Alternatives to REDXRAY
Compare REDXRAY alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to REDXRAY in 2026. Compare features, ratings, user reviews, pricing, and more from REDXRAY competitors and alternatives in order to make an informed decision for your business.
-
1
Criminal IP
AI SPERA
Criminal IP equips security teams with the actionable Threat Intelligence needed to proactively identify, analyze, and respond to emerging threats. Powered by AI and OSINT, it delivers threat scoring, reputation data, and real-time detection of a wide array of malicious indicators, ranging from C2 servers and IOCs to masking services like VPNs, proxies, and anonymous VPNs, across IPs, domains, and URLs. Its API-first architecture ensures seamless integration into security workflows to boost visibility, automation, and response. -
2
Criminal IP ASM
AI Spera
Criminal IP ASM delivers a threat intelligence-powered approach to attack surface management by combining continuous asset discovery with deep threat analysis across IPs, domains, OSINT, and associated infrastructure. Built on Criminal IP’s advanced scanning and enrichment capabilities, it brings Threat Intelligence context such as vulnerability intelligence, C2 detections, malicious IP/domain correlations, and dark web exposure into every layer of asset discovery in an integrated approach that empowers security teams to proactively identify, prioritize, and mitigate threats before they are exploited. -
3
CrowdStrike Falcon
CrowdStrike
CrowdStrike Falcon is a cloud-native cybersecurity platform that provides advanced protection against a wide range of cyber threats, including malware, ransomware, and sophisticated attacks. It leverages artificial intelligence (AI) and machine learning to detect and respond to threats in real time, offering endpoint protection, threat intelligence, and incident response capabilities. The platform uses a lightweight agent that continuously monitors endpoints for signs of malicious activity, providing visibility and protection without significant impact on system performance. Falcon’s cloud-based architecture ensures fast updates, scalability, and rapid threat response across large, distributed environments. Its comprehensive security features help organizations prevent, detect, and mitigate potential cyber risks, making it a powerful tool for modern enterprise cybersecurity. -
4
Secure Malware Analytics (formerly Threat Grid) combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware. With a robust, context-rich malware knowledge base, you will understand what malware is doing, or attempting to do, how large a threat it poses, and how to defend against it. Secure Malware Analytics rapidly analyzes files and suspicious behavior across your environment. Your security teams get context-rich malware analytics and threat intelligence, so they’re armed with insight into what a file is doing and can quickly respond to threats. Secure Malware Analytics analyzes the behavior of a file against millions of samples and billions of malware artifacts. Secure Malware Analytics identifies key behavioral indicators of malware and their associated campaigns. Take advantage of Secure Malware Analytics's robust search capabilities, correlations, and detailed static and dynamic analyses.
-
5
Exabeam
Exabeam
Exabeam helps security teams outsmart the odds by adding intelligence to their existing security tools – including SIEMs, XDRs, cloud data lakes, and hundreds of other business and security products. Out-of-the-box use case coverage repeatedly delivers successful outcomes. Behavioral analytics allows security teams to detect compromised and malicious users that were previously difficult, or impossible, to find. New-Scale Fusion combines New-Scale SIEM and New-Scale Analytics to form the cloud-native New-Scale Security Operations Platform. Fusion applies AI and automation to security operations workflows to deliver the industry’s premier platform for threat detection, investigation and response (TDIR). -
6
Anomali
Anomali
Anomali arms security teams with machine learning optimized threat intelligence and identifies hidden threats targeting their environments. Organizations rely on the Anomali platform to harness threat data, information, and intelligence to make effective cybersecurity decisions that reduce risk and strengthen defenses. At Anomali, we believe in making the benefits of cyber threat intelligence accessible to everyone. That’s why we’ve developed tools and research that we offer to the community — all for free. -
7
OpenText Enterprise Security Manager
OpenText
OpenText™ Enterprise Security Manager (ESM) is a robust Security Information and Event Management (SIEM) solution designed to provide comprehensive real-time threat detection and automated response. It features an industry-leading correlation engine that alerts analysts instantly to threat-correlated events, dramatically reducing the time required to detect and respond to cyber threats. ESM integrates native Security Orchestration, Automation, and Response (SOAR) capabilities, enabling organizations to streamline their security operations and lower total cost of ownership. With the ability to analyze over 100,000 events per second and support more than 450 event sources, it delivers enterprise-wide event visibility and enhanced threat intelligence. The platform’s scalable architecture supports customization through rulesets, dashboards, and reports tailored to unique security needs. It also offers multi-tenancy capabilities for centralized management across distributed business units. -
