Alternatives to Rapid7 Threat Command
Compare Rapid7 Threat Command alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Rapid7 Threat Command in 2026. Compare features, ratings, user reviews, pricing, and more from Rapid7 Threat Command competitors and alternatives in order to make an informed decision for your business.
-
1
Guardz
Guardz
Guardz is the unified cybersecurity platform purpose-built for MSPs. We consolidate the essential security controls, including identities, endpoints, email, awareness, and more, into one AI-native framework designed for operational efficiency. Our identity-centric approach connects the dots across vectors, reducing the gaps that siloed tools leave behind so MSPs can see, understand, and act on user risk in real time. Backed by an elite research and threat hunting team, Guardz strengthens detection across environments, turning signals into actionable insights. With 24/7 AI + human-led MDR, Guardz utilizes agentic AI to triage at machine speed while expert analysts validate, mitigate, and guide response, giving MSPs scalable protection without adding headcount. Our mission is simple: give MSPs the scale, confidence, and clarity they need to stay ahead of attackers and deliver protection to every SMB they serve. -
2
SOCRadar provides a unified, cloud-hosted platform designed to enrich your cyber threat intelligence by contextualizing it with data from your attack surface, digital footprint, dark web exposure, and supply chain. We help security teams see what attackers see by combining External Attack Surface Management, Cyber Threat Intelligence, and Digital Risk Protection into a single, easy-to-use solution. This enables your organization to discover hidden vulnerabilities, detect data leaks, and shut down threats like phishing and brand impersonation before they can harm your business. By combining these critical security functions, SOCRadar replaces the need for separate, disconnected tools. Our holistic approach offers a streamlined, modular experience, providing a complete, real-time view of your threat landscape to help you stay ahead of attackers.
-
3
ManageEngine Log360
Zoho
Detect, investigate, and resolve security incidents and threats using a single, scalable SIEM solution. Log360 provides you with actionable insights and analytics-driven intelligence for real-time security monitoring, advanced threat detection, incident management, and behavioral analytics-based anomaly detection. Built as the bedrock for your SOC, ManageEngine Log360 comes with out-of-the-box correlation and workflow rules, dashboards, reports, and alert profiles to help you address vital security issues with little manual intervention. -
4
ConnectWise Cybersecurity Management
ConnectWise
Define and Deliver Comprehensive Cybersecurity Services. Security threats continue to grow, and your clients are most likely at risk. Small- to medium-sized businesses (SMBs) are targeted by 64% of all cyberattacks, and 62% of them admit lacking in-house expertise to deal with security issues. Now technology solution providers (TSPs) are a prime target. Enter ConnectWise Cybersecurity Management (formerly ConnectWise Fortify) — the advanced cybersecurity solution you need to deliver the managed detection and response protection your clients require. Whether you’re talking to prospects or clients, we provide you with the right insights and data to support your cybersecurity conversation. From client-facing reports to technical guidance, we reduce the noise by guiding you through what’s really needed to demonstrate the value of enhanced strategy. -
5
Cyberint Argos Platform
Cyberint
Cyberint is a global threat intelligence provider focusing on helping its clients to proactively protect their businesses against cyber threats coming from beyond the traditional security perimeters. Manage exposure, prioritize threats, and reduce cyber risk with Argos, Cyberint’s Impactful Intelligence platform. Protect your organization from an array of external cyber risks with a single comprehensive solution. Continuously uncover known and unknown vulnerabilities and weaknesses. From exposed web Interfaces and cloud Storage exposure to email security issues and open ports, Argos’ autonomous discovery maps out your external exposures and prioritize for impactful remediation. Cyberint serves leading brands worldwide including Fortune 500 companies across industries such as finance, retail, ecommerce, gaming, media, and more. -
6
Recorded Future
Recorded Future
Recorded Future is the world’s largest provider of intelligence for enterprise security. By combining persistent and pervasive automated data collection and analytics with human analysis, Recorded Future delivers intelligence that is timely, accurate, and actionable. In a world of ever-increasing chaos and uncertainty, Recorded Future empowers organizations with the visibility they need to identify and detect threats faster; take proactive action to disrupt adversaries; and protect their people, systems, and assets, so business can be conducted with confidence. Recorded Future is trusted by more than 1,000 businesses and government organizations around the world. The Recorded Future Security Intelligence Platform produces superior security intelligence that disrupts adversaries at scale. It combines analytics with human expertise to unite an unrivaled variety of open source, dark web, technical sources, and original research. -
7
CrowdStrike Falcon
CrowdStrike
CrowdStrike Falcon is a cloud-native cybersecurity platform that provides advanced protection against a wide range of cyber threats, including malware, ransomware, and sophisticated attacks. It leverages artificial intelligence (AI) and machine learning to detect and respond to threats in real time, offering endpoint protection, threat intelligence, and incident response capabilities. The platform uses a lightweight agent that continuously monitors endpoints for signs of malicious activity, providing visibility and protection without significant impact on system performance. Falcon’s cloud-based architecture ensures fast updates, scalability, and rapid threat response across large, distributed environments. Its comprehensive security features help organizations prevent, detect, and mitigate potential cyber risks, making it a powerful tool for modern enterprise cybersecurity. -
