Alternatives to Radware Threat Intelligence
Compare Radware Threat Intelligence alternatives for your business or organization using the curated list below. SourceForge ranks the best alternatives to Radware Threat Intelligence in 2024. Compare features, ratings, user reviews, pricing, and more from Radware Threat Intelligence competitors and alternatives in order to make an informed decision for your business.
-
1
ManageEngine EventLog Analyzer
ManageEngine
ManageEngine EventLog Analyzer is an on-premise log management solution designed for businesses of all sizes across various industries such as information technology, health, retail, finance, education and more. The solution provides users with both agent based and agentless log collection, log parsing capabilities, a powerful log search engine and log archiving options. With network device auditing functionality, it enables users to monitor their end-user devices, firewalls, routers, switches and more in real time. The solution displays analyzed data in the form of graphs and intuitive reports. EventLog Analyzer's incident detection mechanisms such as event log correlation, threat intelligence, MITRE ATT&CK framework implementation, advanced threat analytics, and more, helps spot security threats as soon as they occur. The real-time alert system alerts users about suspicious activities, so they can prioritize high-risk security threats. -
2
Managed Threat Complete brings comprehensive risk and threat coverage into a single subscription. Managed Detection and Response (MDR) Services & Solutions. Multiple advanced detection methods, including proprietary threat intelligence, behavioral analytics, Network Traffic Analysis, and human threat hunts find evil in your environment. Our team will instantly contain user and endpoint threats to cut off the attacker. Detailed findings reports guide you to take additional remediation and mitigation actions tailored to your program. Let our team be a force multiplier for you. Detection and response experts—from your security advisor to the SOC—help you strengthen your defenses, take immediate. Standing up an effective detection and response program isn’t as simple as buying and implementing the latest security products.Starting Price: $17 per asset per month
-
3
Deep Instinct
Deep Instinct
Deep Instinct is the first and only company to apply end-to-end deep learning to cybersecurity. Unlike detection and response-based solutions, which wait for the attack before reacting, Deep Instinct’s solution works preemptively. By taking a preventative approach, files and vectors are automatically analyzed prior to execution, keeping customers protected in zero time. This is critical in a threat landscape, where real time is too late. With the aim of eradicating cyber threats from the enterprise, Deep Instinct protects against the most evasive known and unknown cyberattacks with unmatched accuracy, achieving highest detection rates and minimal false positives in tests regularly performed by third parties. Providing protection across endpoints, networks, servers, and mobile devices, the lightweight solution can be applied to most OSs and protects against both file-based and fileless attacks. -
4
SandBlast Network
Check Point Software Technologies
As cyber attacks become increasingly evasive, more controls are added, making security more complicated and tedious to the point that user workflows are affected. SandBlast Network provides the best zero-day protection while reducing security overhead and ensuring business productivity. SandBlast Network provides the best zero-day protection in the industry, while reducing administration overhead and ensuring ongoing business productivity. Powerful threat intelligence and AI technologies prevent unknown cyber threats. Single click setup, with out-of-the-box profiles optimized for business needs. Delivering a prevention-first strategy with no impact on user experience. Humans are the weakest link in the security chain. Pre-emptive user protections eliminate threats before they reach the users regardless of the user activity – browsing or using email. Real-time threat intelligence derived from hundreds of millions of sensors worldwide. -
5
Real-time monitoring and analysis allowing you to quickly prioritize, investigate, and respond to hidden threats. A central view of potential threats with built-in workflows removes the complexity of threat protection. Be ready anytime for the audit with automated compliance. Get greater transparency monitoring users, applications, networks and devices. Data correlated and enriched to deliver purposeful intelligence on the threat and how to mitigate. Real-time threat identification and response powered by advanced threat intelligence reduces lead time to protect against threats such as phishing, insider threats, data exfiltration and Distributed Denial of Service (DDOS) attacks.
