Best Threat Intelligence Platforms in Brazil - Page 5

Compare the Top Threat Intelligence Platforms in Brazil as of July 2026 - Page 5

  • 1
    PassiveTotal
    RiskIQ PassiveTotal aggregates data from the whole internet, absorbing intelligence to identify threats and attacker infrastructure, and leverages machine learning to scale threat hunting and response. With PassiveTotal, you get context on who is attacking you, their tools and systems, and indicators of compromise outside the firewall—enterprise and third party. Investigation can go fast, really fast. Find answers quickly with over 4,000 OSINT articles and artifacts. Along with 10+ years of mapping the internet, RiskIQ has the deepest and broadest security intelligence on earth. By absorbing web data like Passive DNS, WHOIS, SSL, hosts and host pairs, cookies, exposed services, ports, components, and code. With curated OSINT and proprietary security intelligence, you can see everything—from every angle—on the digital attack surface. Take charge of your digital presence and combat threats to your organization.
  • 2
    Wangsu Network Situational Awareness
    Based on threat intelligence, big data mining and analysis, machine learning, visualization and other technologies, Wangsu situational awareness realizes the “visible, manageable, and controllable” network security situation, helping regulatory agencies, governments, enterprises and institutions improve discovery, identification, understanding, analysis, the ability to respond to potential threats, and help companies understand the operating status of online businesses in real time, and achieve a closed-loop business linkage of monitoring, early warning and emergency response. Supported by massive and continuous user access trajectory data, it effectively integrates and analyzes all threat intelligence, security incidents, etc., assesses the security of intrusion threats from a macro perspective, and helps companies effectively respond to unexpected new attacks. Real-time grasp of the latest security situation of the entire network and customer business.
  • 3
    Trellix Threat Intelligence Exchange
    Transform security infrastructure into a collaborative system. Operationalize threat intelligence data in real time, delivering protection to all points in your enterprise as new threats emerge. Leverage Data Exchange Layer (DXL) to instantly share threat data to all connected security systems, including third-party solutions. Detect unknown files for faster time to protection and lower costs. Broader threat intelligence helps make accurate file execution decisions and customize policies based on risk tolerance. Enable better decision-making to handle never-before-seen and potentially malicious files. Combine and share threat information from Trellix Global Threat Intelligence, third parties, and locally collected data from your security solutions. DXL, an open communications framework, connects disparate security solutions. Share real-time security intelligence among endpoint, gateway, network, and data center security solutions.
  • 4
    DeCYFIR

    DeCYFIR

    CYFIRMA

    We go to the hackers’ trenches, discover, analyze, correlate, and find the deepest insights from noisy data. Receive comprehensive cyber intelligence that covers beyond tactical approach; our insights include management and strategic intelligence that is applicable across the organization. We correlate data against your industry, geography and technology to give you remediation recommendations, prioritized for swift actions. Quality cyber intelligence requires deep technology to decode signals from a multitude of sources. By converting discovery to useful insights, the Threat Visibility and Intelligence module is the essential cybersecurity ammunition to keep any organization’s security posture robust. The threat visibility and Intelligence module is a powerful platform where data is collected, analyzed, correlated against key attributes and presented in a format where both security practitioners and business leaders can take decisive actions.
  • 5
    Keysight Application Threat Intelligence
    Fortune magazine reports that security issues are among the top three concerns of leaders around the world today. Understandably, when Ponemon Research finds that the average malicious hack takes an astonishing 256 days to discover (and pegs the average cost of a data breach at $4 million). The aim is clearly to get in front of these bad guys and, if attacked, quickly identify the issue and contain the damage. As new security threats surface every week, staying on top of today’s threat landscape is a full-time job, requiring constant vigilance and in-depth research. It is an expensive and time-consuming proposition, but no enterprise manager, government agency, or service provider wants to be caught unprepared. Our Application and Threat Intelligence (ATI) subscription service provides up-to-the-moment threat intelligence.
  • 6
    Recorded Future