8
Hakware Archangel
Hakware
Hakware Archangel is an Artificial Intelligence based vulnerability scanner and pentesting tool. Archangel scanner enables organizations to monitor their networks, systems, and applications for security vulnerabilities with advanced Artificial intelligence continuously testing your environment. Why use Archangel? -Identify vulnerabilities before cyber criminals do -Our vulnerability scanning mitigates the risks of a data breach, which will come with a range of costs, including remediation, the loss of customers as a result of reputational damage and fines -Vulnerability scanning is not explicitly required by the GDPR (General Data Protection Regulation) or POPI (Protection Of Personal Information Act), but the -Regulation does require organisations that process personal data to ensure that they have implemented appropriate technical and organisational security measures – which includes identifying vulnerabilities -The international standard for information security, ISO 27001Starting Price: $100 -
9
DigitalStakeout Scout
DigitalStakeout
DigitalStakeout Scout enables your cybersecurity and corporate security team to stand up an open-source intelligence capability on-demand. Solve brand threat intelligence, protective intelligence & executive protection, vulnerability and cyber threat intelligence, and digital risk protection challenges with a cloud-delivered security intelligence platform hosted and fully managed by DigitalStakeout. DigitalStakeout Scout provides the data collection capabilities and analytics technology required to spot and disrupt your organization’s threats, vulnerabilities, and exposures. Using a simple web-based UI, you’ll have an on-demand security intelligence tool that enables your analysts to filter out noise, reduce alert fatigue, accelerate investigations, and make smarter intelligence-led security decisions. DigitalStakeout Scout platform, analysts are 80% more productive, and customers, on average, cut the total cost of ownership of a security intelligence capability by 40%. -
10
Constella Intelligence
Constella Intelligence
Continuously monitor thousands of data sources across the public, deep & dark web to gain the insights you need to detect and act on emerging cyber-physical threats before damage occurs. And accelerate your investigations by delving deeper into risks threatening your organization. Analyze monikers, enrich information with other datasets, and quickly unmask malicious actors to solve cybercrimes faster. Defending your digital assets against targeted attacks, Constella is powered by a unique combination of unparalleled breadth of data, technology and human expertise from world-class data scientists. Data to link real identity information to obfuscated identities & malicious activity to inform your products and safeguard your customers. Profile threat actors faster with advanced monitoring analysis, automated early warning and intelligence alerts. -
11
ThreatMon
ThreatMon
ThreatMon is an AI-powered cybersecurity platform that combines comprehensive threat intelligence with cutting-edge technology to proactively identify, analyze, and mitigate cyber risks. It provides real-time insights across a wide range of threat landscapes, including attack surface intelligence, fraud detection, and dark web monitoring. The platform offers deep visibility into external IT assets, helping organizations uncover vulnerabilities and defend against emerging threats such as ransomware and APTs. With tailored security strategies and continuous updates, ThreatMon enables businesses to stay ahead of evolving cyber risks, enhancing their overall cybersecurity posture and resilience. -
12
CTM360
CTM360
CTM360 is a unified external security platform that integrates External Attack Surface Management, Digital Risk Protection, Cyber Threat Intelligence, Brand Protection & Anti-phishing, Surface, Deep & Dark Web Monitoring, Security Ratings, Third Party Risk Management and Unlimited Takedowns. Seamless and turn-key, CTM360 requires no configurations, installations or inputs from the end-user, with all data pre-populated and specific to your organization. All aspects are managed by CTM360. Register today to take advantage of our Community Edition option and explore a range of features and functionalities at NO cost.Starting Price: Register today to take advanta -
13
PhishLabs
Fortra
The PhishLabs Platform is the foundation of Fortra's Digital Risk Protection solution. Developed over a decade in partnership with the world’s most targeted brands, PhishLabs delivers comprehensive collection, expert-driven curation, and complete and unlimited mitigation of digital risks. Brand impersonation, data leakage, and other external threats can happen anywhere online. Without extensive visibility across digital channels into domain activity, social media posts and ads, and the dark web and open web, these threats can easily go undetected and cause substantial harm. PhishLabs' Digital Risk Protection solution delivers comprehensive visibility by collecting massive amounts of data across the surface, deep, and dark web. We also monitor hundreds of social media sources and ingest data from hundreds of public and private data feeds. We also integrate data from client-specific sources such as referrer logs and 3rd party feeds. -
14
Google Security Operations (SecOps) is an intelligence-driven, AI-powered security operations platform designed to help organizations detect, investigate, and respond to cyber threats at scale. Built as a cloud-native solution, Google SecOps unifies SIEM, SOAR, and threat intelligence into a single operational experience. The platform ingests and analyzes massive volumes of security telemetry with Google-level speed and scalability. Google SecOps applies Google’s curated and applied threat intelligence to uncover high-priority threats faster and with greater accuracy. Generative AI powered by Gemini enhances analyst productivity through natural language search, automated investigations, and contextual insights. Integrated automation and orchestration capabilities enable rapid response using playbooks and collaboration tools. Google Security Operations empowers security teams to reduce risk, improve response times, and modernize their SOC operations.