-
6
AppWall
Radware
AppWall - Radware’s Web Application Firewall (WAF), ensures fast, reliable and secure delivery of mission-critical Web applications and APIs for corporate networks and in the cloud. AppWall is an NSS recommended, ICSA Labs certified and PCI compliant WAF that combines positive and negative security models to provide complete protection against web application attacks, access violations, attacks disguised behind CDNs, API manipulations, advanced HTTP attacks (slowloris, dynamic floods), brute force attacks on login pages and more. At the core of Radware's web application and API protection Solution suite, AppWall is a web application firewall (WAF) that provides patent-protected technology to create and optimize security policies in real-time for widest security coverage with the lowest false positives and minimal operational effort. Radware’s Web application security technology features a variety of deployment modes. -
7
Threat Intelligence Platform
Threat Intelligence Platform
Threat Intelligence Platform combines several threat intelligence sources to provide in-depth insights on threat hosts and attack infrastructure. Correlating threat information from various feeds with our exhaustive in-house databases, a result of 10+ years of data crawling, the platform performs real-time host configuration analyses to come up with actionable threat intelligence that is vital in detection, mitigation, and remediation. Find detailed information about a host and its underlying infrastructure in seconds through the Threat Intelligence Platform web interface. Integrate our rich data sources into your systems to enrich results with additional threat intelligence insights. Integrate our capabilities into existing cybersecurity products, including cyber threat intelligence (CTI) platforms, security information and event management (SIEM) solutions, digital risk protection (DRP) solutions, and more.Starting Price: $12.5 per month -
8
ThreatCloud
Check Point Software Technologies
Real-time threat intelligence derived from hundreds of millions of sensors worldwide, enriched with AI-based engines and exclusive research data from the Check Point Research Team. Detects 2,000 attacks daily by unknown threats previously undiscovered. Advanced predictive intelligence engines, data from hundreds of millions of sensors, and cutting-edge research from Check Point Research and external intelligence feed. Up-to-minute information on the newest attack vectors and hacking techniques. ThreatCloud is Check Point’s rich cyber defense database. Its threat intelligence powers Check Point zero-day protection solutions. Mitigate threats 24×7 with award-winning technology, expert analysis and global threat intelligence. In addition, the service provides recommendations for tuning the customer’s threat prevention policies to enhance the customer’s protection against threats. Customers have access to a Managed Security Services Web Portal. -
9
VIPRE ThreatIQ
VIPRE
VIPRE ThreatIQ gives you the real-time intelligence you need to strengthen your cyber-defense and stop attackers cold. Today’s cyber attackers don’t mess around. They’re sophisticated, and they know how to target your business: drive-by websites, phishing emails, ransomware, or even all-out network exploits. Any technique proven to deliver results is fair game—and they’re constantly devising new ways to take you down. VIPRE ThreatIQ compiles real-time, global threat intelligence to help you understand where attackers are coming from and how they’re working to infiltrate networks—so you can focus your security efforts accordingly. Tackle known and emerging threats with a constant stream of malicious URLs and IP addresses, suspected malicious files, phishing links and other malware data processed by our labs. Blocking a single attack vector won’t work in this era of evolving malware. Use VIPRE ThreatIQ to ensure your security strategy covers every potential point of infiltration. -
10
Transform security infrastructure into a collaborative system. Operationalize threat intelligence data in real time, delivering protection to all points in your enterprise as new threats emerge. Leverage Data Exchange Layer (DXL) to instantly share threat data to all connected security systems, including third-party solutions. Detect unknown files for faster time to protection and lower costs. Broader threat intelligence helps make accurate file execution decisions and customize policies based on risk tolerance. Enable better decision-making to handle never-before-seen and potentially malicious files. Combine and share threat information from Trellix Global Threat Intelligence, third parties, and locally collected data from your security solutions. DXL, an open communications framework, connects disparate security solutions. Share real-time security intelligence among endpoint, gateway, network, and data center security solutions.
-
11
Global Threat Intelligence (GTI) is a comprehensive, real-time, cloud-based reputation service, fully integrated into Trellix products. Protects organizations and their users from both known and emerging cyber threats, regardless of the source of those threats or where they propagate. Arms your security infrastructure with shared threat intelligence, enabling security products to act in concert, based on the same robust, real-time information. Closes the threat window with instantaneous, and often predictive, reputation-based threat intelligence, reducing the probability of attack and cost of remediation and lost downtime. Threat data is collected from billions of Trellix product sensor queries around the globe and correlated to produce our threat intelligence. Trellix products query GTI in the cloud, and GTI renders the latest reputation or categorization intelligence to the products so that they can take action.
