Alternatives to Proofpoint Emerging Threat (ET) Intelligence
Compare Proofpoint Emerging Threat (ET) Intelligence alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Proofpoint Emerging Threat (ET) Intelligence in 2026. Compare features, ratings, user reviews, pricing, and more from Proofpoint Emerging Threat (ET) Intelligence competitors and alternatives in order to make an informed decision for your business.
-
1
SOCRadar provides a unified, cloud-hosted platform designed to enrich your cyber threat intelligence by contextualizing it with data from your attack surface, digital footprint, dark web exposure, and supply chain. We help security teams see what attackers see by combining External Attack Surface Management, Cyber Threat Intelligence, and Digital Risk Protection into a single, easy-to-use solution. This enables your organization to discover hidden vulnerabilities, detect data leaks, and shut down threats like phishing and brand impersonation before they can harm your business. By combining these critical security functions, SOCRadar replaces the need for separate, disconnected tools. Our holistic approach offers a streamlined, modular experience, providing a complete, real-time view of your threat landscape to help you stay ahead of attackers.
-
2
Kroll Cyber Risk
Kroll
We are the world incident response leader. Merging complete response capabilities with frontline threat intelligence from over 3000 incidents handled per year and end-to-end expertise we protect, detect and respond against cyberattacks. For immediate assistance, contact us today. Tackle every facet of today and tomorrow’s threat landscape with guidance from Kroll’s Cyber Risk experts. Enriched by frontline threat intel from 3000+ incidents cases every year, our end-to-end cyber risk solutions help organizations uncover exposures, validate the effectiveness of their defenses, implement new or updated controls, fine-tune detections and confidently respond to any threat. Get access to a wide portfolio of preparedness, resilience, detection and response services with a Kroll Cyber Risk retainer. Get in touch for more info. -
3
CrowdStrike Falcon
CrowdStrike
CrowdStrike Falcon is a cloud-native cybersecurity platform that provides advanced protection against a wide range of cyber threats, including malware, ransomware, and sophisticated attacks. It leverages artificial intelligence (AI) and machine learning to detect and respond to threats in real time, offering endpoint protection, threat intelligence, and incident response capabilities. The platform uses a lightweight agent that continuously monitors endpoints for signs of malicious activity, providing visibility and protection without significant impact on system performance. Falcon’s cloud-based architecture ensures fast updates, scalability, and rapid threat response across large, distributed environments. Its comprehensive security features help organizations prevent, detect, and mitigate potential cyber risks, making it a powerful tool for modern enterprise cybersecurity. -
4
ZeroFox
ZeroFox
Organizations invest immense resources into social media and their digital presence, which has become the primary engagement method for many individuals and businesses. As social media becomes the preferred engagement tool, security teams must understand and address the risks posed by digital platforms, the largest unsecured IT network on earth. Explore the ZeroFox Platform - watch this 2 minute overview video. With a global data collection engine, artificial intelligence-based analysis, and automated remediation, the ZeroFox Platform protects you from cyber, brand and physical threats on social media & digital platforms. Understand your organization’s digital risk exposure across a broad range of platforms where you engage and cyberattacks occur. ZeroFox's mobile app provides the powerful protection of the ZeroFox platform at your fingertips, wherever and whenever you need it. -
5
Palo Alto Networks AutoFocus
Palo Alto Networks
Tomorrow's operations depend on unrivaled threat intelligence, today. Power up investigation, prevention and response with AutoFocus. Palo Alto Networks, provider of the industry-leading next-generation firewall, has made the world’s highest-fidelity repository of threat intelligence, sourced from the largest network of sensors, available for any team or tool to consume. AutoFocus™ contextual threat intelligence service is your one-stop shop for threat intelligence. Your teams will receive instant understanding of every event with unrivaled context from Unit 42 threat researchers, and you can embed rich threat intelligence in analyst’s existing tools to significantly speed investigation, prevention, and response. Get unique visibility into attacks crowdsourced from the industry’s largest footprint of network, endpoint, and cloud intel sources. Enrich every threat with the deepest context from worldrenowned Unit 42 threat researchers. -
6
Group-IB Threat Intelligence
Group-IB
Defeat threats efficiently and identify attackers proactively with a revolutionary cyber threat intelligence platform by Group-IB. Capitalize on your threat intelligence insights with Group-IB’s platform. Group-IB Threat Intelligence provides unparalleled insight into your adversaries and maximizes the performance of every component of your security with strategic, operational, and tactical intelligence. Maximize known and unlock hidden values of intelligence with our threat intel platform. Understand threat trends and anticipate specific cyber attacks with thorough knowledge of your threat landscape. Group-IB Threat Intelligence provides precise, tailored, and reliable information for data-driven strategic decisions. Strengthen defenses with detailed insight into attacker behaviors and infrastructure. Group-IB Threat Intelligence delivers the most comprehensive insight into past, present, and future attacks targeting your organization, industry, partners, and clients. -