-
15
Darkfeed
Cybersixgill
Unleash cyber security performance, supercharge your security stack and maximize analysts’ performance with the ultimate underground threat intelligence collection available. Darkfeed is a feed of malicious indicators of compromise, including domains, URLs, hashes, and IP addresses. It relies on Cybersixgill’s vast collection of deep and dark web sources and provides unique and advanced warnings about new cyberthreats. It is automated, meaning that IOCs are extracted and delivered in real-time, and it is actionable, meaning that its consumers will be able to receive and block items that threaten their organizations. Darkfeed also offers the most comprehensive IOC enrichment solution on the market. By enriching IOCs from SIEM, SOAR, TIP or VM platforms, users gain unparalleled context and essential explanations in order to accelerate their incident prevention and response and stay ahead of the threat curve. -
16
Netenrich
Netenrich
The Netenrich operations intelligence platform is built from the ground up to help enterprises resolve everyday and futuristic problems for stable, secure environments and infrastructures. We put the best of machine and human intelligence—AKA hybrid intelligence—to streamline threat detection, incident response, site reliability engineering (SRE), and several more of your high-profile goals. We start with self-learning machines trained with research, investigation, and remediation actions. Human intervention for tedious, automatable tasks approaches zero, freeing your team and technology to achieve goals like SRE, reduced MTTR, lesser SME dependency, and unprecedented scale without the distraction of running ops. From detection through resolution, the Netenrich platform heavy-lifts exploring and investigating alerts and threats. -
17
DarkIQ
Searchlight Cyber
Spot cyberattacks. Earlier. Monitor, pre-empt, and prevent costly security incidents–against your brand, suppliers, and people with actionable dark web alerts. Think of us like your automated analyst. DarkIQ is your secret weapon, continuously monitoring the dark web for cybercriminal activity. It detects, categorizes, and alerts you to imminent threats so that you can take action against cybercriminals before they strike. See what threat actors are planning. Spot the early warning signs of attack including insider threat, executive threat, and supply chain compromise before they impact your business. -
18
LifeRaft Navigator
Navigator
Consolidate, assess, and investigate intelligence in a single platform. Collect and alert on data relevant to your security operations from social media, deep web, and darknet sources 24/7. Our unified intelligence platform automates collection and filtering, and provides a suite of investigative tools to explore and validate threats. Uncover critical information that impacts the security of your assets and operations. Navigator monitors the internet 24/7 with custom search criteria to detect high-risk threats to your people, assets, and operations from diversified sources. Finding the needle in the haystack is a growing challenge for security operations teams. Navigator provides advanced filtering tools to capture the breadth of the online threat landscape. Uncover, explore, and use a variety of sources to validate intelligence related to threat actors, events, and special interest projects or security issues. -
19
Falcon X Recon
CrowdStrike
Falcon X Recon exposes digital risk by monitoring the hidden recesses of the internet where criminal actors congregate and underground economies thrive. Falcon X Recon provides real-time visibility to potential threats, reducing investigation time and improving efficiency and response. Take immediate action against digital risk on Day One — Falcon X Recon is built on the cloud-native CrowdStrike Falcon® Platform so there’s nothing to install, administer or deploy. Identify business, reputational and third-party risks emanating from leaked credentials, PII and financial data. View current and historical posts and chatter to track adversary activities and behavior that could pose a cyber or physical risk to your organization and personnel. Customize dashboards to enable users to see, at a glance, current notifications and quickly drill into critical alerts and activity for further research. -
20
Threat Intelligence Platform
Threat Intelligence Platform
Threat Intelligence Platform combines several threat intelligence sources to provide in-depth insights on threat hosts and attack infrastructure. Correlating threat information from various feeds with our exhaustive in-house databases, a result of 10+ years of data crawling, the platform performs real-time host configuration analyses to come up with actionable threat intelligence that is vital in detection, mitigation, and remediation. Find detailed information about a host and its underlying infrastructure in seconds through the Threat Intelligence Platform web interface. Integrate our rich data sources into your systems to enrich results with additional threat intelligence insights. Integrate our capabilities into existing cybersecurity products, including cyber threat intelligence (CTI) platforms, security information and event management (SIEM) solutions, digital risk protection (DRP) solutions, and more.Starting Price: $12.5 per month -