-
12
Proofpoint Identity Threat Defense
Proofpoint
In an ever-changing hybrid world, your organization depends on its employees, their virtual identities, and the endpoints they operate on to build and protect its assets. Threat actors have found unique ways to move laterally across your cloud environments by exploiting such identities. You need an innovative and agentless identity threat detection and response solution to discover and remediate modern identity vulnerabilities—a key part of today’s attack chain. Proofpoint Identity Threat Defense, previously Illusive, gives you comprehensive prevention and visibility across all your identities so you can remediate identity vulnerabilities before they become real risks. You can also detect any lateral movements in your environments and activate deception to ensure threat actors are stopped in action before they gain access to your corporate assets. It doesn’t get better than knowing you can prevent modern identity risks and stop real-time identity threats in action, all in one place. -
13
Bitdefender Advanced Threat Intelligence
Bitdefender
Fueled by the Bitdefender Global Protective Network (GPN), Bitdefender Advanced Threat Intelligence collects data from sensors across the globe. Our Cyber-Threat Intelligence Labs correlate hundreds of thousands of Indicators of Compromise and turn data into actionable, real-time insights. By delivering our top-rated security data and expertise directly to businesses and Security Operations Centers, Advanced Threat Intelligence bolsters security operations success with one of the industry’s broadest and deepest bases of real-time knowledge. Improve threat-hunting and forensic capabilities with contextual, actionable threat indicators on IPs, URLs, domains and files known to harbor malware, phishing, spam, fraud and other threats. Decrease time to value by seamlessly integrating our platform-agnostic Advanced Threat Intelligence services into your security architecture, including SIEM, TIP and SOAR. -
14
ThreatWarrior
ThreatWarrior
ThreatWarrior safeguards your hybrid enterprise and keeps you immune from cyberattacks. Use our platform to gain insight, visibility and real-time protection across your entire digital estate. See everything happening across your on-premises, cloud, or hybrid enterprise in real time with continuous deep packet inspection. Learn the behavior of everything communicating on your network through our proprietary approach to deep learning. Act efficiently to understand and stop cyber threats, and streamline triage, investigation, response and remediation. Easily integrate and analyze network data with ThreatWarrior. The platform simplifies and unifies multiple clouds and environments to deliver complete protection from one consolidated location. Our SaaS platform identifies, classifies and protects every network-connected ‘thing’ and provides a rich 3D Universe that shows real-time traffic, communication, and connections between those assets. -
15
Radware DefensePro
Radware
DefensePro and DefensePro VA provide advanced DDoS prevention, protection and IoT botnet attack mitigation across legacy data center and public cloud. Part of Radware’s attack mitigation solution, DefensePro provides automated DDoS defense and protection from fast moving, high volume, encrypted or very short duration threats, including IoT-based attacks like Mirai, Pulse, Burst, DNS, TLS/SSL attacks and those attacks associated with Permanent Denial of Service (PDoS) and Ransom Denial-of-Service (RDoS) techniques. Are you tired of fighting prolonged attack campaigns? Is your organization using the proper DDoS defense techniques to withstand today’s sophisticated DDoS attacks? With the threat of reduced revenues, higher expenses and damaged reputations, organizations need Radware’s hybrid attack mitigation solution that integrates real-time WAF, SSL protection and DDoS protection on-premise with a cloud service that is activated on-demand. -
16
ZeroHack TRACE
WhizHack
ZeroHack TRACE is a cyber threat intelligence framework using decoy technology and multiple sensors to generate and analyze threat data. It offers customizable, dynamic intelligent shifting sensors, easy reconfiguration, and self-healing. With a specialized DPI engine, TRACE captures real-time data for user analysis. Processed honeynet data enhances visualization and correlation, empowering analysts to secure networks comprehensively. ZeroHack TRACE’s Dynamic Intelligent Shifting Sensors (DISS) enhance security by periodically changing sensor positions to avoid detection by attackers. ZeroHack TRACE uses domain-specific honeynets designed for specific IT environments. ZeroHack TRACE sensors self-heal from attacks and auto-update, minimizing maintenance for customers. Each ZeroHack TRACE sensor features a deep packet inspection engine for real-time data capture, enabling detailed network monitoring and swift threat identification. -
17
Echosec Systems
Echosec Systems Ltd
Intelligence and security teams are responsible for protecting people, places, data, infrastructure, and other critical assets from harm. The internet is a valuable yet overwhelming source of threat intelligence, helping drive more informed decisions in response to these risks. Echosec Systems gives users a single point of access to a wealth of online data so they can respond faster and more effectively to cyber, cyber-enabled, and physical threats. Our solutions deliver an unparalleled breadth of online sources in a simple user interface, filtering relevant data from millions of surface, deep, and dark web posts in a digestible format. Machine learning threat classifiers, advanced keyword filtering, and geo-location features help users eliminate noise and pinpoint specific, relevant content in real-time. Whether the event is a violent threat, a planned attack, or a data breach—Echosec Systems delivers immediate situational awareness so security and intelligence teams can res -