8
Darkscope
Darkscope
In contrast to many other so-called dark web intelligence providers that use OSINT and only aggregate data, Darkscope has developed a human-like search technology that works in the deep web, on social media and in the dark web. Darkscope will run a one-off full Threat Scan of the internet, social media and the dark web on your business, your internet presence and your key people. This will show if you are at risk from a cyber attack and how you can improve your cyber security. Most other threat intelligence providers aggregate threat information using OSINT. Commonly, you will receive a threat intelligence stream that is only between 1% and 5% relevant to you. When you consider that those preparing a cyber attack on your business will have researched you: your staff, partners, and customer base, a stream of generic threat intelligence has only little value if any. -
9
Maltego
Maltego Technologies
Maltego is a Java application that runs on Windows, Mac and Linux. Maltego is used by a broad range of users, ranging from security professionals to forensic investigators, investigative journalists, and researchers. Easily gather information from dispersed data sources. View up to 1 million entities on a graph. Access over 58 data sources in the Maltego transform hub. Connect public (OSINT), commercial and own data sources. Write your own Transforms. Automatically link and combine all information in one graph. Automatically combine disparate data sources in point-and-click logic. Use our regex algorithms to auto-detect entity types. Enrich your data through our intuitive graphical user interface. Use entity weights to detect patterns even in the largest graphs. Annotate your graph and export it for further use.Starting Price: €5000 per user per year -
10
Microsoft Sentinel
Microsoft
Standing watch, by your side. Intelligent security analytics for your entire enterprise. See and stop threats before they cause harm, with SIEM reinvented for a modern world. Microsoft Sentinel is your birds-eye view across the enterprise. Put the cloud and large-scale intelligence from decades of Microsoft security experience to work. Make your threat detection and response smarter and faster with artificial intelligence (AI). Eliminate security infrastructure setup and maintenance, and elastically scale to meet your security needs—while reducing IT costs. Collect data at cloud scale—across all users, devices, applications, and infrastructure, both on-premises and in multiple clouds. Detect previously uncovered threats and minimize false positives using analytics and unparalleled threat intelligence from Microsoft. Investigate threats with AI and hunt suspicious activities at scale, tapping into decades of cybersecurity work at Microsoft. -
11
FortiInsight
Fortinet
30 percent of data breaches involve organization insiders acting negligently or maliciously. Insiders pose a unique threat to organizations because they have access to proprietary systems and often are able to bypass security measures, creating a security blind spot to the risk and security teams. Fortinet’s User and Entity Behavior Analytics (UEBA) technology protects organizations from insider threats by continuously monitoring users and endpoints with automated detection and response capabilities. Leveraging machine learning and advanced analytics, FortiInsight automatically identifies non-compliant, suspicious, or anomalous behavior and rapidly alerts any compromised user accounts. This proactive approach to threat detection delivers an additional layer of protection and visibility, whether users are on or off the corporate network. -
12
EclecticIQ
EclecticIQ
EclecticIQ enables intelligence-powered cybersecurity for government organizations and commercial enterprises. We develop analyst-centric products and services that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection and prevention, and cost-efficient security investments. Our solutions are built specifically for analysts across all intelligence-led security practices such as threat investigation, and threat hunting, as well as incident response efforts. And we tightly integrated our solutions with our customers’ IT security controls and systems. EclecticIQ operates globally with offices in Europe, United Kingdom, and North-America, and via certified value-add partners. -
13
Maltiverse
Maltiverse
Cyber Threat Intelligence made simple for all types of businesses and independent analysts of cybersecurity. Maltiverse Freemium online resource to access aggregated sets of indicators of compromise with full context and history. When you have a cyber security incident and you need context to respond - you can access the database and search for the content manually. You can also connect the customized set of new threats to your Security Systems like SIEM, SOAR, PROXY or Firewall: Ransomware, C&C centers, malicious IP and URLs, Phishing Attacks, Other feeds.Starting Price: $100 per month -
14
VIPRE ThreatIQ
VIPRE Security Group
VIPRE ThreatIQ provides up-to-date threat intelligence from our global network of sensors, which detect millions of malicious files, URLs, and domains daily. With interactive APIs and bulk data downloads, you can tailor threat feeds to your needs. ThreatIQ integrates with various security solutions to enhance protection. Unlike many threat feeds, VIPRE’s ThreatIQ offers unique, verified data not available from other vendors. Independent testing confirms its accuracy, and it’s carefully curated to minimize false positives and ensure data is accurate and up to date. If your current threat feed misses new threats or generates too much noise, ThreatIQ delivers precision and reliability, helping you stay ahead of evolving cyber risks.Starting Price: $12,000/y for 1000q/month -