    Recorded Future

    Recorded Future

    Recorded Future is the world’s largest provider of intelligence for enterprise security. By combining persistent and pervasive automated data collection and analytics with human analysis, Recorded Future delivers intelligence that is timely, accurate, and actionable. In a world of ever-increasing chaos and uncertainty, Recorded Future empowers organizations with the visibility they need to identify and detect threats faster; take proactive action to disrupt adversaries; and protect their people, systems, and assets, so business can be conducted with confidence. Recorded Future is trusted by more than 1,000 businesses and government organizations around the world. The Recorded Future Security Intelligence Platform produces superior security intelligence that disrupts adversaries at scale. It combines analytics with human expertise to unite an unrivaled variety of open source, dark web, technical sources, and original research.
  • 7
    MineMeld

    MineMeld

    Palo Alto Networks

    In order to prevent successful cyberattacks, many organizations collect indicators of compromise (IOCs) from various threat intelligence providers with the intent of creating new controls for their security devices. Unfortunately, legacy approaches to aggregation and enforcement are highly manual in nature, often creating complex workflows and extending the time needed to identify and validate which IOCs should be blocked. Now security organizations can leverage MineMeld, an open-source application that streamlines the aggregation, enforcement and sharing of threat intelligence. MineMeld is available for all users directly on GitHub, as well as pre-built virtual machines (VMs) for easy deployment. With an extensible modular architecture, anyone can add to the MineMeld functionality by contributing code to the open-source repository.
  • 8
    Proofpoint Emerging Threat (ET) Intelligence
    Proofpoint ET Intelligence delivers the most timely and accurate threat intelligence. Our fully verified intel provides deeper context and integrates seamlessly with your security tools to enhance your decision-making. Knowing what types of threats exist is no longer enough to protect your people, data, and brand. Emerging Threat (ET) intelligence helps prevent attacks and reduce risk by helping you understand the historical context of where these threats originated, who is behind them, when have they attacked, what methods they used, and what they're after. Get on-demand access to current and historical metadata on IPs, domains, and other related threat intelligence to help research threats and investigate incidents. In addition to reputation intel, you get condemnation evidence, deep context, history, and detection information. It's all searchable in an easy-to-use threat intelligence portal that includes: Trends and timestamps of when a threat was seen and the associated category.
  • 9
    Cisco SecureX
    SecureX is a cloud-native, built-in platform that connects our Cisco Secure portfolio and your infrastructure. It allows you to radically reduce dwell time and human-powered tasks. Achieve simplicity, visibility, and efficiency by removing bottlenecks that slow down your teams' access to answers and actions. SecureX includes XDR capabilities and beyond with every Cisco Secure product. Get an integrated and open platform that simplifies your existing ecosystem and works with third-party solutions. Experience unified visibility with a customizable dashboard and maintain context around incidents with a consistent ribbon that never leaves you. Accelerate threat investigations and incident management by aggregating and correlating global intelligence and local context in one view. Automate routine tasks using prebuilt workflows that align to common use cases. Or build your own workflows with our no-to-low code, drag-and-drop canvas.
  • 10
    SecLytics Augur
    Conventional TIPs alert you about threats when they are already knocking at your network door. SecLytics Augur uses machine learning to model the behavior of threat actors and create adversary profiles. Augur identifies the build-up of attack infrastructure and predicts attacks with high-accuracy and low false positives before they even launch. These predictions are fed to your SIEM or MSSP via our integrations to automate blocking. Augur builds and monitors a pool of more than 10k adversary profiles, with new profiles identified daily. Augur identifies threats before day zero and levels the playing field by removing the element of surprise. Augur discovers and protects against more potential threats than conventional TIPs. Augur detects the buildup of cybercriminal infrastructure online before attack launch. The behavior of infrastructure acquisition and setup is both systematic and characteristic.
  • 11
    Radware Threat Intelligence
    Radware’s Threat Intelligence Subscriptions complement application and network security with constant updates of possible risks and vulnerabilities. By crowdsourcing, correlating and validating real-life attack data from multiple sources, Radware’s Threat Intelligence Subscriptions immunize your Attack Mitigation System. It provides real-time intelligence for preemptive protection and enables multi-layered protection against known and unknown vectors and actors as well as ongoing and emergency filters. Radware’s Live Threat Map presents near real-time information about cyberattacks as they occur, based on our global threat deception network and cloud systems event information. The systems transmit a variety of anonymized and sampled network and application attacks to our Threat Research Center and are shared with the community via this threat map.
  • 12
    Senseon

