provide advanced endpoint protection and system management. Gain comprehensive, enterprise-level security. We deploy, monitor and tune your SIEM with around-the-clock protection from our security analysts. Be proactive with your cybersecurity. We detect and thwart attackers before they strike by hunting for threats where they live. Identify unknown threats and prevent attackers from evading existing security defenses with proactive threat hunting. -
10
Cyble
Cyble
Cyble is a leading AI-native cybersecurity platform that delivers intelligence-driven defense to help organizations stay ahead of evolving cyber threats. Powered by its Gen 3 Agentic AI, Cyble offers autonomous threat detection, real-time incident response, and proactive defense mechanisms. The platform provides comprehensive capabilities including attack surface management, vulnerability management, brand protection, and dark web monitoring. Trusted by governments and enterprises worldwide, Cyble combines unmatched visibility with scalable technology to keep security teams ahead of adversaries. With advanced AI that can predict threats months in advance, Cyble helps reduce response times and minimize risks. The company also offers extensive research, threat intelligence reports, and personalized demos to support customer success. -
11
ACSIA
DKSU4Securitas Ltd
ACSIA it is a ‘post-perimeter’ security tool which complements a traditional perimeter security model. It resides at the Application or Data layer. It monitors and protects the the platforms (physical/ VM/ Cloud/ Container platforms) where the data is stored which are the ultimate target of every attacker. Most companies secure their enterprise to ward off cyber adversaries by using perimeter defenses and blocking known adversary indicators of compromise (IOC). Adversary pre-compromise activities are largely executed outside the enterprise’s field of view, making them more difficult to detect. ACSIA is focused on stopping cyber threats at the pre attack phase. It is a hybrid product incorporating a SIEM (Security Incident and Event Management), Intrusion Detection Systems (IDS) Intrusion Prevention Systems (IPS), Firewall and much more. - Built for linux environments - Also monitors Windows servers - Kernel Level monitoring - Internal Threat detectionStarting Price: Depends on number of servers -
12
Group-IB Threat Intelligence
Group-IB
Defeat threats efficiently and identify attackers proactively with a revolutionary cyber threat intelligence platform by Group-IB. Capitalize on your threat intelligence insights with Group-IB’s platform. Group-IB Threat Intelligence provides unparalleled insight into your adversaries and maximizes the performance of every component of your security with strategic, operational, and tactical intelligence. Maximize known and unlock hidden values of intelligence with our threat intel platform. Understand threat trends and anticipate specific cyber attacks with thorough knowledge of your threat landscape. Group-IB Threat Intelligence provides precise, tailored, and reliable information for data-driven strategic decisions. Strengthen defenses with detailed insight into attacker behaviors and infrastructure. Group-IB Threat Intelligence delivers the most comprehensive insight into past, present, and future attacks targeting your organization, industry, partners, and clients. -
13
Silent Push
Silent Push
Silent Push reveals adversary infrastructure, campaigns, and security problems by searching across the most timely, accurate and complete Threat Intelligence dataset available. Defenders can focus on stopping threats before they cause a problem and significantly improve their security operations across the entire attack chain whilst simultaneously reducing operational complexity. The Silent Push platform exposes Indicators of Future Attack (IOFA) by applying unique behavioral fingerprints to attacker activity and searching our dataset. Security teams can identify new impending attacks, rather than relying upon out-of-date IOCs delivered by legacy threat intelligence. Our solutions include: Proactive Threat Hunting - Identify and track malicious infrastructure before it’s weaponized. Brand & Impersonation - Protect your brand from phishing, malvertisement, and spoofing attacks. IOFA Early Detection Feeds - Monitor global threat activity with proactive intelligence.Starting Price: $100/month -
14
The IronNet Collective Defense Platform leverages advanced AI-driven Network Detection and Response (NDR) capabilities to detect and prioritize anomalous activity inside individual enterprise network environments. The platform analyzes threat detections across the community to identify broad attack patterns and provides anonymized intelligence back to all community members in real-time, giving all members early insight into potential incoming attacks. By collaborating in real-time, companies and organizations across sectors can defend industries better, together, by seeing and fighting the same threats. When organizations collaborate to detect, share intelligence, and stop threats together in real time, they form a collective defense community. Discover how IronNet's Collective Defense platform, built on our IronDome and IronDefense products, enables organizations to realize the full benefits of this approach.