15
Intrusion
Intrusion
In cybersecurity, speed is critical, and Intrusion helps you understand your environment’s biggest threats, fast. See the real-time list of all blocked connections, drill down on an individual connection to see more details like why it was blocked, risk level, etc. An interactive map shows you what countries your business is communicating with the most. Quickly see which devices have the most malicious connection attempts to prioritize remediation efforts. If an IP is trying to connect, you’ll see it. Intrusion monitors traffic bidirectionally in real time, giving you full visibility of every connection being made on your network. Stop guessing which connections are actual threats. Informed by decades of historical IP records and reputation in the global threat engine, it instantly identifies malicious or unknown connections in your network. Reduce cyber security team burnout and alert fatigue with autonomous real-time network monitoring and 24/7 protection. -
16
BUFFERZONE
Bufferzone Security
BUFFERZONE provides a patented containment and disarming solution that defends endpoints against advanced malware and zero-day attacks while maximizing user and IT productivity. By isolating potentially malicious content coming from browsers, email and removable media, BUFFERZONE defends individuals and organizations from advanced threats that evade detection. BUFFERZONE disarms content for securely transferring it from the container to the native endpoint and secure network zones, and provides critical intelligence for enterprise-wide security analytics. Easy to deploy and configure, BUFFERZONE is a lightweight solution that provides cost-effective containment for up to thousands of endpoints. -
17
ATLAS Intelligence Feed (AIF)
NETSCOUT
NETSCOUT ATLAS Intelligence Feed (AIF) is an AI-powered threat intelligence service designed to strengthen adaptive DDoS protection. It delivers deterministically accurate, real-time threat intelligence based on NETSCOUT’s global visibility across a massive portion of internet traffic. The platform monitors hundreds of terabits per second of live traffic from thousands of networks worldwide to identify active threats. AIF automatically arms NETSCOUT Arbor DDoS protection products with up-to-date attack tactics, indicators of compromise, and malicious source intelligence. This automation enables faster, more accurate mitigation of inbound DDoS attacks without relying on manual intervention. The intelligence feed also helps block scanning, brute-force attempts, and outbound malicious traffic missed by traditional security stacks. By continuously adapting defenses as attacks evolve, ATLAS Intelligence Feed helps organizations maintain network availability and resilience. -
18
NESCOUT Cyber Threat Horizon
NESCOUT
NETSCOUT Cyber Threat Horizon is a real-time threat intelligence platform designed to provide visibility into the global cyber threat landscape, including DDoS attack activity. Leveraging data from NETSCOUT's ATLAS (Active Threat Level Analysis System), it offers insights into traffic anomalies, attack trends, and malicious activities observed across the internet. The platform empowers organizations to detect potential threats early by providing interactive visualizations, historical data analysis, and geolocation-based attack mapping. With its ability to track emerging threats and DDoS events as they unfold, NETSCOUT Cyber Threat Horizon is an invaluable tool for network administrators and security professionals seeking to enhance situational awareness and preemptively address risks. -
19
Securonix UEBA
Securonix
Today, many attacks are specifically built to evade traditional signature-based defenses, such as file hash matching and malicious domain lists. They use low and slow tactics, such as dormant or time triggered malware, to infiltrate their targets. The market is flooded with security products that claim to use advanced analytics or machine learning for better detection and response. The truth is that all analytics are not created equal. Securonix UEBA leverages sophisticated machine learning and behavior analytics to analyze and correlate interactions between users, systems, applications, IP addresses, and data. Light, nimble, and quick to deploy, Securonix UEBA detects advanced insider threats, cyber threats, fraud, cloud data compromise, and non-compliance. Built-in automated response playbooks and customizable case management workflows allow your security team to respond to threats quickly, accurately, and efficiently. -
20
SpyCloud
SpyCloud
After a data breach, criminals quickly monetize the data, often by using stolen credentials to gain easy access to consumer accounts and corporate systems. If your employees, consumers, or third-parties have credentials or PII exposed in a data breach, they are at high risk of account takeover fraud. SpyCloud can help you prevent account takeover and combat online fraud with proactive solutions that leverage the largest repository of recovered breach assets in the world. Reset stolen passwords before criminals can use them to defraud your users or access sensitive corporate data. Draw on decades-worth of digital breadcrumbs to unmask criminals attempting to defraud your business and your customers. Monitor your critical third party relationships for supply chain breach exposures that could endanger your enterprise. Leverage breach data to protect employees, citizens and your supply chain from credential-based cyber attacks. -