    Senseon

    Senseon

    Senseon’s AI Triangulation thinks like a human analyst to automate the process of threat detection, investigation and response, increasing your team’s efficiency. Displace the need for multiple security tools with one cohesive platform, providing complete visibility across the entire digital estate. Accurate detection and alerting enable IT and security teams to cut through the noise and focus on genuine threats, helping you achieve ‘inbox zero’. Senseon’s unique ‘AI Triangulation’ technology emulates how a human security analyst thinks and acts to automate the process of threat detection, investigation and response. By looking at the behaviours of users and devices from multiple perspectives, pausing for thought and learning from experience, Senseon provides accurate and context-rich alerts. These automated capabilities free security teams from the burden of exhaustive analysis, alert fatigue and false positives.
  • 13
    Spotlight Secure Threat Intelligence Platform
    As the threat landscape continues to accelerate and evolve, the security industry continues to respond with a variety of disparate new detection technologies. Unfortunately, this approach results in customers struggling to manage a patchwork of uncoordinated security tools, leaving a gap between detection and enforcement at the firewall. Many next-generation firewalls (NGFWs) include integrated capabilities, such as intrusion prevention system (IPS), antivirus signatures, and proprietary reputation feeds, but they are closed systems that are not capable of taking full advantage of the highly diverse third-party and custom feeds utilized by customers, specific to their industry. Spotlight Secure Threat Intelligence Platform addresses these challenges and constraints by aggregating threat feeds from multiple sources to deliver open, consolidated, actionable intelligence to SRX Series Services Gateways across the organization.
  • 14
    Palo Alto Networks AutoFocus
    Tomorrow's operations depend on unrivaled threat intelligence, today. Power up investigation, prevention and response with AutoFocus. Palo Alto Networks, provider of the industry-leading next-generation firewall, has made the world’s highest-fidelity repository of threat intelligence, sourced from the largest network of sensors, available for any team or tool to consume. AutoFocus™ contextual threat intelligence service is your one-stop shop for threat intelligence. Your teams will receive instant understanding of every event with unrivaled context from Unit 42 threat researchers, and you can embed rich threat intelligence in analyst’s existing tools to significantly speed investigation, prevention, and response. Get unique visibility into attacks crowdsourced from the industry’s largest footprint of network, endpoint, and cloud intel sources. Enrich every threat with the deepest context from worldrenowned Unit 42 threat researchers.
  • 15
    ThreatCloud AI

    ThreatCloud AI

    Check Point Software

    Check Point ThreatCloud AI is a global threat intelligence platform that delivers real-time cyber threat detection, analysis, and prevention using artificial intelligence, big data analytics, and worldwide threat intelligence sources. The platform collects and processes data from hundreds of millions of sensors, enabling organizations to identify emerging threats, zero-day attacks, malicious indicators, and evolving attack techniques. Powered by advanced AI engines and research from the Check Point Research Team, ThreatCloud AI provides continuously updated intelligence that strengthens security across networks, cloud environments, endpoints, mobile devices, and IoT systems. The platform helps organizations accelerate investigations, improve threat visibility, and enhance security decision-making with contextual threat intelligence and actionable insights.
  • 16
    Bitdefender Advanced Threat Intelligence
    Fueled by the Bitdefender Global Protective Network (GPN), Bitdefender Advanced Threat Intelligence collects data from sensors across the globe. Our Cyber-Threat Intelligence Labs correlate hundreds of thousands of Indicators of Compromise and turn data into actionable, real-time insights. By delivering our top-rated security data and expertise directly to businesses and Security Operations Centers, Advanced Threat Intelligence bolsters security operations success with one of the industry’s broadest and deepest bases of real-time knowledge. Improve threat-hunting and forensic capabilities with contextual, actionable threat indicators on IPs, URLs, domains and files known to harbor malware, phishing, spam, fraud and other threats. Decrease time to value by seamlessly integrating our platform-agnostic Advanced Threat Intelligence services into your security architecture, including SIEM, TIP and SOAR.
  • 17
    Proofpoint Identity Threat Defense
    In an ever-changing hybrid world, your organization depends on its employees, their virtual identities, and the endpoints they operate on to build and protect its assets. Threat actors have found unique ways to move laterally across your cloud environments by exploiting such identities. You need an innovative and agentless identity threat detection and response solution to discover and remediate modern identity vulnerabilities—a key part of today’s attack chain. Proofpoint Identity Threat Defense, previously Illusive, gives you comprehensive prevention and visibility across all your identities so you can remediate identity vulnerabilities before they become real risks. You can also detect any lateral movements in your environments and activate deception to ensure threat actors are stopped in action before they gain access to your corporate assets. It doesn’t get better than knowing you can prevent modern identity risks and stop real-time identity threats in action, all in one place.
  • 18
    DigitalStakeout Scout