-
15
Sequretek Percept XDR
Sequretek
Cloud-based enterprise security platform offering automated threat detection and response using AI and big data across cloud and on-premise enterprise environments. Percept XDR ensures end-to-end security, threat detection and response while allowing enterprises to focus on their core business growth without the fear of compromise. Percept XDR helps to protect against phishing, ransomware, malware, vulnerability exploits, insider threats, web attacks and many more advanced attacks. Percept XDR has an ability to ingest data from various sources, uses AI and Big Data to detect threats. Its ability to ingest sensor telemetry, logs, and global threat intelligence feeds allows the AI detection engine to identify new use cases and anomalies, thereby detecting new and unknown threats. Percept XDR features SOAR-based automated response in line with the MITRE ATT&CK® framework. -
16
ThreatWatch
ThreatWatch
Stay informed on emerging threats using real-time, machine curated threat intelligence. Detect and prioritize threats up to 3 months earlier than leading scanning solutions without redundant scanning or agents. Use Attenu8, our AI platform to prioritize your threats. Secure your DevOps pipeline against open source vulnerabilities, malware, code secrets and configuration issues. Secure your infrastructure, network and IOT devices and any other assets by modeling them as virtual assets. Discover and manage your assets easily with a simple open source CLI. Decentralize security functions using real-time alerts. Integrate with MSTeams, Slack, JIRA, ServiceNow and other ecosystems using our powerful API and SDK. Stay ahead of your adversaries. Get informed on emerging malware, vulnerabilities, exploits, patches and remediations in real-time using our AI powered, machine curated threat intelligence. -
17
AhnLab MDS
AhnLab
More recent and sophisticated cyber-attacks have targeted organizations by injecting malware or files into web applications and email. The attacks initiate the distribution of malware that passes undetected through conventional security solutions; hence, these are so-called Advanced Persistent Threats(APTs). However, the response to the ever-evolving malware-based threats has been via ordinary security methods like antivirus, firewall, and intrusion prevention products. Because of this, many organizations remain vulnerable to Advanced Persistent Threats. It’s no secret that these attacks cost a company via lost intellectual property, stolen information assets, damage to equipment, and network downtime. AhnLab MDS (Malware Defense System) is a network sandbox based APT (Advanced Persistent Threat) protection solution that combines on-premise and cloud-based analytics to defeat advanced targeted threats anywhere across the organization. -
18
Cyren
Cyren
Cyren Inbox Security is an innovative solution that turns the tables on the phishers and safeguards each and every Office 365 mailbox in your organization against evasive phishing, business email compromise (BEC) and fraud. Continuous monitoring and detection provide early exposure of evasive attack indicators and anomalies. Automated response and remediation for individual mailboxes and across all mailboxes in the organization will take care of the heavy lifting. Our unique crowd-sourced user detection closes the feedback loop on alerts, reinforcing your security training and providing valuable threat intelligence. Comprehensive, multi-dimensional presentation of critical threat characteristics to help analysts understand the evolving threat landscape. Improved threat detection for existing security products such as SIEM and SOAR solutions. -
19
Reveelium
ITrust.fr
3 out of 4 companies are subject to computer attacks or hacking. However, 90% are equipped with essential security equipment that does not detect these malicious attacks. APTs, malicious behaviors, viruses, crypto lockers, override existing security defenses and no current tool can detect these attacks. Yet these attacks leave footprints of their passage. Finding these malicious traces on a large amount of data and exploiting these signals is impossible with current tools. Reveelium correlates and aggregates all types of logs from an information system and detects attacks or malicious activity in progress. An essential tool in the fight against cyber-malware Reveelium SIEM can be used alone or complemented by Ikare, Reveelium UEBA or ITrust’s Acsia EDR, to provide a true next-generation security center (SOC). Have the practices of its teams monitored by a third party and obtain an objective opinion on its level of safety. -
20
CardinalOps
CardinalOps
The CardinalOps platform is an AI-powered threat exposure management solution designed to provide organizations with an integrated view of prevention and detection controls across endpoint, cloud, identity, network, and more. It aggregates findings from misconfigurations, unsecured internet-facing workloads, missing hardening controls, and gaps in detection or prevention to give full visibility of exposures and prioritize actions based on business context and adversary tactics. The system continuously maps detections and controls to the MITRE ATT&CK framework to assess coverage depth and identify broken, noisy, or missing detection rules, while also generating deployment-ready detection content customized to each environment via native API integration with major SIEM/XDR tools such as Splunk, Microsoft Sentinel, IBM QRadar, and others. Through its automation and threat intelligence operationalization features, it helps security teams remediate exposure faster. -