18
VulnCheck
VulnCheck
Unprecedented visibility into the vulnerable ecosystem from the eye of the storm. Prioritize response and finish taking action before the attacks occur. Early access to new vulnerability information not found in the NVD along with dozens of unique fields. Real-time monitoring of exploit PoCs; exploitation timelines; ransomware, botnet, and APT/threat actor activity. In-house developed exploit PoCs, packet captures to defend against initial access vulnerabilities. Integrate vulnerability assessment into existing asset inventory systems, anywhere package URLs or CPE strings are present. Explore VulnCheck, a next-generation cyber threat intelligence platform, which provides exploit and vulnerability intelligence directly into the tools, processes, programs, and systems that need it to outpace adversaries. Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't. -
19
ThreatStryker
Deepfence
Runtime attack analysis, threat assessment, and targeted protection for your infrastructure and applications. Stay ahead of attackers and neutralize zero-day attacks. Observe attack behavior. ThreatStryker observes, correlates, learns and acts to protect your applications and keep you one step ahead of attackers. Deepfence ThreatStryker discovers all running containers, processes, and online hosts, and presents a live and interactive color-coded view of the topology. It audits containers and hosts to detect vulnerable components and interrogates configuration to identify file system, process, and network-related misconfigurations. ThreatStryker assesses compliance using industry and community standard benchmarks. ThreatStryker performs deep inspection of network traffic, system, and application behavior, and accumulates suspicious events over time. Events are classified and correlated against known vulnerabilities and suspicious patterns of behavior. -
20
AhnLab MDS
AhnLab
More recent and sophisticated cyber-attacks have targeted organizations by injecting malware or files into web applications and email. The attacks initiate the distribution of malware that passes undetected through conventional security solutions; hence, these are so-called Advanced Persistent Threats(APTs). However, the response to the ever-evolving malware-based threats has been via ordinary security methods like antivirus, firewall, and intrusion prevention products. Because of this, many organizations remain vulnerable to Advanced Persistent Threats. It’s no secret that these attacks cost a company via lost intellectual property, stolen information assets, damage to equipment, and network downtime. AhnLab MDS (Malware Defense System) is a network sandbox based APT (Advanced Persistent Threat) protection solution that combines on-premise and cloud-based analytics to defeat advanced targeted threats anywhere across the organization. -
21
TruKno
TruKno
Keep up with how adversaries are bypassing enterprise security controls based on the latest cyber attack sequences in the wild. Understand cyber attack sequences associated with malicious IP addresses, file hashes, domains, malware, actors, etc. Keep up with the latest cyber threats attacking your networks, your industry/peers/vendors, etc. Understand MITRE TTPs (at a ‘procedure’ level) used by adversaries in the latest cyber attack campaigns so you can enhance your threat detection capabilities. A real-time snapshot of how top malware campaigns are evolving in terms of attack sequences (MITRE TTPs), vulnerability exploitation (CVEs), IOCs, etc. -
22
Vigilante Operative
Vigilante
Cyber threats are proliferating at an alarming rate and often result in data exfiltration, network infiltration, data loss, account activity takeover, compromised customer data and reputational damage to an organization. As threat actors become more aggressive and malicious, the burden on IT security professionals becomes greater, especially with tight budgets and limited resources. As these threats become overwhelming, it is more challenging for organizations to gain the upper hand. Operative is our advanced threat intelligence hunting service for enterprise organizations. Vigilante lives within the dark web community to remain ahead of emerging threats, enabling deeper visibility and providing a continuous feedback loop of insight into exposures such as: Third-party risk and exposure, leaked or stolen data, malicious campaigns, attack vectors. -
23
Binary Defense
Binary Defense
To prevent breaches, you need complete cybersecurity protection. It takes a 24×7 security team to monitor, detect and respond to threats. Take the cost and complexity out of cybersecurity by extending your team and expertise. Our Microsoft Sentinel experts get your team deployed, monitoring, and responding faster than ever while our SOC Analysts and Threat Hunters always have your teams back. Guard the weakest points in your network – your laptops, desktops and servers. We provide advanced endpoint protection and system management. Gain comprehensive, enterprise-level security. We deploy, monitor and tune your SIEM with around-the-clock protection from our security analysts. Be proactive with your cybersecurity. We detect and thwart attackers before they strike by hunting for threats where they live. Identify unknown threats and prevent attackers from evading existing security defenses with proactive threat hunting. -
24
ELLIO
ELLIO
