Alternatives to THOR
Compare THOR alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to THOR in 2026. Compare features, ratings, user reviews, pricing, and more from THOR competitors and alternatives in order to make an informed decision for your business.
-
1
ManageEngine Log360
Zoho
Detect, investigate, and resolve security incidents and threats using a single, scalable SIEM solution. Log360 provides you with actionable insights and analytics-driven intelligence for real-time security monitoring, advanced threat detection, incident management, and behavioral analytics-based anomaly detection. Built as the bedrock for your SOC, ManageEngine Log360 comes with out-of-the-box correlation and workflow rules, dashboards, reports, and alert profiles to help you address vital security issues with little manual intervention. -
2
ASGARD Management Center
Nextron Systems
ASGARD Management Center is the perfect incident response platform. It not only lets you execute enterprise wide thor scans. It also provides an easy to use interface for execution of complex response playbooks on up to one million endpoints – all from a single console. ASGARD ships as hardened virtual appliance and features agents for Microsoft Windows, Linux, AIX, and MacOS. Its rich API facilitates interoperation with SOAR frameworks, sandboxes, antivirus systems, SIEM systems, CMDBs, IPS devices – or in other words: with literally any security device you may have in place. This short demo shows how easy it is to launch a scan with custom IOCs from a connected MISP. In the example we select all events with the keyword “Emotet”, add them to a new rule set and use that rule set in a new Group Scan with THOR. -
3
ListSync
ThorApps
ListSync allows you to replicate your SharePoint lists items into a SQL database in real-time. The database may be hosted by ThorApps or you can connect to your own, providing simpler integration with other systems or for reporting (via ThorApps BI Service or Power BI). ListSync is optimized with an easy SharePoint interface. Available in the Microsoft App Store. Request your 30-day trial and get $50 credit to test ListSync in your own environment. No credit card required. Get immediate access to all of your SharePoint lists in one place. With data collated and stored in SQL, you’ll be running amazingly fast reports in a fraction of the time. Replicate your SharePoint lists items to a SQL database in real-time. Integrate data with your existing reporting systems like BI Service, Power BI or Tableau. Collates lists items from commonly structured lists into a SQL table from across the site collection.Starting Price: $100 per user per month -
4
THORSwap
THORSwap
THORSwap's DEX Aggregator connects liquidity across 9 blockchains and compares pricing from numerous Aggregators (1inch, Matcha) & DEXs (Uniswap, Sushiswap, Pangolin) to give you the best cross-chain swap in one click. Stake a $THOR token and earn 75% of protocol revenues, trading discounts, and other community perks. Stay on top of your portfolio by tracking your THORChain LPs, staking, and wallet balances. Create and manage THORChain multi-sig wallets for enhanced self-custody and governance. Our one-stop solution for devs to easily add cross-chain functionality to any product/dApp. Dedicated interface suite for managing Bonding on THORChain. -
5
Alisha AI SDR
floworks
Floworks is an AI-driven sales automation platform designed to streamline the B2B outbound sales process. At its core is Alisha, an AI Sales Development Representative (SDR) powered by the Thor V2 Large Language Model (LLM). Alisha automates lead generation by identifying prospects that match ideal customer profiles, accessing a database of over 275 million contacts. She crafts hyper-personalized emails by scanning over 180 sources for real-time lead data, enhancing engagement and increasing response rates. Alisha also manages omnichannel outreach, including email, calling, and SMS, and automates meeting scheduling by integrating with popular calendar applications like Calendly and Google Calendar. This comprehensive approach allows sales teams to focus on high-impact activities, improving productivity and driving higher conversion rates. -
6
ProjectSync
ThorApps
Replicates project entities (project, task, resource) into a SQL database in just a fraction of time based on events in the project online (e.g. save or publish). Can be configured to use the same database as ListSync, allowing you to join both Project Site list data and project online entity data in queries. ProjectSync stores the SharePoint list data in a Microsoft SQL Server database. You have the flexibility to choose between Azure SQL database or On-premise SQL Server. Connect data with your existing reporting systems like BI Service, Power BI or Tableau. ProjectSync allows you to create any number of environments. This gives you the benefit of following dev, test, production release management processes. You are also allowed to separate departments data from each other in different databases (i.e. ICT, operations if using different project online instances for each). ThorApps offers its own SSRS farms, which is a secure space to store your data. -
7
Heimdal Next-Gen Endpoint Antivirus
Heimdal®
Heimdal Next-Gen Endpoint Antivirus is an NGAV solution featuring unparalleled threat intelligence, EDR, forensics, and firewall integration. Our tool uses signature-based code scanning to monitor your organization’s files' activity to protect your endpoints against malware, ransomware, APTs, and other types of threats. Heimdal Next-Gen Endpoint Antivirus allows you to perform file scans in real-time, as a permanently active process. In addition to this, you can run scheduled or on-demand scans for your endpoints to detect any suspicious activity. Our solution uses signature-based code scanning, real-time cloud scanning, sandboxing, and backdoor analysis to monitor the activity of your organization’s files in order to protect your endpoints -