21
ShadowDragon
ShadowDragon
Developer of dark web monitoring and digital investigation software designed to address the complexities of modern online investigations. The company helps aggregate data from various platforms across the clear, deep as well as dark web to uncover identities, networks and connections of potential threat actors, helping businesses, law enforcement agencies and military sectors to make their investigations efficient. -
22
Brandefense
Brandefense
Brandefense is a proactive digital risk protection solution for organizations. Our AI-driven technology constantly scans the online world, including the dark, deep, and surface web, to discover unknown events, automatically prioritize risks, and deliver actionable intelligence you can use instantly to improve security. Get an accurate overview of how your company looks from an external perspective. Identify the digital risks from our cybercrime database with AI-driven detection engines. Investigate and enrich the indicators that you found and optimize the response time. Eliminate false positive incidents and focus on using your time more. Integrate the incidents that we discovered with your security products. Cyber threat intelligence teams are standing by to help you to keep safe. We need just the main brands and domains and monitor them with effective cost. Embrace the power of automation for streamlined processes and unparalleled business growth. -
23
DarkOwl
DarkOwl
We are the industry’s leading provider of darknet data, offering the largest commercially available database of darknet content in the world. DarkOwl offers a suite of data products designed to meet the needs of business looking to quantify risk and understand their threat attack surface by leveraging darknet intelligence. DarkOwl Vision UI and API products make our data easy to access in your browser, native environment or customer-facing platform. Darknet data is a proven driver of business success for use cases spanning beyond threat intelligence and investigations. DarkOwl API products allow cyber insurance underwriters and third party risk assessors to utilize discrete data points from the darknet and incorporate them into scalable business models that accelerate revenue growth. -
24
ELLIO
ELLIO
IP Threat Intel delivers real-time threat intelligence that helps security teams reduce alert fatigue and speed up triage in TIPs, SIEM & SOAR platforms. Available as an API for your SIEM/SOAR/TIP or as a local database for most demanding on-premise workloads. The feed provides detailed information on IP addresses observed in the last 30 days, including ports targeted by an IP. Updated every 60 minutes, it reflects the current threat landscape. Each IP entry includes context on event volume over the past 30 days and the most recent detection by ELLIO's deception network. Provides a list of all IP addresses observed today. Each IP entry includes tags and comments with context on targeted regions, connection volume, and the last time the IP was observed by ELLIO's deception network. Updated every 5 minutes, it ensures you have the most current information for your investigation and incident response.Starting Price: $1.495 per month -
25
Rapid7 Incident Command
Rapid7
Rapid7 Incident Command is an AI-powered next-generation SIEM designed to deliver unified visibility and faster threat response across modern attack surfaces. It brings together logs, telemetry, asset context, and threat intelligence into a single, actionable view across cloud, SaaS, endpoints, and hybrid environments. Incident Command uses AI-driven behavioral detections and alert triage to cut through noise and surface the threats that matter most. Every alert is enriched with exposure, vulnerability, asset risk, and third-party intelligence to guide decisive action. Built-in SOAR automation and guided AI response workflows help reduce dwell time and accelerate containment. The platform supports advanced investigations with natural language search, attack path reconstruction, and MITRE ATT&CK alignment. Rapid7 Incident Command enables security teams to scale their SOC with speed, clarity, and confidence. -
26
CybelAngel
CybelAngel
CybelAngel is the world-leading digital risk protection platform that detects and resolves external threats before these wreak havoc. Because more data is being shared, processed or stored outside the firewall on cloud services, open databases and connected devices, the digital risk to enterprises has never been greater. Organizations worldwide rely on CybelAngel to discover, monitor and resolve external threats across all layers of the Internet, keeping their critical assets, brand and reputation secure. -
27
Cyble
Cyble