21
Darkfeed
Cybersixgill
Unleash cyber security performance, supercharge your security stack and maximize analysts’ performance with the ultimate underground threat intelligence collection available. Darkfeed is a feed of malicious indicators of compromise, including domains, URLs, hashes, and IP addresses. It relies on Cybersixgill’s vast collection of deep and dark web sources and provides unique and advanced warnings about new cyberthreats. It is automated, meaning that IOCs are extracted and delivered in real-time, and it is actionable, meaning that its consumers will be able to receive and block items that threaten their organizations. Darkfeed also offers the most comprehensive IOC enrichment solution on the market. By enriching IOCs from SIEM, SOAR, TIP or VM platforms, users gain unparalleled context and essential explanations in order to accelerate their incident prevention and response and stay ahead of the threat curve. -
22
Constella Intelligence
Constella Intelligence
Continuously monitor thousands of data sources across the public, deep & dark web to gain the insights you need to detect and act on emerging cyber-physical threats before damage occurs. And accelerate your investigations by delving deeper into risks threatening your organization. Analyze monikers, enrich information with other datasets, and quickly unmask malicious actors to solve cybercrimes faster. Defending your digital assets against targeted attacks, Constella is powered by a unique combination of unparalleled breadth of data, technology and human expertise from world-class data scientists. Data to link real identity information to obfuscated identities & malicious activity to inform your products and safeguard your customers. Profile threat actors faster with advanced monitoring analysis, automated early warning and intelligence alerts. -
23
Malware Patrol
Malware Patrol
Since 2005, Malware Patrol has focused solely on threat intelligence. We monitor the latest malicious campaigns to collect a variety of indicators. These range from malware, ransomware, and phishing to command-and-control systems and DoH servers. Each indicator is verified daily and crucial context, like ATT&CK TTPs, is incorporated. We offer feeds in a variety of formats that integrate seamlessly into your environment, helping your organization easily diversify data sources for maximum threat coverage. And with our simple pricing/licensing, you can protect as many assets as needed. This makes us a preferred choice for cybersecurity companies and MSSPs. Request your evaluation and test our data to see how your company can benefit from our threat intelligence feeds. To reduce the noise and false-positive overload faced by information security teams and their tools, our automated systems verify each IoC every day to ensure that our feeds contain only active threats. -
24
PassiveTotal
RiskIQ
RiskIQ PassiveTotal aggregates data from the whole internet, absorbing intelligence to identify threats and attacker infrastructure, and leverages machine learning to scale threat hunting and response. With PassiveTotal, you get context on who is attacking you, their tools and systems, and indicators of compromise outside the firewall—enterprise and third party. Investigation can go fast, really fast. Find answers quickly with over 4,000 OSINT articles and artifacts. Along with 10+ years of mapping the internet, RiskIQ has the deepest and broadest security intelligence on earth. By absorbing web data like Passive DNS, WHOIS, SSL, hosts and host pairs, cookies, exposed services, ports, components, and code. With curated OSINT and proprietary security intelligence, you can see everything—from every angle—on the digital attack surface. Take charge of your digital presence and combat threats to your organization. -
25
Vigilante Operative
Vigilante
Cyber threats are proliferating at an alarming rate and often result in data exfiltration, network infiltration, data loss, account activity takeover, compromised customer data and reputational damage to an organization. As threat actors become more aggressive and malicious, the burden on IT security professionals becomes greater, especially with tight budgets and limited resources. As these threats become overwhelming, it is more challenging for organizations to gain the upper hand. Operative is our advanced threat intelligence hunting service for enterprise organizations. Vigilante lives within the dark web community to remain ahead of emerging threats, enabling deeper visibility and providing a continuous feedback loop of insight into exposures such as: Third-party risk and exposure, leaked or stolen data, malicious campaigns, attack vectors. -
26
FortiAnalyzer
Fortinet
The digital attack surface is expanding at a rapid rate, making it increasingly difficult to protect against advanced threats. According to a recent Ponemon study, nearly 80% of organizations are introducing digital innovation faster than their ability to secure it against cyberattacks. In addition, the challenges of complex and fragmented infrastructures continue to enable a rise in cyber events and data breaches. Assorted point security products in use at some enterprises typically operate in silos, obscuring network and security operations teams from having clear and consistent insight into what is happening across the organization. An integrated security architecture with analytics and automation capabilities can address and dramatically improve visibility and automation. As part of the Fortinet Security Fabric, FortiAnalyzer provides security fabric analytics and automation to provide better detection and response against cyber risks. -