8
YARA
YARA
YARA is a tool aimed at (but not limited to) helping malware researchers to identify and classify malware samples. With YARA you can create descriptions of malware families (or whatever you want to describe) based on textual or binary patterns. Each description, a.k.a rule, consists of a set of strings and a boolean expression which determine its logic. YARA-CI may be a useful addition to your toolbelt. This is GitHub application that provides continuous testing for your rules, helping you to identify common mistakes and false positives. The above rule is telling YARA that any file containing one of the three strings must be reported as silent_banker. -
9
Cofense Triage
Cofense
Cofense Triage™ accelerates phishing email identification and mitigation. Improve your response time with integration and automation. We use Cofense Intelligence™ rules and an industry-leading spam engine to automatically identify and analyze threats. And our robust read/write API lets you integrate intelligent phishing defense into your workflow, so your team can focus their efforts and protect your organization. We know stopping phish isn’t always straightforward. That’s why Cofense Triage™ makes it easy to get on-demand help from the experts. They’re just one click away, anytime. Our Threat Intelligence and Research Teams continually update our library of YARA rules, making it easier for you to identify emerging campaigns and improve response time. And the Cofense Triage Community Exchange allows you to crowd-source phishing email analysis and threat intelligence, so you’re never on your own. -
10
Cyber Triage
Sleuth Kit Labs
Fast & Affordable Forensics for Incident Response. Automated incident response software for fast, comprehensive, and easy intrusion investigations. An alert is generated from IDS or SIEM. An endpoint investigation is started from SOAR manually. Cyber Triage is deployed to the endpoint to collect data. Analyst uses Cyber Triage data to find evidence and make decisions. Manual incident response is slow, leaving the entire organization at the intruder’s mercy. By automating every phase of the endpoint forensics process, Cyber Triage ensures state-of-the-art remediation speed. Cyber threats are constantly evolving, and manual incident response can be inconsistent and incomplete. Always operating on the latest threat intelligence, Cyber Triage scours every relevant corner of a compromised endpoint. Forensic tools are often confusing, with features not needed for intrusions. Cyber Triage’s intuitive interface allows even junior staff to analyze data and assemble reports.Starting Price: $2,500 -
11
Binalyze AIR
Binalyze
Binalyze AIR is a market-leading Digital Forensics and Incident Response platform that allows enterprise and MSSP security operations teams to collect full forensic evidence at speed and scale. Our incident response investigation capabilities such as triage, timeline and remote shell help to close down DFIR investigations in record time. -
12
ProDiscover
ProDiscover
ProDiscover forensics suite addresses a wide range of cybercrime scenarios encountered by law enforcement and corporate internal security investigators. ProDiscover is widely used in Computer Forensics and Incident Response. The product suite is also equipped with diagnostic and evidence collection tools for corporate policy compliance investigations and electronic discovery. ProDiscover helps in efficiently uncovering files and data of interest. Wizards, dashboards and timeline views help in speedily discovering vital information. Investigators are provided with a wide range of tools and integrated viewers to explore the evidence disks and extract artifacts relevant to the investigation. ProDiscover combines speed and accuracy, with ease of use and is available at an affordable price. Launched in 2001, ProDiscover has a rich history. It was one of the first products to support remote forensic capabilities. -
13
Belkasoft Triage
Belkasoft
Belkasoft Triage is a new digital forensic and incident response tool developed specifically for a quick analysis of a live computer and making a partial image of important data. Belkasoft T is designed to assist in situations when an investigator or a first responder is at the scene of incident and needs to quickly identify and obtain specific digital evidence stored on a Windows machine. The product is irreplaceable in situations of time pressure, when there is a need to quickly detect presence of specific data and obtain investigative leads instead of conducting an in-depth analysis of all the digital evidence. -
14
CyFIR Investigator
CyFIR
CyFIR digital security and forensic analysis solutions provide unparalleled endpoint visibility, scalability, and speed to resolution. Cyber resilient organizations suffer little to no damage in the event of a breach. CyFIR cyber risk solutions identify, analyze, and resolve active or potential threats 31x faster than traditional EDR tools. We live in a post-breach world where data breaches are more frequent and more aggressive in their capacity to do harm. Attack surfaces are expanding beyond the walls of an organization to encompass thousands of connected devices and computer endpoints located throughout remote facilities, cloud and SaaS providers, controlled foreign assets, and other locations. -
15
Intezer AI SOC
Intezer