21
Trend Vision One
Trend Micro
Stopping adversaries faster and taking control of your cyber risks starts with a single platform. Manage security holistically with comprehensive prevention, detection, and response capabilities powered by AI, leading threat research and intelligence. Trend Vision One supports diverse hybrid IT environments, automates and orchestrates workflows, and delivers expert cybersecurity services, so you can simplify and converge your security operations. The growing attack surface is challenging. Trend Vision One brings comprehensive security to your environment to monitor, secure, and support. Siloed tools create security gaps. Trend Vision One serves teams with these robust capabilities for prevention, detection, and response. Understanding risk exposure is a priority. Leveraging internal and external data sources across the Trend Vision One ecosystem enables greater command of your attack surface risk. Minimize breaches or attacks with deeper insight across key risk factors. -
22
VulnCheck
VulnCheck
Unprecedented visibility into the vulnerable ecosystem from the eye of the storm. Prioritize response and finish taking action before the attacks occur. Early access to new vulnerability information not found in the NVD along with dozens of unique fields. Real-time monitoring of exploit PoCs; exploitation timelines; ransomware, botnet, and APT/threat actor activity. In-house developed exploit PoCs, packet captures to defend against initial access vulnerabilities. Integrate vulnerability assessment into existing asset inventory systems, anywhere package URLs or CPE strings are present. Explore VulnCheck, a next-generation cyber threat intelligence platform, which provides exploit and vulnerability intelligence directly into the tools, processes, programs, and systems that need it to outpace adversaries. Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't. -
23
LMNTRIX
LMNTRIX
LMNTRIX is an Active Defense company specializing in detecting and responding to advanced threats that bypass perimeter controls. Be the hunter not the prey. We think like the attacker and prize detection and response. Continuous everything is the key. Hackers never stop and neither do we. When you make this fundamental shift in thinking, you start to think differently about how to detect and respond to threats. So at LMNTRIX we shift your security mindset from “incident response” to “continuous response,” wherein systems are assumed to be compromised and require continuous monitoring and remediation. By thinking like the attacker and hunting on your network and your systems, we allow you to move from being the prey to being the hunter. We then turn the tables on the attackers and change the economics of cyber defense by shifting the cost to the attacker by weaving a deceptive layer over your entire network – every endpoint, server and network component is coated with deceptions. -
24
Proofpoint Identity Threat Defense
Proofpoint
In an ever-changing hybrid world, your organization depends on its employees, their virtual identities, and the endpoints they operate on to build and protect its assets. Threat actors have found unique ways to move laterally across your cloud environments by exploiting such identities. You need an innovative and agentless identity threat detection and response solution to discover and remediate modern identity vulnerabilities—a key part of today’s attack chain. Proofpoint Identity Threat Defense, previously Illusive, gives you comprehensive prevention and visibility across all your identities so you can remediate identity vulnerabilities before they become real risks. You can also detect any lateral movements in your environments and activate deception to ensure threat actors are stopped in action before they gain access to your corporate assets. It doesn’t get better than knowing you can prevent modern identity risks and stop real-time identity threats in action, all in one place. -
25
Analyst1
Analyst1
Analyst1 offers organizations a more efficient method of gathering and enriching threat intelligence - Inundated with various security tools, analysts rarely have time to investigate and remediate all threats. Analyst1 eliminates labor-intensive tasks required to understand which threats matter most. Built by analysts for the enterprise, Analyst1 allows the ability to author, test and deploy effective countermeasures across multiple intrusion detection and prevention systems. -
26
ThreatBook
ThreatBook
ThreatBook CTI provides high-fidelity intelligence collected from alerts from real customer cases. Our R&D team uses it as a critical indicator to evaluate our intelligence extraction and quality control work. Meanwhile, we continuously assess the data based on any relevant alerts from timely cyber incidents. ThreatBook CTI aggregates data and information with a clear verdict, behavior conclusions, and intruder portraits. It enables the SOC team to spend less time on irrelevant or harmless activities,boosting the operation's efficiency. The core value of threat intelligence is detection and response, that is, enterprises can carry out compromise detection with high-fidelity intelligence, figuring out if a device has been attacked or if a server has been infected and respond based on the investigation to prevent threats, isolate or avoid risks in a timely manner and reduce the likelihood of serious consequences. -