Cyble is a leading AI-native cybersecurity platform that delivers intelligence-driven defense to help organizations stay ahead of evolving cyber threats. Powered by its Gen 3 Agentic AI, Cyble offers autonomous threat detection, real-time incident response, and proactive defense mechanisms. The platform provides comprehensive capabilities including attack surface management, vulnerability management, brand protection, and dark web monitoring. Trusted by governments and enterprises worldwide, Cyble combines unmatched visibility with scalable technology to keep security teams ahead of adversaries. With advanced AI that can predict threats months in advance, Cyble helps reduce response times and minimize risks. The company also offers extensive research, threat intelligence reports, and personalized demos to support customer success. -
28
Kaduu
Kaduu
Kaduu helps you understand when, where and how stolen or accidentally leaked information in dark web markets, forums, botnet logs, IRC, social media and other sources is exposed. Kaduu’s alerting service can also detect threats before they turn into incidents. Kaduu offers AI-driven dark web analysis, real-time threat alerts and pre-Attack threat indicators. Setup in minutes you will receive instant access to real-time reporting. Employees who are heavily exposed to the Internet are at greater risk of social engineering attacks such as phishing. Kaduu offers the option of monitoring any mention of credit card information (name, part of number, etc.) on the Dark Web.Starting Price: $50 per company per month -
29
Media Sonar
Media Sonar Technologies
Harness the unique insights only available from Web Intelligence & Investigation to better protect your corporate brand and assets. Our unique investigative module, Pathfinder, empowers both novice and experienced security teams with a streamlined path of next step related entities and a visible recording of your selected investigative trail. Media Sonar integrates the top OSINT tools and data sources into a seamless, single platform making it 30X faster than conducting OSINT with traditional methods. Your team will no longer be required to spend hours going in and out of multiple, incompatible OSINT tools and manually compiling results. Our Web Intelligence & Investigations platform will broaden your lens on your digital attack surface, helping you to secure your brand and assets and strengthen your security operations posture. Equip your security team with visibility into indicators of threat emerging outside of your organization, with intelligence from the Open and Dark Web.Starting Price: $1,500 per 3 users per month -
30
RST Cloud
RST Cloud
RST Threat Feed, RST Report Hub, RST Noise Control, RST IoC Lookup, RST Whois API are a subscription-based services delivered by RST Cloud. RST Cloud collects actual knowledge about threats from all the available public TI sources. Normalise, filter, enrich and score it and gives it to your SOC and SecOps team, or directly put to your security solutions in ready-to-use format. RST Cloud includes: - Intelligence data from more than 250 sources and more than 250 000 indicators each day, - AI-powered threat report library, - IOC data formatted in a unified and standardised format, - Filtered results to excluded high-volume false positives, - Enriched IOCs which become more helpful in investigations, - Scored IOCs based on their severity and actuality, - Enriching and filtering False Positives services for SecOps teams, - Out-of-the-box integration with various SIEM, SOAR, TIP, NGFW solutions.Starting Price: $50/month -
31
Proofpoint Digital Risk Protection
Proofpoint
Proofpoint Digital Risk Protection secures your brand and customers against digital security risks across web domains, social media, and the deep and dark web. It’s the only solution that gives you a holistic defense for all your digital engagement channels. Digital Risk Protection secures your company and customers from digital risks for your entire social media infrastructure. Our solution protects your social media presence from account takeovers, social media phishing scams, and malicious content. When you request a demo, you can map your social, mobile, and domain footprint to discover your brand-owned and fraudulent or unauthorized accounts. Protect your brand and customers from social media, web domain and dark web threats. Protect your domain investments from domain squatters, typo phishing campaigns and other infringing domains. Our digital protection solution applies artificial intelligence to uncover fraudulent domains that pose a risk to your brand and customers. -
32
Learn what a digital risk protection solution is and how it can help you be better prepared by understanding who is targeting you, what they’re after, and how they plan to compromise you. Google Digital Risk Protection delivers a broad digital risk protection solution either via stand-alone self-managed SaaS products or a comprehensive service. Both options give security professionals visibility outside their organization, the ability to identify high-risk attack vectors, malicious orchestration from the deep and dark web, and attack campaigns on the open web. The Google Digital Risk Protection solution also provides contextual information on threat actors and their tactics, techniques, and procedures to provide a more secure cyber threat profile. Gain visibility into risk factors impacting the extended enterprise and supply chain by mapping your attack surface and monitoring deep and dark web activity.