Intezer AI SOC combines proven forensic capabilities with the adaptive reasoning of Agentic AI. The result is sub-minute triage across 100% of alerts, with less than 2% escalated for human review, a 98% verdict accuracy, and complete transparency. Intezer provides full coverage for all alert types including endpoint, network, email, identity, and cloud. Investigation outcomes are continuously fed into AI-driven detection engineering. Coverage is mapped and tracked against MITRE ATT&CK and new behavioral rules are deployed to address gaps in the detection posture. New alerting is funneled into Intezer AI SOC and creates a closed loop that continuously improves security posture over time. -
16
OpenText Security Suite
OpenText
OpenText™ Security Suite, powered by OpenText™ EnCase™, provides 360-degree visibility across laptops, desktops and servers for proactive discovery of sensitive data, identification and remediation of threats and discreet, forensically-sound data collection and investigation. With agents deployed on more than 40 million endpoints, clients that include 78 of the Fortune 100 and more than 6,600 EnCE™ certified users, Security Suite delivers the industry gold standard for incident response and digital investigations. EnCase solutions help enterprises, government agencies and law enforcement address a range of needs around risk and compliance, file analytics, endpoint detection and response (EDR) and digital forensics with the most trusted digital forensics and cybersecurity software. Solving problems that often go undetected or unsolved on the endpoint, Security Suite restores the confidence of companies and their customers with unparalleled reliability and breadth of coverage. -
17
Siterack
Siterack
All of your websites are pinged every 60 seconds to make sure they are alive and well. If an error is reported back, Siterack assesses the problem and will send a note to let you know. Siterack automatically runs a daily backup of all your sites and securely stores them in our cloud. All backups are displayed in your site's Control Center so you can easily search for the one you need. Before each update, Siterack grabs a backup - just in case. Afterward, Siterack incrementally updates each package and scans the site for any issues or failures using our AI. Error Detection system. If anything goes wrong, Siterack will automatically restore the most recent backup and let you know. Using dual-method, malware detection technology, the Siterack Malware Engine runs daily scans looking for and removing any malicious packages. The system uses a combination of Yara rule and signature violations to detect the malware and automatically remove it upon discovery.Starting Price: $19 per month -
18
Fluency SIEM
Fluency Security
Managing Service Level Agreements (SLAs) can be a complex and time-consuming process, but with Fluency you can easily meet those obligations. We’re able to provide real-time log data processing with thousands of rules running simultaneously. This ensures that every element of your log is monitored as it happens rather than waiting on scheduled searches or manual input. With us on your side, meeting your SLA targets is easy! Fluency is the only SIEM that is fully compliant with Sigma, the open-source standard in SIEM rules. Fluency can run all Sigma rules simultaneously without a performance hit. There is no conversion of rules, nor is there a down-selection. The rules analyze data as it enters the system, always creating real-time alerts, meaning zero mean time to detection (MTTD). Fluency is even compatible with the proposed features of Sigma. This means that your analysts benefit from the largest community of open-source researchers for log analysis.Starting Price: $5 per asset per month -
19
Belkasoft Remote Acquisition
Belkasoft
Belkasoft Remote Acquisition (Belkasoft R) is a new digital forensic and incident response tool developed specifically for remote extraction of hard and removable drives, RAM, connected mobile devices, and even specific types of data. Belkasoft R will be useful in cases when an incident response analyst or a digital forensic investigator needs to gather evidence quickly and the devices in question are situated in geographically distributed locations. With Belkasoft R, there is no longer need to interrupt an employees' daily routine or draw excessive attention to your investigation. Belkasoft R saves your time and money doing a forensically sound remote acquisitions: no more excessive costs and extra time for travels. No more geographical challenges and expensive trips. No need in having trained specialists in all locations of your organization’s offices. -
20
Pondurance
Pondurance
Pondurance offers risk-based cybersecurity solutions enhanced by human intelligence, focusing on Managed Detection and Response (MDR) services that include continuous risk assessments and digital forensics. Their personalized approach ensures that organizations receive customized solutions tailored to their specific cybersecurity needs, effectively addressing complex compliance and security challenges. -
21
Falcon Forensics
CrowdStrike
Falcon Forensics offers comprehensive data collection while performing triage analysis during an investigation. Forensic security often entails lengthy searches with numerous tools. Simplify your collection and analysis to one solution to speed triage. Incident responders can respond faster to investigations, conduct compromise assessments along with threat hunting and monitoring with Falcon Forensics. Pre-built dashboards, easy search, and view data capabilities empower analysts to search vast amounts of data, including historical artifacts, quickly. Falcon Forensics automates data collection and provides detailed information around an incident. Responders can tap into full threat context without lengthy queries or full disk image collections. Provides incident responders a single solution to analyze large quantities of data both historically and in real-time to uncover vital information to triage an incident. -