7
Proofpoint Threat Response
Proofpoint
Security teams face many challenges when responding to threats that are targeting people in their organization. Those challenges are staff shortages, an overwhelming number of alerts and attempting to reduce the time it takes to respond and remediate threats. Proofpoint Threat Response is a leading security orchestration, automation and response (SOAR) solution that enables security teams to respond faster and more efficiently to the everchanging threat landscape. Threat Response orchestrates several key phases of the incident response process. It can ingest any alert from any source and automatically enrich and group them into incidents in a matter of seconds. Security teams receive rich and vital context from leveraging Proofpoint Threat Intelligence as well as third-party threat intelligences to help understand the "who, what and where" of attacks, prioritize and quickly triage incoming events. -
8
Google Threat Intelligence
Google
Get comprehensive visibility and context on the threats that matter most to your organization. Google Threat Intelligence provides unmatched visibility into threats enabling us to deliver detailed and timely threat intelligence to security teams around the world. By defending billions of users, seeing millions of phishing attacks, and spending hundreds of thousands of hours investigating incidents we have the visibility to see across the threat landscape to keep the most important organizations protected, yours. Focus on the most relevant threats to your organization by understanding the threat actors and their ever changing tactics, techniques, and procedures (TTPs). Leverage these insights to proactively set your defenses, hunt efficiently, and respond to new and novel threats in minutes. -
9
Lumen Adaptive Threat Intelligence
Lumen Technologies
Adaptive Threat Intelligence helps security specialists quickly neutralize threats before they attack. Leveraging our global network visibility, we provide high-fidelity intelligence correlated to your IP addresses, combined with Rapid Threat Defense to proactively stop threats and simplify security. Automated validation technology developed and deployed by Black Lotus Labs tests newly discovered threats and validates the fidelity of our threat data, minimizing false positives. Rapid threat defense automated detection and response capabilities block threats based on your risk tolerance. Comprehensive virtual offering eliminates the need to deploy or integrate devices and data, and provides a single escalation point. Easy-to-use security portal, mobile app, API feed and customizable alerts that allow you to manage threat visualization and response with context-rich reports and historical views. -
10
ELLIO
ELLIO
IP Threat Intel delivers real-time threat intelligence that helps security teams reduce alert fatigue and speed up triage in TIPs, SIEM & SOAR platforms. Available as an API for your SIEM/SOAR/TIP or as a local database for most demanding on-premise workloads. The feed provides detailed information on IP addresses observed in the last 30 days, including ports targeted by an IP. Updated every 60 minutes, it reflects the current threat landscape. Each IP entry includes context on event volume over the past 30 days and the most recent detection by ELLIO's deception network. Provides a list of all IP addresses observed today. Each IP entry includes tags and comments with context on targeted regions, connection volume, and the last time the IP was observed by ELLIO's deception network. Updated every 5 minutes, it ensures you have the most current information for your investigation and incident response.Starting Price: $1.495 per month -
11
OpenCTI
Filigran
OpenCTI is an open source threat intelligence platform developed by Filigran, designed to help organizations collect, correlate, and leverage threat data at strategic, operational, and tactical levels. It provides a consolidated view of threat data from multiple sources, transforming raw data into actionable insights. It features a sophisticated knowledge hypergraph database, fully compliant with STIX standards, enabling deep context and relationships within threat intelligence. OpenCTI offers comprehensive visualizations and analytics, facilitating comparison and investigation within the knowledge graph. It integrates both technical and non-technical information into a unified system, linking each piece of threat intelligence to its original source for a complete analytical perspective. It also includes powerful case management capabilities, enhancing threat detection and response by centralizing incident-related data and fostering real-time collaboration. -
12
Maltiverse
Maltiverse
Cyber Threat Intelligence made simple for all types of businesses and independent analysts of cybersecurity. Maltiverse Freemium online resource to access aggregated sets of indicators of compromise with full context and history. When you have a cyber security incident and you need context to respond - you can access the database and search for the content manually. You can also connect the customized set of new threats to your Security Systems like SIEM, SOAR, PROXY or Firewall: Ransomware, C&C centers, malicious IP and URLs, Phishing Attacks, Other feeds.Starting Price: $100 per month -