-
33
Threat Landscape
Ecliptica Labs AB
Threat Landscape is an automated threat intelligence platform built for security analysts and SOC teams who need high-confidence, actionable intelligence — without the manual triage. The platform continuously ingests and processes global OSINT and darknet sources, automatically extracting structured facts and filtering out noise before it reaches analysts. All intelligence is normalized into STIX 2.1 format, MITRE ATT&CK mapped, and correlated across threat actors, malware families, CVEs, TTPs, and IOCs — so teams spend time acting on intelligence, not building it. Key capabilities include interactive dashboards, visualized STIX threat graphs, advanced search and filtering, darknet monitoring for leak-site claims and criminal chatter, automated daily and weekly digests, and a RESTful API for integration with SIEM, SOAR, and TIP platforms.Starting Price: $499/month -
34
Doppel
Doppel
Detect phishing scams on websites, social media, mobile app stores, gaming platforms, paid ads, the dark web, digital marketplaces, and more. Identify the highest impact phishing attacks, counterfeits, and more with next-gen natural language & computer vision models. Track enforcements with an auto-generated audit trail through our no-code UI that works out of the box. Stop adversaries before they scam your customers and team. Scan millions of websites, social media accounts, mobile apps, paid ads, etc. Use AI to categorize brand infringement and phishing scams. Automatically remove threats as they are detected. Doppel's system has integrations with domain registrars, social media, app stores, digital marketplaces, the dark web, and countless platforms across the Internet. This gives you comprehensive visibility and automated protection against external threats. Doppel offers automated protection against external threats. -
35
Vigilante Operative
Vigilante
Cyber threats are proliferating at an alarming rate and often result in data exfiltration, network infiltration, data loss, account activity takeover, compromised customer data and reputational damage to an organization. As threat actors become more aggressive and malicious, the burden on IT security professionals becomes greater, especially with tight budgets and limited resources. As these threats become overwhelming, it is more challenging for organizations to gain the upper hand. Operative is our advanced threat intelligence hunting service for enterprise organizations. Vigilante lives within the dark web community to remain ahead of emerging threats, enabling deeper visibility and providing a continuous feedback loop of insight into exposures such as: Third-party risk and exposure, leaked or stolen data, malicious campaigns, attack vectors. -
36
Palo Alto Networks AutoFocus
Palo Alto Networks
Tomorrow's operations depend on unrivaled threat intelligence, today. Power up investigation, prevention and response with AutoFocus. Palo Alto Networks, provider of the industry-leading next-generation firewall, has made the world’s highest-fidelity repository of threat intelligence, sourced from the largest network of sensors, available for any team or tool to consume. AutoFocus™ contextual threat intelligence service is your one-stop shop for threat intelligence. Your teams will receive instant understanding of every event with unrivaled context from Unit 42 threat researchers, and you can embed rich threat intelligence in analyst’s existing tools to significantly speed investigation, prevention, and response. Get unique visibility into attacks crowdsourced from the industry’s largest footprint of network, endpoint, and cloud intel sources. Enrich every threat with the deepest context from worldrenowned Unit 42 threat researchers. -
37
Senseon
Senseon
Senseon’s AI Triangulation thinks like a human analyst to automate the process of threat detection, investigation and response, increasing your team’s efficiency. Displace the need for multiple security tools with one cohesive platform, providing complete visibility across the entire digital estate. Accurate detection and alerting enable IT and security teams to cut through the noise and focus on genuine threats, helping you achieve ‘inbox zero’. Senseon’s unique ‘AI Triangulation’ technology emulates how a human security analyst thinks and acts to automate the process of threat detection, investigation and response. By looking at the behaviours of users and devices from multiple perspectives, pausing for thought and learning from experience, Senseon provides accurate and context-rich alerts. These automated capabilities free security teams from the burden of exhaustive analysis, alert fatigue and false positives. -
38
alphaMountain Threat Intelligence APIs and Feeds
alphaMountain AI
alphaMountain’s domain and IP threat intelligence powers many of the world’s leading cybersecurity solutions. High-fidelity threat feeds are updated hourly with fresh URL classification, threat ratings and actionable intelligence on over 2 billion hosts including domains and IP addresses. KEY BENEFITS: Get high-fidelity URL classification and threat ratings for any URL from 1.00 to 10.0. Receive fresh categorization and threat ratings updated every hour, syndicated via API or threat feed. See threat factors and other intelligence contributing to threat verdicts. USE CASES: Use threat feeds in your network security products such as secure web gateway, secure email gateway or next-generation firewall. Call the alphaMountain API from your SIEM to investigate threats or from your SOAR to automate responses such as blocking and policy updates. Detect if a URL is suspicious, contains malware, is a phishing site and which of 89 content categories the site belongs to.Starting Price: $300/month -