27
Juniper Advanced Threat Protection
Juniper Networks
Juniper Advanced Threat Prevention (ATP) is the threat intelligence hub for your network. It contains a litany of built-in advanced security services that use the power of AI and machine learning to detect attacks early and optimize policy enforcement networkwide. Juniper ATP runs as a cloud-enabled service on an SRX Series Firewall or as a virtual appliance deployed locally. It finds and blocks commodity and zero-day malware within files, IP traffic, and DNS requests. The service assesses risk from encrypted and decrypted network traffic and connected devices, including IoT devices, and distributes that intelligence throughout the network, drastically decreasing your attack surface and helping avoid breaches. Automatically discover and mitigate known and zero-day threats. Identify and stop threats hiding within encrypted traffic without decrypting. Detect targeted attacks on your network, including high-risk users and devices, and automatically mobilize your defenses. -
28
Group-IB Unified Risk Platform
Group-IB
The Unified Risk Platform strengthens security by identifying the risks your organization faces. The platform automatically configures your Group-IB defenses with the precise insights required to stop attacks by threat actors, thereby making it less likely that an attack will be successful. Group-IB's platform monitors threat actors at all times in order to detect advanced attacks and techniques. The Unified Risk Platform quickly and accurately identifies early warning signs before attacks develop, fraud occurs or your brand is damaged, which reduces the risk of undesirable consequences. The Unified Risk Platform counters threat actors with insight into their modus operandi. The platform leverages a variety of solutions and techniques to stop attacks that target your infrastructure, endpoints, brand and customers, reducing the risk that an attack will cause disruption or recur. -
29
DarkIQ
Searchlight Cyber
Spot cyberattacks. Earlier. Monitor, pre-empt, and prevent costly security incidents–against your brand, suppliers, and people with actionable dark web alerts. Think of us like your automated analyst. DarkIQ is your secret weapon, continuously monitoring the dark web for cybercriminal activity. It detects, categorizes, and alerts you to imminent threats so that you can take action against cybercriminals before they strike. See what threat actors are planning. Spot the early warning signs of attack including insider threat, executive threat, and supply chain compromise before they impact your business. -
30
Threat Intelligence Platform
Threat Intelligence Platform
Threat Intelligence Platform combines several threat intelligence sources to provide in-depth insights on threat hosts and attack infrastructure. Correlating threat information from various feeds with our exhaustive in-house databases, a result of 10+ years of data crawling, the platform performs real-time host configuration analyses to come up with actionable threat intelligence that is vital in detection, mitigation, and remediation. Find detailed information about a host and its underlying infrastructure in seconds through the Threat Intelligence Platform web interface. Integrate our rich data sources into your systems to enrich results with additional threat intelligence insights. Integrate our capabilities into existing cybersecurity products, including cyber threat intelligence (CTI) platforms, security information and event management (SIEM) solutions, digital risk protection (DRP) solutions, and more.Starting Price: $12.5 per month -
31
Doppel
Doppel
Detect phishing scams on websites, social media, mobile app stores, gaming platforms, paid ads, the dark web, digital marketplaces, and more. Identify the highest impact phishing attacks, counterfeits, and more with next-gen natural language & computer vision models. Track enforcements with an auto-generated audit trail through our no-code UI that works out of the box. Stop adversaries before they scam your customers and team. Scan millions of websites, social media accounts, mobile apps, paid ads, etc. Use AI to categorize brand infringement and phishing scams. Automatically remove threats as they are detected. Doppel's system has integrations with domain registrars, social media, app stores, digital marketplaces, the dark web, and countless platforms across the Internet. This gives you comprehensive visibility and automated protection against external threats. Doppel offers automated protection against external threats. -
32
CounterCraft
CounterCraft
Unlike other security companies, we offer real-time intel that organizations can use to manipulate adversarial behavior even before being attacked. We built a distributed threat deception platform that allows you to take a step forward in defense. Take back control. We have built the highest-quality deception platform for active defense. Our proprietary ActiveLures™ populate ActiveSense™ environments and communicate using our ActiveLink™ technology. -