13
C-Prot Threat Intelligence Portal is a powerful web service for providing access to information about cyber threats. C-Prot Threat Intelligence Portal offers the possibility to check different types of suspicious threat indicators such as files, file signatures, IP addresses, or web addresses. In this way, institutions are informed about potential threats and can take necessary precautions. Detect advanced threats using our advanced detection technologies, including dynamic, static, and behavioral analysis, and our global cloud reputation system with the C-Prot Threat Intelligence Portal. Access detailed information on specific malware indicators, as well as the tools, tactics, and attack types used by cyber attackers. Check for different indicators of suspicious threats such as IP address and web address. Understand threat trends and anticipate specific attacks with complete knowledge of your threat environment.Starting Price: Free
-
14
NESCOUT Cyber Threat Horizon
NESCOUT
NETSCOUT Cyber Threat Horizon is a real-time threat intelligence platform designed to provide visibility into the global cyber threat landscape, including DDoS attack activity. Leveraging data from NETSCOUT's ATLAS (Active Threat Level Analysis System), it offers insights into traffic anomalies, attack trends, and malicious activities observed across the internet. The platform empowers organizations to detect potential threats early by providing interactive visualizations, historical data analysis, and geolocation-based attack mapping. With its ability to track emerging threats and DDoS events as they unfold, NETSCOUT Cyber Threat Horizon is an invaluable tool for network administrators and security professionals seeking to enhance situational awareness and preemptively address risks. -
15
Secure Malware Analytics (formerly Threat Grid) combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware. With a robust, context-rich malware knowledge base, you will understand what malware is doing, or attempting to do, how large a threat it poses, and how to defend against it. Secure Malware Analytics rapidly analyzes files and suspicious behavior across your environment. Your security teams get context-rich malware analytics and threat intelligence, so they’re armed with insight into what a file is doing and can quickly respond to threats. Secure Malware Analytics analyzes the behavior of a file against millions of samples and billions of malware artifacts. Secure Malware Analytics identifies key behavioral indicators of malware and their associated campaigns. Take advantage of Secure Malware Analytics's robust search capabilities, correlations, and detailed static and dynamic analyses.
-
16
PassiveTotal
RiskIQ
RiskIQ PassiveTotal aggregates data from the whole internet, absorbing intelligence to identify threats and attacker infrastructure, and leverages machine learning to scale threat hunting and response. With PassiveTotal, you get context on who is attacking you, their tools and systems, and indicators of compromise outside the firewall—enterprise and third party. Investigation can go fast, really fast. Find answers quickly with over 4,000 OSINT articles and artifacts. Along with 10+ years of mapping the internet, RiskIQ has the deepest and broadest security intelligence on earth. By absorbing web data like Passive DNS, WHOIS, SSL, hosts and host pairs, cookies, exposed services, ports, components, and code. With curated OSINT and proprietary security intelligence, you can see everything—from every angle—on the digital attack surface. Take charge of your digital presence and combat threats to your organization. -
17
Global Threat Intelligence (GTI) is a comprehensive, real-time, cloud-based reputation service, fully integrated into Trellix products. Protects organizations and their users from both known and emerging cyber threats, regardless of the source of those threats or where they propagate. Arms your security infrastructure with shared threat intelligence, enabling security products to act in concert, based on the same robust, real-time information. Closes the threat window with instantaneous, and often predictive, reputation-based threat intelligence, reducing the probability of attack and cost of remediation and lost downtime. Threat data is collected from billions of Trellix product sensor queries around the globe and correlated to produce our threat intelligence. Trellix products query GTI in the cloud, and GTI renders the latest reputation or categorization intelligence to the products so that they can take action.
-
18
Real-time monitoring and analysis allowing you to quickly prioritize, investigate, and respond to hidden threats. A central view of potential threats with built-in workflows removes the complexity of threat protection. Be ready anytime for the audit with automated compliance. Get greater transparency monitoring users, applications, networks and devices. Data correlated and enriched to deliver purposeful intelligence on the threat and how to mitigate. Real-time threat identification and response powered by advanced threat intelligence reduces lead time to protect against threats such as phishing, insider threats, data exfiltration and Distributed Denial of Service (DDOS) attacks.