39
Netcraft
Netcraft
Netcraft is a global leader in brand impersonation detection, disruption, and takedown solutions. Its Digital Risk Protection (DRP) platform provides a comprehensive, automated defense across the entire external threat landscape. By combining decades of internet infrastructure expertise with cutting-edge artificial intelligence, Netcraft ensures brands are protected with unmatched speed, accuracy, and scale. Netcraft's online brand protection capabilities extend across detection, monitoring, disruption, and enforcement, delivering operational value at scale. Capabilities include: - Detection 100+ categories of digital threats, including phishing, brand impersonation, and fake social media profiles. - Takedown processes supported by automation and established infrastructure relationships. - Advanced brand monitoring and reporting that integrate seamlessly into enterprise workflows. - Proven ability to reduce the availability of active threats and preserve customer trust. -
40
Resecurity
Resecurity
Resecurity Risk is dedicated threat monitoring platform for brands, their subsidiaries, assets, and executives. Launch in 24 hours just import your unique digital identifiers and get close to real-time updates of over 1 Petabyte of actionable intelligence impacting you now. Security information and event management (SIEM) tools can help identify and highlight many critical events at a glance if all active threat vectors are available to be ingested within the platform and are from verified sources with accurate risk scoring. Resecurity Risk an omni-directional threat product which would usually require multiple vendors to resolve. Integrate available security solutions to actualize the risk score of your enterprise footprint. Driven by your data, powered by Context™. Holistic approach to piracy and counterfeit monitoring for various industry verticals. Prevent illicit distribution and use of your products, using actionable intelligence. -
41
Cyber Triage
Sleuth Kit Labs
Fast & Affordable Forensics for Incident Response. Automated incident response software for fast, comprehensive, and easy intrusion investigations. An alert is generated from IDS or SIEM. An endpoint investigation is started from SOAR manually. Cyber Triage is deployed to the endpoint to collect data. Analyst uses Cyber Triage data to find evidence and make decisions. Manual incident response is slow, leaving the entire organization at the intruder’s mercy. By automating every phase of the endpoint forensics process, Cyber Triage ensures state-of-the-art remediation speed. Cyber threats are constantly evolving, and manual incident response can be inconsistent and incomplete. Always operating on the latest threat intelligence, Cyber Triage scours every relevant corner of a compromised endpoint. Forensic tools are often confusing, with features not needed for intrusions. Cyber Triage’s intuitive interface allows even junior staff to analyze data and assemble reports.Starting Price: $2,500 -
42
Cyren
Cyren
Cyren Inbox Security is an innovative solution that turns the tables on the phishers and safeguards each and every Office 365 mailbox in your organization against evasive phishing, business email compromise (BEC) and fraud. Continuous monitoring and detection provide early exposure of evasive attack indicators and anomalies. Automated response and remediation for individual mailboxes and across all mailboxes in the organization will take care of the heavy lifting. Our unique crowd-sourced user detection closes the feedback loop on alerts, reinforcing your security training and providing valuable threat intelligence. Comprehensive, multi-dimensional presentation of critical threat characteristics to help analysts understand the evolving threat landscape. Improved threat detection for existing security products such as SIEM and SOAR solutions. -
43
ZeroFox
ZeroFox
Organizations invest immense resources into social media and their digital presence, which has become the primary engagement method for many individuals and businesses. As social media becomes the preferred engagement tool, security teams must understand and address the risks posed by digital platforms, the largest unsecured IT network on earth. Explore the ZeroFox Platform - watch this 2 minute overview video. With a global data collection engine, artificial intelligence-based analysis, and automated remediation, the ZeroFox Platform protects you from cyber, brand and physical threats on social media & digital platforms. Understand your organization’s digital risk exposure across a broad range of platforms where you engage and cyberattacks occur. ZeroFox's mobile app provides the powerful protection of the ZeroFox platform at your fingertips, wherever and whenever you need it. -
44
Group-IB Unified Risk Platform
Group-IB
The Unified Risk Platform strengthens security by identifying the risks your organization faces. The platform automatically configures your Group-IB defenses with the precise insights required to stop attacks by threat actors, thereby making it less likely that an attack will be successful. Group-IB's platform monitors threat actors at all times in order to detect advanced attacks and techniques. The Unified Risk Platform quickly and accurately identifies early warning signs before attacks develop, fraud occurs or your brand is damaged, which reduces the risk of undesirable consequences. The Unified Risk Platform counters threat actors with insight into their modus operandi. The platform leverages a variety of solutions and techniques to stop attacks that target your infrastructure, endpoints, brand and customers, reducing the risk that an attack will cause disruption or recur. -