22
Blackpanda
Blackpanda
Blackpanda Digital Forensics services & Incident Response experts help identify, prioritize, contain, and remediate security issues in the event of a breach—helping you both minimize damage and respond more effectively to future incidents. Our incident response experts work with your team to identify vulnerable assets, draft organizational response plans, and craft bespoke playbooks to common attack events and communications protocols, while thoroughly testing all processes to optimize response. In doing so, our cyber security services help mitigate damage before an incident even occurs. Digital actions leave digital footprints. Our expert digital forensics investigators collect, analyze, and preserve digital evidence to outline the details of an incident, recover lost or stolen data, and testify to stakeholders or law enforcement, where necessary. Our forensic cyber security services can be instrumental in legal, corporate and private cases. -
23
SecurityHQ
SecurityHQ
SecurityHQ is a world leading independent Managed Security Service Provider (MSSP), that detects, and responds to threats, instantly. As your security partner, we alert and act on threats for you. Gain access to an army of analysts that work with you, as an extension of your team, 24/7, 365 days a year. Receive tailored advice and full visibility to ensure peace of mind, with our Global Security Operation Centres. Utilize our award-winning security solutions, knowledge, people, and process capabilities, to accelerate business and reduce risk and overall security costs. Most Popular Services: Managed Detection and Response (MDR) Endpoint Detection and Response (EDR) Managed Extended Detection and Response (XDR) Vulnerability Management Services Managed Firewall Digital Forensics & Incident Response Managed Network Detection and Response (NDR) Penetration Testing CISO as a Service -
24
Velociraptor
Rapid7
At the press of a (few) buttons, perform targeted collection of digital forensic evidence simultaneously across your endpoints, with speed and precision. Continuously collect endpoint events such as event logs, file modifications and process execution. Centrally store events indefinitely for historical review and analysis. Actively search for suspicious activities using our library of forensic artifacts, then customize to your specific threat-hunting needs. It was developed by Digital Forensic and Incident Response (DFIR) professionals who needed a powerful and efficient way to hunt for specific artifacts and monitor activities across fleets of endpoints. Velociraptor provides you with the ability to more effectively respond to a wide range of digital forensic and cyber incident response investigations and data breaches. -
25
Cado
Cado Security
Investigate all escalated alerts with unparalleled speed & depth. Revolutionize how Security Operations and Incident Response teams investigate cyber attacks. In today's complex and evolving hybrid world, you need an investigation platform you can trust to deliver answers. Cado Security empowers teams with unrivaled data acquisition, extensive context, and unparalleled speed. The Cado Platform provides automated, in-depth data so teams no longer need to scramble to find the critical information that they need, enabling faster resolutions and more effective teamwork. With ephemeral data, once the data is gone, it's gone. Act in real-time. The Cado Platform is the only tool with the ability to perform automated full forensic captures as well as utilize instant triage collection methods - native acquisition of cloud-based resources including containers, as well as SaaS applications and on-premise endpoints. -
26
Sequretek Percept XDR
Sequretek
Cloud-based enterprise security platform offering automated threat detection and response using AI and big data across cloud and on-premise enterprise environments. Percept XDR ensures end-to-end security, threat detection and response while allowing enterprises to focus on their core business growth without the fear of compromise. Percept XDR helps to protect against phishing, ransomware, malware, vulnerability exploits, insider threats, web attacks and many more advanced attacks. Percept XDR has an ability to ingest data from various sources, uses AI and Big Data to detect threats. Its ability to ingest sensor telemetry, logs, and global threat intelligence feeds allows the AI detection engine to identify new use cases and anomalies, thereby detecting new and unknown threats. Percept XDR features SOAR-based automated response in line with the MITRE ATT&CK® framework. -
27
Phonexia Voice Inspector
Phonexia
Perform fast and highly accurate language-independent forensic voice analysis using a speaker recognition solution explicitly designed for forensic experts and exclusively powered by state-of-the-art deep neural networks. Analyze the subject’s voice automatically with an advanced speaker identification tool, and support your forensic expert’s conclusion with accurate, unbiased voice analysis. Identify a speaker in the recordings of any language without the need to hire a language-specific linguist as Phonexia Voice Inspector can detect pronunciation differencies in any language. Present the results of your forensic voice analysis to a court in the most convenient way with an automatically generated report containing all the necessary details to validate the claim. Phonexia Voice Inspector is an out-of-the-box solution that provides police forces and forensic experts with a highly accurate speaker recognition tool to support effective criminal investigations and give evidence in court. -