-
19
ThreatConnect Threat Intelligence Platform
ThreatConnect
The ThreatConnect Threat Intelligence Platform (TIP) centralizes the aggregation and management of threat data. From one platform, users can normalize data from a variety of sources, add additional context, and automate manual threat intelligence-related security processes. ThreatConnect TIP provides a workbench to organize and prioritize threat data and use it to drive actions across a security team. -
20
SecIntel
Juniper Networks
As the threat landscape evolves and security risks accelerate, you can no longer rely on a single device at the network edge to identify and block threats. Instead, you need a threat-aware network that frees your security analysts to focus on hunting unknown threats and further reduces risk to your organization. SecIntel enables the threat-aware network with a feed of aggregated and verified security data continuously collected from Juniper and multiple other sources. It delivers regularly updated, actionable intelligence to your SRX Series firewalls, MX Series routers and enforcement on Juniper wireless access points, and EX Series and QFX Series switches. Uses curated threat feeds on malicious IPs, URLs, certificate hashes, and domain uses. Infected host and custom threat feeds of all known infected hosts on your network. Allows data from third-party sources, such as industry-specific threat mitigation and prevention input, through custom threat feeds. -
21
Unit 42
Unit 42
As the threat landscape changes and attack surfaces expand, security strategies must evolve. Our world-renowned incident response team and security consulting experts will guide you before, during, and after an incident with an intelligence-driven approach. Proactively assess and test your controls against real-world threats targeting your organization, then communicate your security risk posture to your board and key stakeholders. Improve your business resilience with a threat-informed approach to breach preparedness and tighter alignment across your people, processes, technology, and governance. Deploy Unit 42 incident response experts to quickly investigate, eradicate and remediate even the most advanced attacks, working in partnership with your cyber insurance carrier and legal teams. As threats escalate, we act as your cybersecurity partner to advise and strengthen your security strategies. -
22
Vigilante Operative
Vigilante
Cyber threats are proliferating at an alarming rate and often result in data exfiltration, network infiltration, data loss, account activity takeover, compromised customer data and reputational damage to an organization. As threat actors become more aggressive and malicious, the burden on IT security professionals becomes greater, especially with tight budgets and limited resources. As these threats become overwhelming, it is more challenging for organizations to gain the upper hand. Operative is our advanced threat intelligence hunting service for enterprise organizations. Vigilante lives within the dark web community to remain ahead of emerging threats, enabling deeper visibility and providing a continuous feedback loop of insight into exposures such as: Third-party risk and exposure, leaked or stolen data, malicious campaigns, attack vectors. -
23
Extend your security intelligence from local network to global cyberspace. Get in-depth, up-to-date global knowledge about specific threats and attack sources, which can be difficult to obtain if you only have access to information within your own networks. ESET Threat Intelligence data feeds utilize widely supported STIX and TAXII formats, which makes it easy to integrate with existing SIEM tools. Integration helps to deliver the latest information on the threat landscape to predict and prevent threats before they strike. ESET Threat Intelligence features a full API that is available for automation of reports, YARA rules and other functionalities to allow for integration with other systems used within organizations. These allow organizations to set up custom rules to obtain company-specific information that security engineers are interested in. Organizations receive valuable details such as the number of times specific threats have been seen worldwide.Starting Price: $132
-
24
DomainTools
DomainTools
Connect indicators from your network with nearly every active domain and IP address on the Internet. Learn how this data can inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Gain insight that is necessary to make the right decision about the risk level of threats to your organization. DomainTools Iris is a proprietary threat intelligence and investigation platform that combines enterprise-grade domain and DNS-based intelligence with an intuitive web interface. -
25
ThreatBook
ThreatBook
ThreatBook CTI provides high-fidelity intelligence collected from alerts from real customer cases. Our R&D team uses it as a critical indicator to evaluate our intelligence extraction and quality control work. Meanwhile, we continuously assess the data based on any relevant alerts from timely cyber incidents. ThreatBook CTI aggregates data and information with a clear verdict, behavior conclusions, and intruder portraits. It enables the SOC team to spend less time on irrelevant or harmless activities,boosting the operation's efficiency. The core value of threat intelligence is detection and response, that is, enterprises can carry out compromise detection with high-fidelity intelligence, figuring out if a device has been attacked or if a server has been infected and respond based on the investigation to prevent threats, isolate or avoid risks in a timely manner and reduce the likelihood of serious consequences. -
26
Radware Threat Intelligence
Radware