33
CrowdStrike Falcon Adversary Intelligence
CrowdStrike
CrowdStrike Falcon® Adversary Intelligence provides cutting-edge threat intelligence to help organizations proactively identify and mitigate cyber threats. With access to over 250 adversary profiles, dark web monitoring, and real-time threat intelligence, businesses can strengthen their defense and accelerate response times. This platform integrates seamlessly into existing security operations, offering automated threat modeling, sandbox analysis, and the ability to automate security workflows. CrowdStrike Falcon® empowers organizations to stay ahead of emerging threats with comprehensive insights into adversary tactics, techniques, and procedures. -
34
Lumen Adaptive Threat Intelligence
Lumen Technologies
Adaptive Threat Intelligence helps security specialists quickly neutralize threats before they attack. Leveraging our global network visibility, we provide high-fidelity intelligence correlated to your IP addresses, combined with Rapid Threat Defense to proactively stop threats and simplify security. Automated validation technology developed and deployed by Black Lotus Labs tests newly discovered threats and validates the fidelity of our threat data, minimizing false positives. Rapid threat defense automated detection and response capabilities block threats based on your risk tolerance. Comprehensive virtual offering eliminates the need to deploy or integrate devices and data, and provides a single escalation point. Easy-to-use security portal, mobile app, API feed and customizable alerts that allow you to manage threat visualization and response with context-rich reports and historical views. -
35
ThreatStryker
Deepfence
Runtime attack analysis, threat assessment, and targeted protection for your infrastructure and applications. Stay ahead of attackers and neutralize zero-day attacks. Observe attack behavior. ThreatStryker observes, correlates, learns and acts to protect your applications and keep you one step ahead of attackers. Deepfence ThreatStryker discovers all running containers, processes, and online hosts, and presents a live and interactive color-coded view of the topology. It audits containers and hosts to detect vulnerable components and interrogates configuration to identify file system, process, and network-related misconfigurations. ThreatStryker assesses compliance using industry and community standard benchmarks. ThreatStryker performs deep inspection of network traffic, system, and application behavior, and accumulates suspicious events over time. Events are classified and correlated against known vulnerabilities and suspicious patterns of behavior. -
36
C-Prot Threat Intelligence Portal is a powerful web service for providing access to information about cyber threats. C-Prot Threat Intelligence Portal offers the possibility to check different types of suspicious threat indicators such as files, file signatures, IP addresses, or web addresses. In this way, institutions are informed about potential threats and can take necessary precautions. Detect advanced threats using our advanced detection technologies, including dynamic, static, and behavioral analysis, and our global cloud reputation system with the C-Prot Threat Intelligence Portal. Access detailed information on specific malware indicators, as well as the tools, tactics, and attack types used by cyber attackers. Check for different indicators of suspicious threats such as IP address and web address. Understand threat trends and anticipate specific attacks with complete knowledge of your threat environment.Starting Price: Free
-
37
CrashPlan
CrashPlan
CrashPlan provides cyber resilience and data protection through a unified platform trusted by organizations worldwide. With secure, scalable backup and recovery for servers, endpoints, Microsoft 365, and Google Workspace, CrashPlan safeguards critical data against threats such as accidental deletion, ransomware, and system failure. Built with proactive threat detection and automated governance, CrashPlan ensures continuous access and compliance. Whether you back up to our cloud, your Azure instance, a local destination, or a third-party cloud, CrashPlan restores your data and your peace of mind. Features Automatic Data Protection Complete security & compliance Unlimited Versioning Point-in-Time Recovery Benefits Beyond BackupStarting Price: $8 per computer per month -
38
ThreatCloud
Check Point Software Technologies
Real-time threat intelligence derived from hundreds of millions of sensors worldwide, enriched with AI-based engines and exclusive research data from the Check Point Research Team. Detects 2,000 attacks daily by unknown threats previously undiscovered. Advanced predictive intelligence engines, data from hundreds of millions of sensors, and cutting-edge research from Check Point Research and external intelligence feed. Up-to-minute information on the newest attack vectors and hacking techniques. ThreatCloud is Check Point’s rich cyber defense database. Its threat intelligence powers Check Point zero-day protection solutions. Mitigate threats 24×7 with award-winning technology, expert analysis and global threat intelligence. In addition, the service provides recommendations for tuning the customer’s threat prevention policies to enhance the customer’s protection against threats. Customers have access to a Managed Security Services Web Portal. -