28
Irisity IRIS+
Irisity
Irisity IRIS+ video analytics solutions rely on a variety of patented technologies and unique knowledge and capabilities in the fields of software architecture, computer-vision, deep learning and AI. The core of Irisity IRIS+'s technology is its distributed architecture, which distributes the video processing task between an edge-device and a server, enabling optimal utilization of the processing elements at each end, reducing bandwidth between both ends as well as hardware costs. Irisity IRIS+'s unique deep-learning implementation leads to the lowest ratio of hardware cost per camera, compared to other software solutions. This architecture can be implemented in the public cloud as well as in private networks. On top of its classification model, Irisity IRIS+ developed a broad set of video analytics functionalities, including rule-based real-time event detection, autonomous anomaly detection, video forensics and statistical analysis under a single software platform. -
29
At a time when you are challenged more than ever to secure the digital infrastructure at the core of your operations, you need a technology foundation for security that unifies network threat detection, forensics and integrated response. Network Detection and Response is the evolution of effective, efficient and accessible network security. You need no specialized hardware to rapidly deploy Network Detection and Response in any segment of the modern network — enterprise, cloud, industrial, IoT and 5G — to see all activities and record everything for comprehensive analysis, discovery and action. Network Detection and Response delivers network visibility, threat detection and forensic analysis of suspicious activities. This service dramatically accelerates the ability for organizations to respond to and identify future attacks before they become serious events. This threat detection and response service captures, optimizes and stores network traffic from multiple infrastructures.Starting Price: $20 per month
-
30
Wazuh
Wazuh
Wazuh is a free, open source and enterprise-ready security monitoring solution for threat detection, integrity monitoring, incident response and compliance. Wazuh is used to collect, aggregate, index and analyze security data, helping organizations detect intrusions, threats and behavioral anomalies. As cyber threats are becoming more sophisticated, real-time monitoring and security analysis are needed for fast threat detection and remediation. That is why our light-weight agent provides the necessary monitoring and response capabilities, while our server component provides the security intelligence and performs data analysis. Wazuh addresses the need for continuous monitoring and response to advanced threats. It is focused on providing the right visibility, with the insights to help security analysts discover, investigate and response to threats and attack campaigns across multiple endpoints. -
31
Placement Auditor
Placement Auditor
Placement Auditor is an automated backdoor hire detection platform built for staffing and recruitment agencies. It continuously monitors submitted candidates via LinkedIn to detect undisclosed job changes and unpaid placements. Users upload candidate data once, and the system scans automatically without manual effort. When a potential backdoor hire is detected, Placement Auditor generates forensic-grade synthetic evidence that is court-ready and compliant. The platform also creates attorney-reviewed legal demand letters to help agencies recover owed placement fees. With real-time alerts and zero commission on recovered revenue, agencies keep 100% of what they collect. Placement Auditor operates as a true set-and-forget system that protects placement revenue around the clock.Starting Price: $49/month -
32
Celeri
Celeri
Celeri’s AI-powered fraud detection system identifies falsified financial documents and catches application fraud. 1. Catches fraudulent documents that are undetectable to the naked eye 2. Spots micro-anomalies with pinpoint accuracy against broad index of genuine paystubs and bank statements 3. Analyzes forensic history of each document to uncover modifications and traces of editing softwareStarting Price: $0.99 per month -
33
Santoku
Santoku
Santoku is dedicated to mobile forensics, analysis, and security, and packaged in an easy to use, Open Source platform. Scripts to automate decrypting binaries, deploying apps, enumerating app details, and more. Scripts to detect common issues in mobile applications. Utilities to simulate network services for dynamic analysis. Useful scripts and utilities specifically designed for mobile forensics. Firmware flashing tools for multiple manufacturers. GUI tools for easy deployment and control of mobile apps. -
34
Swimage Attune EPM
Swimage
In addition to being the best imaging & provisioning tool on the market, Swimage Attune EPM prepares you for today’s cyber threats. Security & compliance monitoring Rapid, hyper-automated remediation Zero trust security Full-disk forensic snapshot Low/no bandwidth Onsite or remote Self-service capability Full system rebuild capability Encryption handler Integrates with other security tools Automated imaging Automated, dynamic provisioning Domain join flexibility Cloud management portal Multi-tenancy Client-side agent Asset management Application delivery & patching PC health monitoring & automated remediation Intelligent driver interrogator Fast & easy installation & configuration Integrates with existing system management tools Flexible & customizable Scalable to any organization size 100% end-to-end automation Requires minimal labor Reduces help desk demands Own & protect your PC information & data Alternative to SCCM & AutopilotStarting Price: $15.00 per user per month -