Radware’s Threat Intelligence Subscriptions complement application and network security with constant updates of possible risks and vulnerabilities. By crowdsourcing, correlating and validating real-life attack data from multiple sources, Radware’s Threat Intelligence Subscriptions immunize your Attack Mitigation System. It provides real-time intelligence for preemptive protection and enables multi-layered protection against known and unknown vectors and actors as well as ongoing and emergency filters. Radware’s Live Threat Map presents near real-time information about cyberattacks as they occur, based on our global threat deception network and cloud systems event information. The systems transmit a variety of anonymized and sampled network and application attacks to our Threat Research Center and are shared with the community via this threat map. -
27
ThreatCloud
Check Point Software Technologies
Real-time threat intelligence derived from hundreds of millions of sensors worldwide, enriched with AI-based engines and exclusive research data from the Check Point Research Team. Detects 2,000 attacks daily by unknown threats previously undiscovered. Advanced predictive intelligence engines, data from hundreds of millions of sensors, and cutting-edge research from Check Point Research and external intelligence feed. Up-to-minute information on the newest attack vectors and hacking techniques. ThreatCloud is Check Point’s rich cyber defense database. Its threat intelligence powers Check Point zero-day protection solutions. Mitigate threats 24×7 with award-winning technology, expert analysis and global threat intelligence. In addition, the service provides recommendations for tuning the customer’s threat prevention policies to enhance the customer’s protection against threats. Customers have access to a Managed Security Services Web Portal. -
28
Trellix Helix Connect
Trellix
To protect against advanced threats, organizations need to integrate their security and apply the right expertise and processes. Trellix Helix Connect is a cloud-hosted security operations platform that allows organizations to take control of any incident from alert to fix. Gain comprehensive visibility and control across your entire enterprise by collecting, correlating and analyzing critical data for meaningful threat awareness. Easily integrate security functions without extensive and costly cycles. Make informed and efficient decisions with contextual threat intelligence. Detect advanced threats with machine learning, AI and integrated real-time cyber intelligence. Gain critical context into who is targeting your organization and why. With a smart and adaptive platform, you can predict and prevent emerging threats, identify root causes and respond in real time. -
29
Base Operations
Base Operations
Increase your knowledge of every corner of the world by harnessing the power of street-level threat intelligence. Access crime and unrest data of unparalleled granularity to evaluate threats before incidents occur. Apply recent and historical data to identify patterns, analyze trends, and contextualize information. Better understand areas of strategic importance to keep people safe and assets secure. Leverage intelligence gathered from thousands of public and proprietary sources to analyze the threat landscape at the street level. Quickly identify patterns and trends in a hyperlocal area to anticipate future developments. Launch with swift onboarding and an intuitive interface, progressing toward security priorities on the first day of implementation. Base Operations is like having a team of data scientists behind each member of the corporate security team. Assessments, briefings, and recommendations are supercharged with the world’s most comprehensive threat data and trend analysis. -
30
Cyware
Cyware
Cyware is the only company building Virtual Cyber Fusion Centers enabling end-to-end threat intelligence automation, sharing, and unprecedented threat response for organizations globally. Cyware offers a full-stack of innovative cyber fusion solutions for all-source strategic, tactical, technical and operational threat intelligence sharing & threat response automation. Cyware’s Enterprise Solutions are designed to promote secure collaboration, inculcate cyber resilience, enhance threat visibility and deliver needed control by providing organizations with automated context-rich analysis of threats for proactive response without losing the element of human judgment. Cyware solutions are pushing the boundaries of current security paradigms by utilizing advances in Machine Learning, Artificial Intelligence, Security Automation & Orchestration technologies to empower enterprises in adapting to the evolving threat landscape. -
31
Threat Intelligence Platform
Threat Intelligence Platform
Threat Intelligence Platform combines several threat intelligence sources to provide in-depth insights on threat hosts and attack infrastructure. Correlating threat information from various feeds with our exhaustive in-house databases, a result of 10+ years of data crawling, the platform performs real-time host configuration analyses to come up with actionable threat intelligence that is vital in detection, mitigation, and remediation. Find detailed information about a host and its underlying infrastructure in seconds through the Threat Intelligence Platform web interface. Integrate our rich data sources into your systems to enrich results with additional threat intelligence insights. Integrate our capabilities into existing cybersecurity products, including cyber threat intelligence (CTI) platforms, security information and event management (SIEM) solutions, digital risk protection (DRP) solutions, and more.Starting Price: $12.5 per month -
32
Cortex XSOAR
Palo Alto Networks