39
Proofpoint Emerging Threat (ET) Intelligence
Proofpoint
Proofpoint ET Intelligence delivers the most timely and accurate threat intelligence. Our fully verified intel provides deeper context and integrates seamlessly with your security tools to enhance your decision-making. Knowing what types of threats exist is no longer enough to protect your people, data, and brand. Emerging Threat (ET) intelligence helps prevent attacks and reduce risk by helping you understand the historical context of where these threats originated, who is behind them, when have they attacked, what methods they used, and what they're after. Get on-demand access to current and historical metadata on IPs, domains, and other related threat intelligence to help research threats and investigate incidents. In addition to reputation intel, you get condemnation evidence, deep context, history, and detection information. It's all searchable in an easy-to-use threat intelligence portal that includes: Trends and timestamps of when a threat was seen and the associated category. -
40
Blue Hexagon
Blue Hexagon
We’ve designed our real-time deep learning platform to deliver speed of detection, efficacy and coverage that sets a new standard for cyber defense. We train our neural networks with global threat data that we’ve curated carefully via threat repositories, dark web, our deployments and from partners. Just like layers of neural networks can recognize your image in photos, our proprietary architecture of neural networks can identify threats in both payloads and headers. Every day, Blue Hexagon Labs validates the accuracy of our models with new threats in the wild. Our neural networks can identify a wide range of threats — file and fileless malware, exploits, C2 communications, malicious domains across Windows, Android, Linux platforms. Deep learning is a subset of machine learning that uses multi-layered artificial neural networks to learn data representation. -
41
Bugsmirror MASST
Bugsmirror
MASST (Mobile Application Security Suite & Tools) is a unified mobile app security platform designed to detect, protect, and monitor mobile applications across development and runtime. The suite’s Threat Detection layer includes modules such as CodeLock for static analysis across 50+ vulnerability vectors, RunLock for runtime testing and attack simulations, APILock for discovering and securing API endpoints, and ThreatLock for deep red-teaming assessments. The Threat Mitigation layer wraps your mobile apps with protections including Defender (RASP-based real-time shielding), Shield (anti-reverse-engineering and IP-theft protection), and Guard (secure local storage of keys, certificates, and sensitive data via white-box cryptography). The Threat Visibility layer offers the ThreatLens Dashboard for real-time monitoring, analytics, and actionable insights into attacks, anomalies, and app security posture. -
42
Interpres
Interpres
Interpres is a threat-informed defense surface management platform that fuses and operationalizes prioritized adversarial techniques, tactics, and procedures with your unique threat profile, your unique security stack, and finished intelligence to identify coverage gaps, prioritize actions, optimize defenses and reduce risk. For too long, security leaders have been trying to defend everything without understanding the adversaries’ tradecraft, resulting in waste, inefficiency, and suboptimal defenses. For too long, you have been consuming telemetry without understanding its value while incurring all of its costs. Optimize your security stack to defend against prioritized threats targeting you. Execute clear, prioritized actions to tune, configure, and optimize your defense surface against prioritized threats. Holistically know your threat coverage from the endpoint to the cloud. Continuously monitor and systematically improve security posture. -
43
Lakera
Lakera
Lakera Guard empowers organizations to build GenAI applications without worrying about prompt injections, data loss, harmful content, and other LLM risks. Powered by the world's most advanced AI threat intelligence. Lakera’s threat intelligence database contains tens of millions of attack data points and is growing by 100k+ entries every day. With Lakera guard, your defense continuously strengthens. Lakera guard embeds industry-leading security intelligence at the heart of your LLM applications so that you can build and deploy secure AI systems at scale. We observe tens of millions of attacks to detect and protect you from undesired behavior and data loss caused by prompt injection. Continuously assess, track, report, and responsibly manage your AI systems across the organization to ensure they are secure at all times. -
44
Rapid7 Command Platform
Rapid7