IP Threat Intel delivers real-time threat intelligence that helps security teams reduce alert fatigue and speed up triage in TIPs, SIEM & SOAR platforms. Available as an API for your SIEM/SOAR/TIP or as a local database for most demanding on-premise workloads. The feed provides detailed information on IP addresses observed in the last 30 days, including ports targeted by an IP. Updated every 60 minutes, it reflects the current threat landscape. Each IP entry includes context on event volume over the past 30 days and the most recent detection by ELLIO's deception network. Provides a list of all IP addresses observed today. Each IP entry includes tags and comments with context on targeted regions, connection volume, and the last time the IP was observed by ELLIO's deception network. Updated every 5 minutes, it ensures you have the most current information for your investigation and incident response.Starting Price: $1.495 per month -
25
Mandiant Digital Risk Protection
Mandiant
Learn what a digital risk protection solution is and how it can help you be better prepared by understanding who is targeting you, what they’re after, and how they plan to compromise you. Mandiant delivers a broad digital risk protection solution either via stand-alone self-managed SaaS products or a comprehensive service. Both options give security professionals visibility outside their organization, the ability to identify high-risk attack vectors, malicious orchestration from the deep and dark web, and attack campaigns on the open web. Mandiant’s digital risk protection solution also provides contextual information on threat actors and their tactics, techniques, and procedures to provide a more secure cyber threat profile. Gain visibility into risk factors impacting the extended enterprise and supply chain by mapping your attack surface and monitoring deep and dark web activity. Identify unknown or unmanaged vulnerable internet-facing assets before threat actors do. -
26
Cortex XSOAR
Palo Alto Networks
Orchestrate. Automate. Innovate. The industry’s most comprehensive security orchestration, automation and response platform with native threat intelligence management and a built-in marketplace. Transform your security operations with scalable, automated processes for any security use case. Get up to a 95% reduction in the volume of alerts requiring human review. Cortex XSOAR ingests alerts across sources and executes automated workflows/playbooks to speed up incident response. Cortex XSOAR case management facilitates standardized response for high-quantity attacks while helping your teams adapt to sophisticated one-off attacks. Cortex XSOAR playbooks are complemented by real-time collaboration capabilities that let security teams rapidly iterate to solve emergent threats. Cortex XSOAR offers a new approach to threat intelligence management that unifies threat intelligence aggregation, scoring and sharing with proven playbook-driven automation. -
27
FortiGate NGFW
Fortinet
High threat protection performance with automated visibility to stop attacks. FortiGate NGFWs enable security-driven networking and consolidate industry-leading security capabilities such as intrusion prevention system (IPS), web filtering, secure sockets layer (SSL) inspection, and automated threat protection. Fortinet NGFWs meet the performance needs of highly scalable, hybrid IT architectures, enabling organizations to reduce complexity and manage security risks. FortiGate NGFWs are powered by artificial intelligence (AI)-driven FortiGuard Labs and deliver proactive threat protection with high-performance inspection of both clear-text and encrypted traffic (including the industry’s latest encryption standard TLS 1.3) to stay ahead of the rapidly expanding threat landscape. FortiGate NGFWs inspect traffic as it enters and leaves the network. These inspections happen at an unparalleled speed, scale, and performance and prevent everything from ransomware to DDoS attacks. -
28
CleanINTERNET
Centripetal
While traditional cybersecurity solutions remediate threats as they emerge, CleanINTERNET® shields against threats proactively, preventing them from reaching your network in the first place. The largest collection of high-confidence, high-fidelity commercial threat intelligence in the world, is operationalized so your defenses adapt and defend in parallel with the threat landscape. Applying over 100 billion indicators of compromise from real-time intelligence feeds, updated every 15 minutes, to protect your network. The fastest packet filtering technology on the planet is integrated at your network’s edge with no latency, enabling the use of billions of threat indicators so malicious threats are dynamically blocked from entering your network. Highly skilled analysts augmented by AI technology monitor your network, providing automated shielding based on real-time intelligence, and validated by human expertise. -
29
Based on threat intelligence, big data mining and analysis, machine learning, visualization and other technologies, Wangsu situational awareness realizes the “visible, manageable, and controllable” network security situation, helping regulatory agencies, governments, enterprises and institutions improve discovery, identification, understanding, analysis, the ability to respond to potential threats, and help companies understand the operating status of online businesses in real time, and achieve a closed-loop business linkage of monitoring, early warning and emergency response. Supported by massive and continuous user access trajectory data, it effectively integrates and analyzes all threat intelligence, security incidents, etc., assesses the security of intrusion threats from a macro perspective, and helps companies effectively respond to unexpected new attacks. Real-time grasp of the latest security situation of the entire network and customer business.