27
Check Point Infinity
Check Point
Organizations frequently implement multiple cyber security solutions in pursuit of better protections. As a result, they are frequently left with a patchwork security architecture that results in a high TCO. By adopting a consolidated security approach with Check Point Infinity architecture, businesses realize preemptive protection against advanced fifth-generation attacks, while achieving a 50% increase in operational efficiency and 20% reduction in security costs. The first consolidated security architecture across networks, cloud, mobile and IoT, providing the highest level of threat prevention against both known and unknown cyber-threats. 64 different threat prevention engines blocking against known and unknown threats, powered by threat intelligence. Infinity-Vision is the unified management platform for Check Point Infinity, the first modern, consolidated cyber security architecture built to prevent today’s most sophisticated attacks across networks, cloud, endpoints, etc. -
28
Keysight Application Threat Intelligence
Keysight Technologies
Fortune magazine reports that security issues are among the top three concerns of leaders around the world today. Understandably, when Ponemon Research finds that the average malicious hack takes an astonishing 256 days to discover (and pegs the average cost of a data breach at $4 million). The aim is clearly to get in front of these bad guys and, if attacked, quickly identify the issue and contain the damage. As new security threats surface every week, staying on top of today’s threat landscape is a full-time job, requiring constant vigilance and in-depth research. It is an expensive and time-consuming proposition, but no enterprise manager, government agency, or service provider wants to be caught unprepared. Our Application and Threat Intelligence (ATI) subscription service provides up-to-the-moment threat intelligence. -
29
Picus
Picus Security
Picus Security, the leading security validation company, gives organizations a clear picture of their cyber risk based on business context. Picus transforms security practices by correlating, prioritizing, and validating exposures across siloed findings so teams can focus on critical gaps and high-impact fixes. With Picus, security teams can quickly take action with one-click mitigations to stop more threats with less effort. The Picus Security Validation Platform easily reaches across on-prem environments, hybrid clouds and endpoints coupled with Numi AI to provide exposure validation. The pioneer of Breach and Attack Simulation, Picus delivers award-winning threat-centric technology that allows teams to pinpoint fixes worth pursuing, offering a 95% recommendation in Gartner Peer Review. -
30
Avira Protection Cloud
Avira
Using our world wide sensor network, Avira sees cyber threats as they emerge in real-time. The Avira Protection Cloud develops the intelligence associated with the threats we identify and makes it immediately available to our technology partners. Dynamic File Analysis combines multiple sandbox approaches for behavioral profiling to cluster and reveal similarity in the behavior of malware and identify advanced threats. Powerful rules allow the identification of behavior patterns that are specific to malware families and strains, or reveal the exact malicious intent of malware itself. Avira’s extended scanning engine is an extremely efficient way of identifying families of known malware. It uses proprietary definitions and heuristic algorithms as well as powerful content extraction and de-obfuscation techniques to identify malware. -
31
VulnCheck
VulnCheck
Unprecedented visibility into the vulnerable ecosystem from the eye of the storm. Prioritize response and finish taking action before the attacks occur. Early access to new vulnerability information not found in the NVD along with dozens of unique fields. Real-time monitoring of exploit PoCs; exploitation timelines; ransomware, botnet, and APT/threat actor activity. In-house developed exploit PoCs, packet captures to defend against initial access vulnerabilities. Integrate vulnerability assessment into existing asset inventory systems, anywhere package URLs or CPE strings are present. Explore VulnCheck, a next-generation cyber threat intelligence platform, which provides exploit and vulnerability intelligence directly into the tools, processes, programs, and systems that need it to outpace adversaries. Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't. -
32
CleanINTERNET
Centripetal
While traditional cybersecurity solutions remediate threats as they emerge, CleanINTERNET® shields against threats proactively, preventing them from reaching your network in the first place. The largest collection of high-confidence, high-fidelity commercial threat intelligence in the world, is operationalized so your defenses adapt and defend in parallel with the threat landscape. Applying over 100 billion indicators of compromise from real-time intelligence feeds, updated every 15 minutes, to protect your network. The fastest packet filtering technology on the planet is integrated at your network’s edge with no latency, enabling the use of billions of threat indicators so malicious threats are dynamically blocked from entering your network. Highly skilled analysts augmented by AI technology monitor your network, providing automated shielding based on real-time intelligence, and validated by human expertise. -