Orchestrate. Automate. Innovate. The industry’s most comprehensive security orchestration, automation and response platform with native threat intelligence management and a built-in marketplace. Transform your security operations with scalable, automated processes for any security use case. Get up to a 95% reduction in the volume of alerts requiring human review. Cortex XSOAR ingests alerts across sources and executes automated workflows/playbooks to speed up incident response. Cortex XSOAR case management facilitates standardized response for high-quantity attacks while helping your teams adapt to sophisticated one-off attacks. Cortex XSOAR playbooks are complemented by real-time collaboration capabilities that let security teams rapidly iterate to solve emergent threats. Cortex XSOAR offers a new approach to threat intelligence management that unifies threat intelligence aggregation, scoring and sharing with proven playbook-driven automation. -
33
ThreatQ
ThreatQuotient
Threat intelligence platform - ThreatQ, to understand and stop threats more effectively and efficiently your existing security infrastructure and people need to work smarter, not harder. ThreatQ can serve as an open and extensible threat intelligence platform that accelerates security operations through streamlined threat operations and management. The integrated, self-tuning threat library, adaptive workbench and open exchange allow you to quickly understand threats, make better decisions and accelerate detection and response. Automatically score and prioritize internal and external threat intelligence based on your parameters. Automate aggregation, operationalization and use of threat intelligence across all systems and teams. Improve effectiveness of existing infrastructure by integrating your tools, teams and workflows. Centralize threat intelligence sharing, analysis and investigation in a threat intelligence platform all teams can access. -
34
Silent Push
Silent Push
Silent Push reveals adversary infrastructure, campaigns, and security problems by searching across the most timely, accurate and complete Threat Intelligence dataset available. Defenders can focus on stopping threats before they cause a problem and significantly improve their security operations across the entire attack chain whilst simultaneously reducing operational complexity. The Silent Push platform exposes Indicators of Future Attack (IOFA) by applying unique behavioral fingerprints to attacker activity and searching our dataset. Security teams can identify new impending attacks, rather than relying upon out-of-date IOCs delivered by legacy threat intelligence. Our solutions include: Proactive Threat Hunting - Identify and track malicious infrastructure before it’s weaponized. Brand & Impersonation - Protect your brand from phishing, malvertisement, and spoofing attacks. IOFA Early Detection Feeds - Monitor global threat activity with proactive intelligence.Starting Price: $100/month -
35
ThreatStream
Anomali
Anomali ThreatStream is a Threat Intelligence Platform that aggregates threat intelligence from diverse sources, provides an integrated set of tools for fast, efficient investigations, and delivers operationalized threat intelligence to your security controls at machine speed. ThreatStream automates and accelerates the process of collecting all relevant global threat data, giving you the enhanced visibility that comes with diversified, specialized intelligence sources, without increasing administrative load. Automates threat data collection from hundreds of sources into a single, high fidelity set of threat intelligence. Improve your security posture by diversifying intelligence sources without generating administrative overhead. Easily try and buy new sources of threat intelligence via the integrated marketplace. Organizations rely on Anomali to harness the power of threat intelligence to make effective cybersecurity decisions that reduce risk and strengthen defenses. -
36
Pulsedive
Pulsedive
Pulsedive offers threat intelligence platform and data products to help any security team streamline their threat intelligence research, processing, management, and integration. Start by searching any domain, IP, or URL at pulsedive.com. Our community platform provides free capabilities to enrich and investigate indicators of compromise (IOCs), analyze threats, query across the Pulsedive database, and submit new IOCs in bulk. What we do differently: - Perform passive or active scanning on every ingested IOC, on-demand - Risk evaluation and factors shared with our users based on first-hand observations - Pivot off any data property or value - Analyze shared threat infrastructure and properties for different threats Our commercial API and Feed products support the automation and integration of our data within organization security environments. Check out our website for different tiers and offerings. -
37
Defense.com
Defense.com
Take control of cyber threats. Identify, prioritize and track all your security threats with Defense.com. Simplify your cyber threat management. Detection, protection, remediation, and compliance, are all in one place. Make intelligent decisions about your security with automatically prioritized and tracked threats. Improve your security by following the effective remediation steps provided for each threat. Gain knowledge and advice from experienced cyber and compliance consultants when you need assistance. Take control of your cyber security with easy-to-use tools that can work with your existing security investment. Live data from penetration tests, VA scans, threat intelligence and more all feeds into a central dashboard, showing you exactly where your risks are and their severity. Remediation advice is included for each threat, making it easy to make effective security improvements. Powerful threat intelligence feeds are mapped to your unique attack surface.Starting Price: $30 per node per month -
38
Filigran
Filigran