-
30
Cavalier
Hudson Rock
Cavalier is based on forensic technologies and operational know-how developed at the IDF’s 8200 Unit to counter nation-state adversaries and professional threat actors. It is a unique cybercrime intelligence data source composed of millions of machines compromised in global malware-spreading campaigns. Our high-fidelity data is sourced directly from threat actors and augmented monthly with hundreds of thousands of new compromised machines. Cavalier’s high-fidelity data protects employees, partners, customers, and digital assets with an unprecedented granularity of threat vectors including ransomware, business espionage, breaches & network overtakes. Allows hackers to use existing victims' sessions by importing their cookies and bypassing security measurements. URL accessed by the victim, their login credentials, and plaintext passwords, are used by hackers to hack into employee and user accounts. -
31
Trellix Helix Connect
Trellix
To protect against advanced threats, organizations need to integrate their security and apply the right expertise and processes. Trellix Helix Connect is a cloud-hosted security operations platform that allows organizations to take control of any incident from alert to fix. Gain comprehensive visibility and control across your entire enterprise by collecting, correlating and analyzing critical data for meaningful threat awareness. Easily integrate security functions without extensive and costly cycles. Make informed and efficient decisions with contextual threat intelligence. Detect advanced threats with machine learning, AI and integrated real-time cyber intelligence. Gain critical context into who is targeting your organization and why. With a smart and adaptive platform, you can predict and prevent emerging threats, identify root causes and respond in real time. -
32
Criminal IP
AI Spera
Criminal IP is a comprehensive threat intelligence search engine that detects vulnerabilities of personal and corporate cyber assets in real time and facilitates preemptive responses accordingly. Originated from the idea that individuals and corporations would be able to strengthen their cyber security by proactively acquiring information about IP addresses attempting to access your network, Criminal IP uses its big data of more than 4.2 billion IP addresses to provide threat-relevant information on malicious IPs and links, phishing sites, certificates, industrial control systems, IoTs, servers, security cameras, and so forth. With Criminal IP’s 4 main features (Asset Search, Domain Search, Exploit Search, and Image Search), you can find IP risk scores and related vulnerabilities of searched IP addresses and domains, details on the exploit codes for each service, and assets that are left wide open to cyber threats in the form of images respectively. -
33
threatYeti by alphaMountain
alphaMountain AI
threatYeti by alphaMountain, turns security professionals and hobbyists alike into a senior IP threat intelligence analysts with a browser-based platform that renders real-time threat verdicts for any domain, URL, or IP on the internet. With threatYeti, the risk posed by a domain is rendered instantly with a color-coded rating from 1.00 (low risk) to 10.00 (high risk). threatYeti also protects cyber threat analysts and their networks from risky sites. threatYeti’s no-click categorization presents sites into at least one out of 83 categories so that analysts don’t have to visit them and risk encountering objectionable material or downloading malware. threatYeti also displays related hosts, threat factors, passive DNS, certificates, redirect chains and more, giving analysts the full picture of any host. The result is faster, safer investigations that enable organizations to take conclusive action on domain and IP threats.Starting Price: $0 -
34
ArmorPoint
ArmorPoint
Quickly identify and mitigate network threats as they happen in real-time. Ensure the network is secure and at safe operating levels after any setback. Immediately catch and isolate events that could pose a serious threat to the business. Monitor IT performances of the entire network stack right down to the endpoint. Record, store, and organize event logs and usage data for any network component. Adjust and control every facet of your overall security efforts through a single pane of glass. ArmorPoint takes the analytics traditionally monitored in separate silos, NOC and SOC, and brings that data together for a more holistic view of the security and availability of the business. Rapid detection and remediation of security events. Security, performance, and compliance management. Event correlation spanning your entire attack surface, security automation and orchestration.Starting Price: $250 per month -
35
Radware Client-Side Protection
Radware
Cybercriminals are targeting an unmonitored source for personal and financial data, the application supply chain. This includes the dozens of automatically trusted third-party services embedded in your application environments that can expose user-entered addresses, credit card numbers, and more. Protect the data path between end users’ browsers and third-party services by extending Radware’s blanket of security to your application supply chain. Our advanced client-side protection complies with new PCI-DSS 4.0 requirements, so you can keep your customer data safe, and your reputation intact. Discover third-party scripts and services running on the browser side of your application. Receive real-time activity tracking alerts and threat-level assessments according to multiple indicators (compliant with PCI-DSS 4 regulations). Prevent data leakage by blocking destinations that are unknown or have illegitimate parameters. -
36
StealthDEFEND
Netwrix
Detect and respond to abnormal behavior and advanced attacks against active directory and file systems with unprecedented accuracy and speed. Authentication-based attacks factored into 4 out of every 5 breaches involving hacking. Every attacker is after the same two things; credentials and data. Once inside, attackers aim to discover your environment, find and compromise privileged credentials, and leverage those credentials to access, exfiltrate, or destroy data. StealthDEFEND is the only real-time threat detection and response solution purpose-built to protect these two common denominators in every breach scenario. Detect and respond to the specific tactics, techniques, and procedures (TTPs) attackers are leveraging when attempting to compromise active directory and file system data. Automatic tagging of privileged users, groups, data, and resources appropriately adjusts risk ratings associated with abnormal or nefarious behaviors. -