33
Blue Hexagon
Blue Hexagon
We’ve designed our real-time deep learning platform to deliver speed of detection, efficacy and coverage that sets a new standard for cyber defense. We train our neural networks with global threat data that we’ve curated carefully via threat repositories, dark web, our deployments and from partners. Just like layers of neural networks can recognize your image in photos, our proprietary architecture of neural networks can identify threats in both payloads and headers. Every day, Blue Hexagon Labs validates the accuracy of our models with new threats in the wild. Our neural networks can identify a wide range of threats — file and fileless malware, exploits, C2 communications, malicious domains across Windows, Android, Linux platforms. Deep learning is a subset of machine learning that uses multi-layered artificial neural networks to learn data representation. -
34
Learn what a digital risk protection solution is and how it can help you be better prepared by understanding who is targeting you, what they’re after, and how they plan to compromise you. Google Digital Risk Protection delivers a broad digital risk protection solution either via stand-alone self-managed SaaS products or a comprehensive service. Both options give security professionals visibility outside their organization, the ability to identify high-risk attack vectors, malicious orchestration from the deep and dark web, and attack campaigns on the open web. The Google Digital Risk Protection solution also provides contextual information on threat actors and their tactics, techniques, and procedures to provide a more secure cyber threat profile. Gain visibility into risk factors impacting the extended enterprise and supply chain by mapping your attack surface and monitoring deep and dark web activity.
-
35
TruKno
TruKno
Keep up with how adversaries are bypassing enterprise security controls based on the latest cyber attack sequences in the wild. Understand cyber attack sequences associated with malicious IP addresses, file hashes, domains, malware, actors, etc. Keep up with the latest cyber threats attacking your networks, your industry/peers/vendors, etc. Understand MITRE TTPs (at a ‘procedure’ level) used by adversaries in the latest cyber attack campaigns so you can enhance your threat detection capabilities. A real-time snapshot of how top malware campaigns are evolving in terms of attack sequences (MITRE TTPs), vulnerability exploitation (CVEs), IOCs, etc. -
36
SecIntel
Juniper Networks
As the threat landscape evolves and security risks accelerate, you can no longer rely on a single device at the network edge to identify and block threats. Instead, you need a threat-aware network that frees your security analysts to focus on hunting unknown threats and further reduces risk to your organization. SecIntel enables the threat-aware network with a feed of aggregated and verified security data continuously collected from Juniper and multiple other sources. It delivers regularly updated, actionable intelligence to your SRX Series firewalls, MX Series routers and enforcement on Juniper wireless access points, and EX Series and QFX Series switches. Uses curated threat feeds on malicious IPs, URLs, certificate hashes, and domain uses. Infected host and custom threat feeds of all known infected hosts on your network. Allows data from third-party sources, such as industry-specific threat mitigation and prevention input, through custom threat feeds. -
37
Obsidian Security
Obsidian Security
Protect your SaaS applications against breaches, threats, and data exposure. Start in minutes and secure Workday, Salesforce, Office 365, G Suite, GitHub, Zoom and other critical SaaS applications with data-driven insights, monitoring, and remediation. Companies are moving their critical business systems to SaaS. Security teams lack the unified visibility they need to detect and respond to threats quickly. They are not able to answer basic questions: Who can access SaaS apps? Who are the privileged users? Which accounts are compromised? Who is sharing files externally? Are applications configured according to best practices? It is time to level up security for SaaS. Obsidian delivers a simple yet powerful security solution for SaaS applications built around unified visibility, continuous monitoring, and security analytics. With Obsidian, security teams are able to protect against breaches, detect threats, and respond to incidents in their SaaS applications. -
38
Media Sonar
Media Sonar Technologies
Harness the unique insights only available from Web Intelligence & Investigation to better protect your corporate brand and assets. Our unique investigative module, Pathfinder, empowers both novice and experienced security teams with a streamlined path of next step related entities and a visible recording of your selected investigative trail. Media Sonar integrates the top OSINT tools and data sources into a seamless, single platform making it 30X faster than conducting OSINT with traditional methods. Your team will no longer be required to spend hours going in and out of multiple, incompatible OSINT tools and manually compiling results. Our Web Intelligence & Investigations platform will broaden your lens on your digital attack surface, helping you to secure your brand and assets and strengthen your security operations posture. Equip your security team with visibility into indicators of threat emerging outside of your organization, with intelligence from the Open and Dark Web.Starting Price: $1,500 per 3 users per month -