35
Flowcious
Flowcious
A highly scalable, NetFlow/IPFIX based big-data platform designed to supercharge NetOps & SecOps taking complex decisions. Get DPI-like network intelligence with NetFlow. Get deep visibility without the costs and scalability issues of DPI. From anomalies to compromised hosts, detect and mitigate threats in real time using machine learning. Built for massive scale, deployed on networks at Terabit-Per-Second, working with trillions of flow records in the cloud globally. A NetFlow, IPFIX engine that leverages our proprietary Machine Learning algorithms that turn plain meta-information into DPI-like intelligence. Having the right information at the right time is critical to make informed decisions. We've thoughtfully designed it to work for you. Track bandwidth usage per application. Spot congestion easily & gain understanding of how traffic is flowing through your network. Storage of raw traffic for in-depth incident analysis and forensics. -
36
Universal Analysis Software (UAS) provides a platform for analyzing and managing forensic genomic data, simplifying complex bioinformatics. The UAS is an all-inclusive solution, containing analysis modules supporting all current ForenSeq workflows including ForenSeq MainstAY, ForenSeq Kintelligence, ForenSeq DNA Signature Prep, ForenSeq mtDNA Whole Genome, and ForenSeq mtDNA Control Region. UAS rapidly generates FASTQ files, performs alignment, and calls forensically relevant variants from NGS data. Extensive testing backs highly reliable variant calls to deliver accurate results in a user-friendly package with no per-seat licenses. Designed specifically for forensic analysts, UAS streamlines handling of base-by-base sequence information and contains a range of features to enable everything from efficient review of everyday STR profiles to detailed analysis of the most challenging samples.
-
37
Orna
Orna
The most intuitive cyber incident response and case management platform with on-call SME and 200+ integrations. Orna detects attacks and anomalies across the entire infrastructure 24/7/365, groups them by source, incident relevance, and criticality, and enriches them with threat intelligence data from 28 public and private sources. ORNA's AI analyzes the threat and estimates the severity of the resulting incident, not just the alert, as well as the affected assets. Clear, color-coded dashboards provide attack breakdown by asset, type, technique, time, and more to speed up operations. ORNA's SMS and email notifications are secure and highly configurable based on the team member's role, source, and severity to avoid alert fatigue. When an attack happens, quick and decisive actions make all the difference. With ORNA, you can mount a world-class response, as all alerts can be escalated into incidents with a single action.Starting Price: $833 per month -
38
Coalition
Coalition
Every business is a target, no matter what industry or size. Percent of cyber loss victims that are small to midsize businesses. SMBs report attacks evaded their antivirus and intrusion detection software. Average claim size for Coalition’s SMB policyholders. Coalition protects your business by preventing incidents before they occur. Our proactive cybersecurity platform saves your business time, money, and headaches. We provide our security tools at no additional cost to our insurance customers. We alert you when your employees’ credentials, passwords, and data have been compromised in 3rd party data breaches. Over 90% of security incidents are caused by human error. Train your employees to avoid mishaps with our engaging, story-based employee training platform and simulated phishing emails. Ransomware literally holds your computers and data hostage. Our comprehensive threat detection software provides protection from dangerous malware attacks that escape detection. -
39
Extend your security intelligence from local network to global cyberspace. Get in-depth, up-to-date global knowledge about specific threats and attack sources, which can be difficult to obtain if you only have access to information within your own networks. ESET Threat Intelligence data feeds utilize widely supported STIX and TAXII formats, which makes it easy to integrate with existing SIEM tools. Integration helps to deliver the latest information on the threat landscape to predict and prevent threats before they strike. ESET Threat Intelligence features a full API that is available for automation of reports, YARA rules and other functionalities to allow for integration with other systems used within organizations. These allow organizations to set up custom rules to obtain company-specific information that security engineers are interested in. Organizations receive valuable details such as the number of times specific threats have been seen worldwide.Starting Price: $132
-
40
SOCLabs
SOCLabs
SOCLabs is an interactive cybersecurity training platform for security operations teams, detection engineers, and blue team defenders. It transforms theory into practical skills by providing realistic environments, authentic threat data, and hands-on exercises. Key features include the world’s first Detection Challenge module, where users write and test rules using real attack datasets. It supports major SIEM query languages such as Sigma, Splunk, Elastic, and OpenSearch, with one‑click validation and accuracy checks based on the MITRE ATT&CK framework. The Learning System offers step‑by‑step courses, from basic defense tools to enterprise‑level architecture, with interactive labs and scenario challenges. The DetectionHub enables continuous log analysis and query testing, while the Collaborative Ecosystem connects global experts to share data, contribute rules, and solve threats together.Starting Price: $10/month -