37
Palo Alto Networks AutoFocus
Palo Alto Networks
Tomorrow's operations depend on unrivaled threat intelligence, today. Power up investigation, prevention and response with AutoFocus. Palo Alto Networks, provider of the industry-leading next-generation firewall, has made the world’s highest-fidelity repository of threat intelligence, sourced from the largest network of sensors, available for any team or tool to consume. AutoFocus™ contextual threat intelligence service is your one-stop shop for threat intelligence. Your teams will receive instant understanding of every event with unrivaled context from Unit 42 threat researchers, and you can embed rich threat intelligence in analyst’s existing tools to significantly speed investigation, prevention, and response. Get unique visibility into attacks crowdsourced from the industry’s largest footprint of network, endpoint, and cloud intel sources. Enrich every threat with the deepest context from worldrenowned Unit 42 threat researchers. -
38
CrowdSec
CrowdSec
CrowdSec is a free, open-source and collaborative IPS to analyze behaviors, respond to attacks & share signals across the community, outnumbering cybercriminals all together. Set up your own intrusion detection system. Apply behavior scenarios to identify cyber threats. Share and benefit from a crowdsourced and curated cyber threat intelligence system. Define the type of remediation you want to apply and where. Leverage the community’s IP blocklist and automate your security. CrowdSec is designed to run seamlessly on virtual machines, bare-metal servers, containers or to be called directly from your code with our API. Our strength comes from our cybersecurity community that is burning cybercriminals’ anonymity. By sharing IP addresses that aggressed you, you help us curate and redistribute a qualified IP blocklist to protect everyone. CrowdSec is 60x faster than tools like Fail2ban and can parse massive amounts of logs in no time. -
39
Intrusion
Intrusion
In cybersecurity, speed is critical, and Intrusion helps you understand your environment’s biggest threats, fast. See the real-time list of all blocked connections, drill down on an individual connection to see more details like why it was blocked, risk level, etc. An interactive map shows you what countries your business is communicating with the most. Quickly see which devices have the most malicious connection attempts to prioritize remediation efforts. If an IP is trying to connect, you’ll see it. Intrusion monitors traffic bidirectionally in real time, giving you full visibility of every connection being made on your network. Stop guessing which connections are actual threats. Informed by decades of historical IP records and reputation in the global threat engine, it instantly identifies malicious or unknown connections in your network. Reduce cyber security team burnout and alert fatigue with autonomous real-time network monitoring and 24/7 protection. -
40
Avira Protection Cloud
Avira
Using our world wide sensor network, Avira sees cyber threats as they emerge in real-time. The Avira Protection Cloud develops the intelligence associated with the threats we identify and makes it immediately available to our technology partners. Dynamic File Analysis combines multiple sandbox approaches for behavioral profiling to cluster and reveal similarity in the behavior of malware and identify advanced threats. Powerful rules allow the identification of behavior patterns that are specific to malware families and strains, or reveal the exact malicious intent of malware itself. Avira’s extended scanning engine is an extremely efficient way of identifying families of known malware. It uses proprietary definitions and heuristic algorithms as well as powerful content extraction and de-obfuscation techniques to identify malware. -
41
LMNTRIX
LMNTRIX
LMNTRIX is an Active Defense company specializing in detecting and responding to advanced threats that bypass perimeter controls. Be the hunter not the prey. We think like the attacker and prize detection and response. Continuous everything is the key. Hackers never stop and neither do we. When you make this fundamental shift in thinking, you start to think differently about how to detect and respond to threats. So at LMNTRIX we shift your security mindset from “incident response” to “continuous response,” wherein systems are assumed to be compromised and require continuous monitoring and remediation. By thinking like the attacker and hunting on your network and your systems, we allow you to move from being the prey to being the hunter. We then turn the tables on the attackers and change the economics of cyber defense by shifting the cost to the attacker by weaving a deceptive layer over your entire network – every endpoint, server and network component is coated with deceptions. -
42
Lumen Adaptive Threat Intelligence
Lumen Technologies
Adaptive Threat Intelligence helps security specialists quickly neutralize threats before they attack. Leveraging our global network visibility, we provide high-fidelity intelligence correlated to your IP addresses, combined with Rapid Threat Defense to proactively stop threats and simplify security. Automated validation technology developed and deployed by Black Lotus Labs tests newly discovered threats and validates the fidelity of our threat data, minimizing false positives. Rapid threat defense automated detection and response capabilities block threats based on your risk tolerance. Comprehensive virtual offering eliminates the need to deploy or integrate devices and data, and provides a single escalation point. Easy-to-use security portal, mobile app, API feed and customizable alerts that allow you to manage threat visualization and response with context-rich reports and historical views. -
43
CounterCraft
CounterCraft
Unlike other security companies, we offer real-time intel that organizations can use to manipulate adversarial behavior even before being attacked. We built a distributed threat deception platform that allows you to take a step forward in defense. Take back control. We have built the highest-quality deception platform for active defense. Our proprietary ActiveLures™ populate ActiveSense™ environments and communicate using our ActiveLink™ technology. -
44
Trend Micro Hybrid Cloud Security
Trend Micro