39
Huntsman SIEM
Huntsman Security
Trusted by defence agencies and government departments, as well as businesses globally, our next generation Enterprise SIEM is an easy to implement and operate cyber threat detection and response solution for your organisation. Huntsman Security’s Enterprise SIEM incorporates a new easy-to-use dashboard, featuring the MITRE ATT&CK® framework for SOC or IT teams to detect threats and identify and classify their type and severity. As the sophistication of cyber-attacks continues to increase, threats are inevitable – that’s why we have worked to develop responsive in-stream processes, reduced hand-off time, and stronger overall speed and accuracy of threat detection and management, in our next generation SIEM. -
40
Lumu
Lumu Technologies
The devil is in the data. Your metadata, that is. Lumu’s Continuous Compromise Assessment model is made possible by its ability to collect, normalize and analyze a wide range of network metadata, including DNS, netflows, proxy and firewall access logs and spambox. The level of visibility that only these data sources provide, allows us to understand the behavior of your enterprise network, which leads to conclusive evidence on your unique compromise levels. Arm your security team with factual compromise data that enables them to implement a precise response in a timely manner. Blocking spam is good, but analyzing it is better, because you can discover who is targeting your organization, how they are doing it, and how successful they are. Lumu’s Continuous Compromise Assessment is enabled by our patent-pending Illumination Process. Learn more about how this process uses network metadata and advanced analytics to illuminate your network’s dark spots. -
41
Silent Push
Silent Push
Silent Push reveals adversary infrastructure, campaigns, and security problems by searching across the most timely, accurate and complete Threat Intelligence dataset available. Defenders can focus on stopping threats before they cause a problem and significantly improve their security operations across the entire attack chain whilst simultaneously reducing operational complexity. The Silent Push platform exposes Indicators of Future Attack (IOFA) by applying unique behavioral fingerprints to attacker activity and searching our dataset. Security teams can identify new impending attacks, rather than relying upon out-of-date IOCs delivered by legacy threat intelligence. Our solutions include: Proactive Threat Hunting - Identify and track malicious infrastructure before it’s weaponized. Brand & Impersonation - Protect your brand from phishing, malvertisement, and spoofing attacks. IOFA Early Detection Feeds - Monitor global threat activity with proactive intelligence.Starting Price: $100/month -
42
Cyberstanc Vortex
Cyberstanc
Existing sandboxes are often slow and ineffective, failing to provide adequate protection against advanced threats. They consume significant amounts of time and resources, which can cause delays in identifying and mitigating security risks. Additionally, as attackers continue to develop new and sophisticated techniques, traditional sandboxes struggle to keep up with the evolving threat landscape. As a result, businesses need to look for more advanced and efficient solutions to protect against modern cyber threats. Cyberstanc Vortex is designed to enhance the existing frameworks, tools, and techniques for secure data transfer between secure networks. Utilizing simulation intelligence and signature-less detection capabilities aims to bridge the gaps and overcome the limitations present in current solutions. With its unique features, Cyberstanc Vortex provides comprehensive protection and ensures the secure transfer of data. -
43
SmartFlow
Solana Networks
SmartFlow is an IT cyber security monitoring tool that uses Anomaly Detection to pinpoint hard-to-detect security threats. SmartFlow complements existing signature based security monitoring tools. It analyzes network flow traffic to detect zero-day security attacks. Smartflow is an appliance based solution and targeted for medium and large enterprises. SmartFlow utilizes patent-pending anomaly detection techniques and network behaviour analysis to identify security threats in a network. It applies Solana algorithms on flow data such as Netflow to detect address scans, DDoS attacks, Botnets, port scans, malware etc. Zero day threats and encrypted malicious traffic (such as Botnet Command & Control) may escape detection by signature-based security monitoring tools. However, they will not escape detection by SmartFlow. SmartFlow distills network traffic and flow data into more than 20 different statistical measures which it continuously analyzes for early warnings of cyber threats.Starting Price: $5000 per year -
44
Heimdal Email Security
Heimdal®
Heimdal Email Security is a revolutionary spam filter and malware protection system which packs more email security vectors than any other platform you can find. Lightweight, easy to deploy, and highly responsive, our anti-malware and anti-spam filter can be scaled to any number of endpoints within your organization. Its MX record-based analysis vectors keep all malicious emails out of your inbox, automatically removing malware-laced attachments, filtering emails coming from malicious IPs or domains, or those containing malicious URLs. Heimdal Email Security secures your business emails against all types of spam email, malicious attachments, email-based malware and ransomware, phishing attempts, malicious URLs, communications from infected IPs and domains, botnet attacks, and email exploits. -