45
Echosec
Flashpoint
Anchored by Echosec, Flashpoint’s geospatial Open-Source Intelligence (OSINT) product, the Physical Security Intelligence (PSI) solution offers an extensive range of global open-source data fused with geospatial enrichments, integrated AI, and expert finished intelligence, so practitioners can understand critical events, protect executives, and safeguard physical assets. Accelerate investigations and enhance situational awareness with open-source data, intelligence expertise, analytical tools, and AI enrichments. Effortlessly filter out social media noise to extract meaningful information quickly, monitor the topics and locations that matter to your organization, and alert the right team members when relevant posts are detected. -
46
NexVision
NexVision Lab
NexVision is an AI-powered platform that provides multi-layered, real-time information gathering and cyber protection. It offers deep, contextual intelligence encompassing targets, motivations, and threat analytics. The platform's advanced search algorithm discovers over 120,000 hidden Tor sites daily, enabling users to access the deep and dark web without the need for anonymizing browsers like Tor. NexVision's AI/ML-powered engine continuously collects, analyzes, and sorts big data from publicly available databases and the deep web, supporting multiple languages and equipped with natural language processing and steganography-decoding capabilities to detect hidden information used by advanced threat actors. The user-friendly dashboard allows for setting keyword alerts, conducting investigations, and analyzing results while maintaining user anonymity. NexVision enables organizations to proactively safeguard their assets and maintain a secure online environment.Starting Price: Free -
47
OpenText Enterprise Security Manager
OpenText
OpenText™ Enterprise Security Manager (ESM) is a robust Security Information and Event Management (SIEM) solution designed to provide comprehensive real-time threat detection and automated response. It features an industry-leading correlation engine that alerts analysts instantly to threat-correlated events, dramatically reducing the time required to detect and respond to cyber threats. ESM integrates native Security Orchestration, Automation, and Response (SOAR) capabilities, enabling organizations to streamline their security operations and lower total cost of ownership. With the ability to analyze over 100,000 events per second and support more than 450 event sources, it delivers enterprise-wide event visibility and enhanced threat intelligence. The platform’s scalable architecture supports customization through rulesets, dashboards, and reports tailored to unique security needs. It also offers multi-tenancy capabilities for centralized management across distributed business units. -
48
Iris Identity Protection
Iris Powered by Generali
Iris Identity Protection API sends identity monitoring and alerts data into your existing digital environment – an ideal solution for businesses that are looking to offer their customers identity protection services without having to build a new product or app from scratch. By integrating Iris' identity monitoring and alerts into your existing product, your company can: Embed specific features: You have full control to design the user interface and use terminology that aligns best with your customers' needs. Customize fields: Choose the types of data that resonate most with your customers. You can even customize the placement, sequence, and titling fields according to your preferences. Choose how to deliver alerts: Whether you prefer to communicate alerts through SMS, email, or in-app notifications – the choice is yours. -
49
OpenText Core EDR
OpenText
OpenText Core EDR is an all-in-one endpoint detection and response solution that unifies endpoint protection, SIEM (security information and event management), SOAR (security orchestration, automation, and response), alert triage, and vulnerability assessment into a single platform, eliminating the need to manage disparate security tools. It uses a lightweight agent with pre-configured policies, enabling deployment in minutes and simplifying management across devices without complex scripting. By correlating endpoint, network, and identity events in real time, built-in SIEM and SOAR playbooks surface suspicious behavior and automatically guide containment, remediation, and investigation actions. Continuous, global threat intelligence powers real-time monitoring, helping detect malware, ransomware, zero-day attacks, and other advanced threats before they spread, and enabling rapid isolation or remediation of compromised endpoints. -
50
Bricklayer AI
Bricklayer AI
Bricklayer AI is an autonomous AI security team designed to enhance Security Operations Centers (SOCs) by managing endpoint, cloud, and SIEM alerts. Its multi-agent architecture mirrors human team workflows, enabling AI analysts and incident responders to collaborate seamlessly with human experts. Key features include automated alert triage, incident response, and threat intelligence analysis, all executed through natural language commands. The platform integrates effortlessly with existing tools and processes, allowing for the development of custom API integrations to gather data from an organization's entire tech stack. Bricklayer AI reduces monitoring costs, accelerates threat detection and response times, and scales operations without the need for additional human resources. Its action-based tasking ensures that every alert is investigated, feedback is shared, and responses are delivered in real time.