41
SmartEvent
Check Point Software Technologies
SmartEvent event management provides full threat visibility with a single view into security risks. Take control and command the security event through real-time forensic and event investigation, compliance, and reporting. Respond to security incidents immediately and gain network true insights. SmartEvent provides a single view into security risks. Take control and understand your security status and trends. Respond to security incidents immediately and gain network true insights. Always the latest security management keeps you automatically up-to-date. On-demand expansion to seamlessly onboard more gateways. Zero maintenance makes your environments more secure, manageable and compliant. -
42
During that time, threats are free to spread throughout the network, causing mounting damage and increasing costs. Respond to attacks and stop the damage in minutes, with powerful delivered-email search and rapid deletion from all inboxes. Identify anomalies that may indicate threats, based on insights gathered from analysis of previously delivered email. Use intelligence gathered from previous threat responses to block future emails from malicious actors, and to identify your most vulnerable users. When email-borne attacks evade security and land in your users’ inboxes, you need to respond quickly and accurately to prevent damage and to limit the spread of the attack. Responding to attacks manually is time-consuming and inefficient, which allows threats to spread and damages to increase.
-
43
WizRule
WizSoft
WizRule, data auditing, automatically reveals patterns in the data under analysis and points at cases deviating from these patterns as suspected errors or frauds. A suspected fraud or error is defined as a case that deviates from valid patterns. WizRule is used by auditors, fraud examiners, forensic investigators, data-quality managers. One of their main tasks is revealing fraudulent cases and errors in data. WizRule can help in carrying out this task. WizRule is a data-auditing tool based on data mining technology. It performs an analysis of the data revealing inconsistencies and "strange" cases to be investigated. WizRule works automatically – the user just selects the data and WizRule does the analysis. WizRule checks all the relationships among the values within the various fields and reports unexpected and unlikely cases. WizRule reveals fraudulent cases missed by the standard auditing tools.Starting Price: one time licensing fee -
44
ACSIA
DKSU4Securitas Ltd
ACSIA it is a ‘post-perimeter’ security tool which complements a traditional perimeter security model. It resides at the Application or Data layer. It monitors and protects the the platforms (physical/ VM/ Cloud/ Container platforms) where the data is stored which are the ultimate target of every attacker. Most companies secure their enterprise to ward off cyber adversaries by using perimeter defenses and blocking known adversary indicators of compromise (IOC). Adversary pre-compromise activities are largely executed outside the enterprise’s field of view, making them more difficult to detect. ACSIA is focused on stopping cyber threats at the pre attack phase. It is a hybrid product incorporating a SIEM (Security Incident and Event Management), Intrusion Detection Systems (IDS) Intrusion Prevention Systems (IPS), Firewall and much more. - Built for linux environments - Also monitors Windows servers - Kernel Level monitoring - Internal Threat detectionStarting Price: Depends on number of servers -
45
SentinelTrails
LogSentinel
Our blockchain-based technology does not allow any audit trail changes or deletion even by privileged users. Meet the audit trail requirements of many standards and regulations: GDPR, PSD2, PCI-DSS, ISO 27001, HIPAA, SOX, etc. Real-time detailed analysis of everything that happens, as well as AI-driven anomaly detection will prevent any fraud attempts. Straightforward agent or agentless integration of all existing systems, as well as a simple RESTful API. Have a unified command centre for real-time control and insight across all systems and users. Demonstrate compliance at reduced operational cost and minimise effort on audit, forensics and fraud detection. Never again worry about the integrity of your critical data – we use blockchain so no one can ever tamper with it. -
46
Proofpoint’s Data Loss Prevention solution enables organizations to prevent and manage the risk of sensitive data exposure across email, cloud applications, and endpoints through a unified, cloud-native architecture designed for people-centric protection. It combines advanced content detection (including AI-powered classifiers and optical character recognition), user-behavior analytics, and threat telemetry to identify negligent, compromised, or malicious users and determine intent behind alerts. The platform features a single console that enables triage, investigation, and response across channels; streamlined alert workflows; a lightweight endpoint agent; and support for dynamic policy enforcement, data lineage visualization, and remediation of excess privileges. With this solution, you can detect sensitive file manipulations, uploads to unauthorized destinations, misuse of generative-AI tools, data exfiltration, and abnormal user behaviors while also scaling rapidly.