45
Black Kite
Black Kite
The Black Kite RSI follows a process of inspecting, transforming, and modeling collected from a variety of OSINT sources (internet wide scanners, hacker forums, the deep/dark web and more). Using the data and machine learning, the correlation between control items is identified to provide approximations. Operationalize with a platform that integrates with questionnaires, vendor management systems and process workflows. Automate adherence to cybersecurity compliance requirements and reduce the risk of a breach with a defense in depth approach. The platform uses Open-Source Intelligence (OSINT) and non-intrusive cyber scans to identify potential security risks, without ever touching the target customer. Vulnerabilities and attack patterns identified using 20 categories and 400+ controls, making the Black Kite platform 3x more comprehensive than competitors’. -
46
Deepwatch
Deepwatch
Advanced managed detection and response to secure the distributed enterprise. Expert guided security operations for early detection and automated response to mitigate risk across the enterprise. Preemptively detect malicious activity and respond to active threats before the endpoint is compromised. Efficiently discover and remediate critical threats and vulnerabilities across the enterprise. Extensive experience across our team has led us to an important realization too often overlooked: each organization has unique aspects and requirements for its cyber solutions. No team is exactly the same and your threats aren’t either. We developed the Squad Delivery Model to foster collaborative, high touch, tailored services that meet your specific needs and requirements. -
47
Orpheus Cyber
Orpheus Cyber
Predictive, actionable insights into your attack surface and your third parties. Drive efficiency and improve security with a subscription to the Orpheus platform. Let us tell you who is likely to attack you, how they are going to do it, and your live vulnerabilities that they will exploit. Doing so will enable laser-focused spending on the immediate security measures you need to stop your cyber risks before they happen. Our threat intelligence solutions combine cutting-edge technology based on machine learning to minimize your exposure to breaches and that of your third-party supply chain. Our powerful platform enables you to monitor and mitigate cyber risks to both your company and the companies you work with. Orpheus is a leading cybersecurity company that offers predictive and actionable intelligence to clients, enabling them to anticipate, prepare for, and respond to cyber threats. -
48
Trellix ATLAS
Trellix
Giving customers a unique insight into malicious files, domains, and IP detections seen worldwide. Advanced Threat Landscape Analysis System (ATLAS) data is aggregated from various Trellix data sources to provide the latest global emerging threats with enriched data such as industry sector and geolocation. ATLAS correlates these threats with campaign data containing research from Trellix’s Advanced Research Center (ARC) and Threat Intelligence Group (TIG), as well as open source data, to provide a dedicated view for campaigns consisting of events, dates, threat actors, IOCs, and more. Enables customers with unique global insight into the malicious threat detections seen worldwide by Trellix. Geospatially enabled situational awareness. Utilizes the Trellix telemetry data collected worldwide. Highlights current and emerging threats by highlighting those of particular interest by type, industry sector, geolocation, most seen, etc. -
49
InsightCyber
InsightCyber
We find the insights hidden in your data that you didn’t know were there. Our unique AI suite maps your company’s digital behaviors, by continuously learning from our application and network data. We construct models, with hundreds of individual dimensions, in real time using our patent-pending AI. You get an AI that understands how your business works, delivering context and relevance far beyond what current AIs can. We’re currently releasing InsightCyber GenAI to a limited number of organizations and partners. The InsightCyber platform is highly successful at finding and analyzing tiny anomalies that indicate cyber risk in environments of any size. Our AI is tuned to work with data sets from the smallest environments to the largest of enterprises. In real-time, our platform distinguishes threats that originate from remote sources as well as threats arising from malware that has already infiltrated an environment. -
50
Reveelium
ITrust.fr
3 out of 4 companies are subject to computer attacks or hacking. However, 90% are equipped with essential security equipment that does not detect these malicious attacks. APTs, malicious behaviors, viruses, crypto lockers, override existing security defenses and no current tool can detect these attacks. Yet these attacks leave footprints of their passage. Finding these malicious traces on a large amount of data and exploiting these signals is impossible with current tools. Reveelium correlates and aggregates all types of logs from an information system and detects attacks or malicious activity in progress. An essential tool in the fight against cyber-malware Reveelium SIEM can be used alone or complemented by Ikare, Reveelium UEBA or ITrust’s Acsia EDR, to provide a true next-generation security center (SOC). Have the practices of its teams monitored by a third party and obtain an objective opinion on its level of safety.