The Command Platform provides attack surface visibility designed to accelerate operations and create a more comprehensive security picture you can trust. Focus on real risks with more complete visibility of your attack surface. The Command Platform allows you to pinpoint security gaps and anticipate imminent threats. Detect and respond to real security incidents across your entire network. With relevant context, recommendations and automation, expertly respond every time. Backed by a more comprehensive attack surface view, the Command Platform unifies endpoint-to-cloud exposure management and detection and response, enabling your team to confidently anticipate threats and detect and respond to cyber attacks. A continuous 360° attack surface view teams can trust to detect and prioritize security issues from endpoint to cloud. Attack surface visibility with proactive exposure mitigation and remediation prioritization across your hybrid environment. -
45
NESCOUT Cyber Threat Horizon
NESCOUT
NETSCOUT Cyber Threat Horizon is a real-time threat intelligence platform designed to provide visibility into the global cyber threat landscape, including DDoS attack activity. Leveraging data from NETSCOUT's ATLAS (Active Threat Level Analysis System), it offers insights into traffic anomalies, attack trends, and malicious activities observed across the internet. The platform empowers organizations to detect potential threats early by providing interactive visualizations, historical data analysis, and geolocation-based attack mapping. With its ability to track emerging threats and DDoS events as they unfold, NETSCOUT Cyber Threat Horizon is an invaluable tool for network administrators and security professionals seeking to enhance situational awareness and preemptively address risks. -
46
Kaduu
Kaduu
Kaduu helps you understand when, where and how stolen or accidentally leaked information in dark web markets, forums, botnet logs, IRC, social media and other sources is exposed. Kaduu’s alerting service can also detect threats before they turn into incidents. Kaduu offers AI-driven dark web analysis, real-time threat alerts and pre-Attack threat indicators. Setup in minutes you will receive instant access to real-time reporting. Employees who are heavily exposed to the Internet are at greater risk of social engineering attacks such as phishing. Kaduu offers the option of monitoring any mention of credit card information (name, part of number, etc.) on the Dark Web.Starting Price: $50 per company per month -
47
syzkaller
Google
syzkaller is an unsupervised coverage-guided kernel fuzzer. Supports FreeBSD, Fuchsia, gVisor, Linux, NetBSD, OpenBSD, and Windows. Initially, syzkaller was developed with Linux kernel fuzzing in mind, but now it's being extended to support other OS kernels as well. Once syzkaller detects a kernel crash in one of the VMs, it will automatically start the process of reproducing this crash. By default, it will use 4 VMs to reproduce the crash and then minimize the program that caused it. This may stop the fuzzing, since all of the VMs might be busy reproducing detected crashes. The process of reproducing one crash may take from a few minutes up to an hour depending on whether the crash is easily reproducible or non-reproducible at all.Starting Price: Free -
48
Defense.com
Defense.com
Take control of cyber threats. Identify, prioritize and track all your security threats with Defense.com. Simplify your cyber threat management. Detection, protection, remediation, and compliance, are all in one place. Make intelligent decisions about your security with automatically prioritized and tracked threats. Improve your security by following the effective remediation steps provided for each threat. Gain knowledge and advice from experienced cyber and compliance consultants when you need assistance. Take control of your cyber security with easy-to-use tools that can work with your existing security investment. Live data from penetration tests, VA scans, threat intelligence and more all feeds into a central dashboard, showing you exactly where your risks are and their severity. Remediation advice is included for each threat, making it easy to make effective security improvements. Powerful threat intelligence feeds are mapped to your unique attack surface.Starting Price: $30 per node per month -
49
Microsoft Sentinel
Microsoft
Standing watch, by your side. Intelligent security analytics for your entire enterprise. See and stop threats before they cause harm, with SIEM reinvented for a modern world. Microsoft Sentinel is your birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make your threat detection and response smarter and faster with artificial intelligence (AI). Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds. Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft. Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft. -
50
LevelBlue Open Threat Exchange
LevelBlue
LevelBlue Open Threat Exchange (OTX) is a comprehensive security information and event management (SIEM) platform designed to provide real-time visibility and intelligence for network and security operations. OTX enables organizations to detect and respond to threats faster, offering capabilities such as asset discovery, vulnerability scanning, and log management. With an open architecture, OTX integrates with a wide range of security tools and data sources, providing a unified approach to threat detection and response. It's designed to enhance both operational efficiency and security posture, making it suitable for organizations of all sizes looking to streamline their security operations.