Embrace a proactive approach with end-to-end cyber threat management, from anticipation to response. Tailored to elevate cybersecurity through comprehensive threat intelligence, advanced adversary simulation, and strategic cyber risk management solutions. Get a holistic view of your threat environment and improved decision-making for faster incident response. Organize your cyber threat intelligence knowledge to enhance and disseminate actionable insights. Access consolidated view of threat data from multiple sources. Transform raw data into actionable insights. Enhance sharing and actionable insights dissemination across teams and tools. Streamline incident response with powerful case management capabilities. Create dynamic attack scenarios, ensuring accurate, timely, and effective response during real-world incidents. Build both simple and intricate scenarios tailored to various industry needs. Improve team dynamics with instant feedback on responses. -
39
Cyble
Cyble
Cyble is a leading AI-native cybersecurity platform that delivers intelligence-driven defense to help organizations stay ahead of evolving cyber threats. Powered by its Gen 3 Agentic AI, Cyble offers autonomous threat detection, real-time incident response, and proactive defense mechanisms. The platform provides comprehensive capabilities including attack surface management, vulnerability management, brand protection, and dark web monitoring. Trusted by governments and enterprises worldwide, Cyble combines unmatched visibility with scalable technology to keep security teams ahead of adversaries. With advanced AI that can predict threats months in advance, Cyble helps reduce response times and minimize risks. The company also offers extensive research, threat intelligence reports, and personalized demos to support customer success. -
40
Nisos
Nisos
Safeguard what matters most and inform critical decisions with deep digital investigations and open source threat intelligence services. Stay ahead of threats to protect your people, assets, and reputation with Nisos’ expert insights. Best practices from Nisos investigators to safeguard your organization against employment fraud schemes. We are a digital and human risk investigations partner who operates as an extension of your security, trust, safety, legal, and intelligence teams. Uncover risks you can’t see, and proactively protect your organization by informing your legal, M&A, employment, and partner decisions. Protect your organization from insider threats with insights to reduce your risk and mitigate your losses. Our human risk insights protect your data and ensure workplace integrity. Protect your people and reduce their vulnerabilities and exposure. Pinpoint and avert the digital threats with the potential to evolve into physical harm. -
41
ThreatMon
ThreatMon
ThreatMon is an AI-powered cybersecurity platform that combines comprehensive threat intelligence with cutting-edge technology to proactively identify, analyze, and mitigate cyber risks. It provides real-time insights across a wide range of threat landscapes, including attack surface intelligence, fraud detection, and dark web monitoring. The platform offers deep visibility into external IT assets, helping organizations uncover vulnerabilities and defend against emerging threats such as ransomware and APTs. With tailored security strategies and continuous updates, ThreatMon enables businesses to stay ahead of evolving cyber risks, enhancing their overall cybersecurity posture and resilience. -
42
Based on threat intelligence, big data mining and analysis, machine learning, visualization and other technologies, Wangsu situational awareness realizes the “visible, manageable, and controllable” network security situation, helping regulatory agencies, governments, enterprises and institutions improve discovery, identification, understanding, analysis, the ability to respond to potential threats, and help companies understand the operating status of online businesses in real time, and achieve a closed-loop business linkage of monitoring, early warning and emergency response. Supported by massive and continuous user access trajectory data, it effectively integrates and analyzes all threat intelligence, security incidents, etc., assesses the security of intrusion threats from a macro perspective, and helps companies effectively respond to unexpected new attacks. Real-time grasp of the latest security situation of the entire network and customer business.
-
43
Falcon Insight
CrowdStrike
Continuous monitoring captures endpoint activity so you know exactly what’s happening - from a threat on a single endpoint to the threat level of the organization. Falcon Insight delivers visibility and in-depth analysis to automatically detect suspicious activity and ensure stealthy attacks - and breaches - are stopped. Falcon Insight accelerates security operations, allowing users to minimize efforts spent handling alerts and reduce time to investigate and respond to attacks. Unravels entire attack in the easy-to-use Incident Workbench enriched with context and threat intelligence data. CrowdScore delivers situational awareness on the current threat level of the organization, and how it’s changing over time. Powerful response actions allow you to contain and investigate compromised systems, including on-the-fly remote access to take immediate action. -
44
NETSCOUT Omnis Security
Netscout
Doing business in a digital economy requires agility, and corporate digital structures have changed significantly to provide it. However, as companies rush to transition to the cloud and expand activities in a globally distributed digital ecosystem, they must also reinvent cybersecurity to defend against emerging threats. NETSCOUT Omnis Security is an advanced attack analysis and response platform that provides the scale, scope, and consistency needed to protect today's digital infrastructure. Highly scalable network instrumentation that offers a comprehensive view of all distributed digital infrastructures. Threat detection with selected intelligence, behavioral analytics, open source data, and advanced statistics. Contextual threat detection and investigation using a robust source of metadata and packages. Automated edge blocking with the best stateless packet processing technology, or third-party blocking devices. -