-
47
Synamedia ContentArmor
Synamedia
ContentArmor is a forensic watermarking software solution that protects content investments, identifies malicious users, and prevents piracy. Identify leaking accounts and protect your content against piracy. Content-aware forensic watermarking, technology with perfect fidelity, and market-leading robustness against video manipulation. Reduce deployment costs with unique bitstream watermarking of compressed content. Safeguard your content investments in premium entertainment and live sports by quickly identifying leaks and taking action to disrupt pirate streams. Identify malicious users illegally sharing your dailies, localized pre-release versions, and screeners. Discover which platforms have been compromised and where to focus your anti-piracy efforts with your affiliates and business partners. Incorporate audio watermarks in your music to protect exclusive tracks and pinpoint the source of piracy to take remedial actions. -
48
eRiskHub
eRiskHub
Let's face it. There's no such thing as perfect security. Whether by hacker, computer glitch or staff mistake, most organizations will experience a data breach incident. In the face of a cyber incident, your clients need urgent help and expertise to respond and recover. Given the complex nature of such events, response is always multi-pronged, requiring expertise in legal/regulatory compliance, information technology (IT) security, privacy, DR/BC, computer forensics, law enforcement, PR, and other areas. When you license the eRiskHub® portal, powered by NetDiligence®, you provide your clients with a go-to resource for all things cyber, helping them shore up their defenses and respond effectively to data breaches, network attacks and other cyber events. We offer several different options to choose from! See our options to the right. -
49
SmartFlow
Solana Networks
SmartFlow is an IT cyber security monitoring tool that uses Anomaly Detection to pinpoint hard-to-detect security threats. SmartFlow complements existing signature based security monitoring tools. It analyzes network flow traffic to detect zero-day security attacks. Smartflow is an appliance based solution and targeted for medium and large enterprises. SmartFlow utilizes patent-pending anomaly detection techniques and network behaviour analysis to identify security threats in a network. It applies Solana algorithms on flow data such as Netflow to detect address scans, DDoS attacks, Botnets, port scans, malware etc. Zero day threats and encrypted malicious traffic (such as Botnet Command & Control) may escape detection by signature-based security monitoring tools. However, they will not escape detection by SmartFlow. SmartFlow distills network traffic and flow data into more than 20 different statistical measures which it continuously analyzes for early warnings of cyber threats.Starting Price: $5000 per year -
50
Bitdefender Sandbox Analyzer
Bitdefender
Sandbox Analyzer detects advanced zero-day threats prior to execution. Suspicious files are automatically uploaded to a secure on-prem or Bitdefender-hosted cloud sandbox for in-depth behavior analysis. Sandbox Analyzer, built by in-house machine learning and behavioral heuristic models, is a powerful forensic tool used in conjunction with Endpoint Detection and Response (EDR) to enhance an organization’s defenses against concealed sophisticated threats. It serves as a source of validation to provide enhanced visibility and focused investigation while optimizing effective threat containment. Suspicious files are analyzed in-depth by detonating payloads in Bitdefender's cloud platform, or in a secure customer virtual environment. Our sandbox technology observes malware behavior by simulating a ‘real target’ so that the malware will act as it would in the wild. Post analysis, appropriate actions are taken to effectively neutralize the threat.