Trend Micro's Hybrid Cloud Security offers a system to protect servers against threats. Advancing security from data centers to cloud workloads, applications, and cloud-native architectures, Cloud Security provides platform-based protection, risk management, and multi-cloud detection and response. Shift from disconnected point products to a cybersecurity platform with unparalleled breadth and depth of capabilities including CSPM, CNAPP, CWP, CIEM, EASM, and more. Combines continuous attack surface discovery across workloads, containers, APIs, and cloud assets, real-time risk assessments and prioritization, and automated mitigation actions to dramatically reduce your risk exposure. Scans 900+ AWS and Azure rules to detect cloud misconfigurations and map findings with dozens of best practices and compliance frameworks. Helps cloud security and compliance teams understand their level of compliance, easily identifying any deviations from appropriate security standards. -
45
Sequretek Percept XDR
Sequretek
Cloud-based enterprise security platform offering automated threat detection and response using AI and big data across cloud and on-premise enterprise environments. Percept XDR ensures end-to-end security, threat detection and response while allowing enterprises to focus on their core business growth without the fear of compromise. Percept XDR helps to protect against phishing, ransomware, malware, vulnerability exploits, insider threats, web attacks and many more advanced attacks. Percept XDR has an ability to ingest data from various sources, uses AI and Big Data to detect threats. Its ability to ingest sensor telemetry, logs, and global threat intelligence feeds allows the AI detection engine to identify new use cases and anomalies, thereby detecting new and unknown threats. Percept XDR features SOAR-based automated response in line with the MITRE ATT&CK® framework. -
46
SecLytics Augur
SecLytics
Conventional TIPs alert you about threats when they are already knocking at your network door. SecLytics Augur uses machine learning to model the behavior of threat actors and create adversary profiles. Augur identifies the build-up of attack infrastructure and predicts attacks with high-accuracy and low false positives before they even launch. These predictions are fed to your SIEM or MSSP via our integrations to automate blocking. Augur builds and monitors a pool of more than 10k adversary profiles, with new profiles identified daily. Augur identifies threats before day zero and levels the playing field by removing the element of surprise. Augur discovers and protects against more potential threats than conventional TIPs. Augur detects the buildup of cybercriminal infrastructure online before attack launch. The behavior of infrastructure acquisition and setup is both systematic and characteristic. -
47
Trellix ATLAS
Trellix
Giving customers a unique insight into malicious files, domains, and IP detections seen worldwide. Advanced Threat Landscape Analysis System (ATLAS) data is aggregated from various Trellix data sources to provide the latest global emerging threats with enriched data such as industry sector and geolocation. ATLAS correlates these threats with campaign data containing research from Trellix’s Advanced Research Center (ARC) and Threat Intelligence Group (TIG), as well as open source data, to provide a dedicated view for campaigns consisting of events, dates, threat actors, IOCs, and more. Enables customers with unique global insight into the malicious threat detections seen worldwide by Trellix. Geospatially enabled situational awareness. Utilizes the Trellix telemetry data collected worldwide. Highlights current and emerging threats by highlighting those of particular interest by type, industry sector, geolocation, most seen, etc. -
48
Extend your security intelligence from local network to global cyberspace. Get in-depth, up-to-date global knowledge about specific threats and attack sources, which can be difficult to obtain if you only have access to information within your own networks. ESET Threat Intelligence data feeds utilize widely supported STIX and TAXII formats, which makes it easy to integrate with existing SIEM tools. Integration helps to deliver the latest information on the threat landscape to predict and prevent threats before they strike. ESET Threat Intelligence features a full API that is available for automation of reports, YARA rules and other functionalities to allow for integration with other systems used within organizations. These allow organizations to set up custom rules to obtain company-specific information that security engineers are interested in. Organizations receive valuable details such as the number of times specific threats have been seen worldwide.Starting Price: $132
-
49
Chronicle Threat Intelligence
Chronicle
Drive better detections with high quality, actionable, out-of-the-box threat detection content curated, built, and maintained by Google Cloud Threat Intelligence researchers. Native detection sets cover a variety of threats across vectors, including Windows-based attacks like ransomware, remote-access tools (RAT), infostealers, data exfiltration, and suspicious activity. Unlock new detection coverage with new analytics regularly built by Google Cloud Threat Intelligence researchers uncovering new and latent attacks. Use GCTI detections to build response actions and write rules customized to your environment. Leverage the VirusTotal Augment widget to drive efficiencies in SOC processes, and enable faster search for artifacts like domains, IPs, URLs or hashes. Gain context beyond your network perimeter, expand your telemetry and explore related VirusTotal IoCs in a graphical manner. -
50
Keysight Application Threat Intelligence
Keysight Technologies
Fortune magazine reports that security issues are among the top three concerns of leaders around the world today. Understandably, when Ponemon Research finds that the average malicious hack takes an astonishing 256 days to discover (and pegs the average cost of a data breach at $4 million). The aim is clearly to get in front of these bad guys and, if attacked, quickly identify the issue and contain the damage. As new security threats surface every week, staying on top of today’s threat landscape is a full-time job, requiring constant vigilance and in-depth research. It is an expensive and time-consuming proposition, but no enterprise manager, government agency, or service provider wants to be caught unprepared. Our Application and Threat Intelligence (ATI) subscription service provides up-to-the-moment threat intelligence.