45
CYR3CON PR1ORITY
CYR3CON
CYR3CON PR1ORITY approaches cybersecurity from the hacker’s world view, identifying real threats to client assets based on attacker behaviors. Rather than providing broad and non-specific risk management information, PR1ORITY intelligently sources the necessary data that, when analyzed, predicts the likelihood of an actual attack. With multiple options for integration, PR1ORITY gives clients the information they need to proactively manage threats. CYR3CON PR1ORITY predicts which vulnerabilities hackers will exploit through the use of artificial intelligence and real threat intelligence mined from hacker communities. CYR3CON PR1ORITY provides Contextual Prediction™ - the text of the hacker conversations that feed the vulnerability prioritization assessment. CYR3CON PR1ORITY is fueled by hacker community information. Allows defenders to focus on where the threat is going. -
46
AT&T Alien Labs Open Threat Exchange
AT&T Cybersecurity
The world's largest open threat intelligence community that enables collaborative defense with actionable, community-powered threat data. Threat sharing in the security industry remains mainly ad-hoc and informal, filled with blind spots, frustration, and pitfalls. Our vision is for companies and government agencies to gather and share relevant, timely, and accurate information about new or ongoing cyberattacks and threats as quickly as possible to avoid major breaches (or minimize the damage from an attack). The Alien Labs Open Threat Exchange (OTX™) delivers the first truly open threat intelligence community that makes this vision a reality. OTX provides open access to a global community of threat researchers and security professionals. It now has more than 100,000 participants in 140 countries, who contribute over 19 million threat indicators daily. It delivers community-generated threat data, enables collaborative research, and automates the update of your security infrastructure. -
47
ATLAS Intelligence Feed (AIF)
NETSCOUT
NETSCOUT ATLAS Intelligence Feed (AIF) is an AI-powered threat intelligence service designed to strengthen adaptive DDoS protection. It delivers deterministically accurate, real-time threat intelligence based on NETSCOUT’s global visibility across a massive portion of internet traffic. The platform monitors hundreds of terabits per second of live traffic from thousands of networks worldwide to identify active threats. AIF automatically arms NETSCOUT Arbor DDoS protection products with up-to-date attack tactics, indicators of compromise, and malicious source intelligence. This automation enables faster, more accurate mitigation of inbound DDoS attacks without relying on manual intervention. The intelligence feed also helps block scanning, brute-force attempts, and outbound malicious traffic missed by traditional security stacks. By continuously adapting defenses as attacks evolve, ATLAS Intelligence Feed helps organizations maintain network availability and resilience. -
48
Juniper Advanced Threat Protection
Juniper Networks
Juniper Advanced Threat Prevention (ATP) is the threat intelligence hub for your network. It contains a litany of built-in advanced security services that use the power of AI and machine learning to detect attacks early and optimize policy enforcement networkwide. Juniper ATP runs as a cloud-enabled service on an SRX Series Firewall or as a virtual appliance deployed locally. It finds and blocks commodity and zero-day malware within files, IP traffic, and DNS requests. The service assesses risk from encrypted and decrypted network traffic and connected devices, including IoT devices, and distributes that intelligence throughout the network, drastically decreasing your attack surface and helping avoid breaches. Automatically discover and mitigate known and zero-day threats. Identify and stop threats hiding within encrypted traffic without decrypting. Detect targeted attacks on your network, including high-risk users and devices, and automatically mobilize your defenses. -
49
Transform security infrastructure into a collaborative system. Operationalize threat intelligence data in real time, delivering protection to all points in your enterprise as new threats emerge. Leverage Data Exchange Layer (DXL) to instantly share threat data to all connected security systems, including third-party solutions. Detect unknown files for faster time to protection and lower costs. Broader threat intelligence helps make accurate file execution decisions and customize policies based on risk tolerance. Enable better decision-making to handle never-before-seen and potentially malicious files. Combine and share threat information from Trellix Global Threat Intelligence, third parties, and locally collected data from your security solutions. DXL, an open communications framework, connects disparate security solutions. Share real-time security intelligence among endpoint, gateway, network, and data center security solutions.
-
50
Sequretek Percept XDR
Sequretek
Cloud-based enterprise security platform offering automated threat detection and response using AI and big data across cloud and on-premise enterprise environments. Percept XDR ensures end-to-end security, threat detection and response while allowing enterprises to focus on their core business growth without the fear of compromise. Percept XDR helps to protect against phishing, ransomware, malware, vulnerability exploits, insider threats, web attacks and many more advanced attacks. Percept XDR has an ability to ingest data from various sources, uses AI and Big Data to detect threats. Its ability to ingest sensor telemetry, logs, and global threat intelligence feeds allows the AI detection engine to identify new use cases and anomalies, thereby detecting new and unknown threats. Percept XDR features SOAR-based automated response in line with the MITRE ATT&CK® framework.