    DigitalStakeout Scout

    DigitalStakeout

    DigitalStakeout Scout enables your cybersecurity and corporate security team to stand up an open-source intelligence capability on-demand. Solve brand threat intelligence, protective intelligence & executive protection, vulnerability and cyber threat intelligence, and digital risk protection challenges with a cloud-delivered security intelligence platform hosted and fully managed by DigitalStakeout. DigitalStakeout Scout provides the data collection capabilities and analytics technology required to spot and disrupt your organization’s threats, vulnerabilities, and exposures. Using a simple web-based UI, you’ll have an on-demand security intelligence tool that enables your analysts to filter out noise, reduce alert fatigue, accelerate investigations, and make smarter intelligence-led security decisions. DigitalStakeout Scout platform, analysts are 80% more productive, and customers, on average, cut the total cost of ownership of a security intelligence capability by 40%.
  • 19
    Trend Micro Digital Vaccine
    Keep ahead of the latest threats and protect your critical data with ongoing threat prevention and analysis. Digital Vaccine™ Toolkit (DVToolkit) is an application that enables you to create custom DV filters to extend your threat coverage. Using analysis and development techniques leveraged in DV filters, you can quickly develop and implement custom DV filters to block events unique to your network environment. DVToolkit supports the use of regular expressions frequently used in the industry and enables customers to expedite time to market for a particular filter if they are under constant attack. Provides broad protection with custom filters for proprietary or user-developed applications. Supports the import of open source rules (e.g. Snort signatures); with extended support for Snort primitives, options, and modifiers. Enables customers to define filter triggers or support tigerless filters. Allows for the creation of custom filters in IPv4 and IPv6 environments.
  • 20
    RiskIQ

    RiskIQ

    RiskIQ

    RiskIQ is the leader in attack surface management, providing the most comprehensive discovery, intelligence, and mitigation of threats associated with an organization’s digital presence. With more than 75 percent of attacks originating outside the firewall, RiskIQ allows enterprises to gain unified insight and control over web, social and mobile exposures. Trusted by thousands of security analysts, RiskIQ’s platform combines advanced internet data reconnaissance and analytics to expedite investigations, understand digital attack surfaces, assess risk and take action to protect the business, brand and customers. RiskIQ is the world’s only platform with patented Internet Intelligence Graph technology, security intelligence—unified. RiskIQ draws from a 10-year history of mapping the internet to fuel applied intelligence that detects and responds to cyberattacks, anywhere on earth. The most complete security intelligence to protect your attack surface.
  • 21
    Cyren

    Cyren

    Cyren

    Cyren Inbox Security is an innovative solution that turns the tables on the phishers and safeguards each and every Office 365 mailbox in your organization against evasive phishing, business email compromise (BEC) and fraud. Continuous monitoring and detection provide early exposure of evasive attack indicators and anomalies. Automated response and remediation for individual mailboxes and across all mailboxes in the organization will take care of the heavy lifting. Our unique crowd-sourced user detection closes the feedback loop on alerts, reinforcing your security training and providing valuable threat intelligence. Comprehensive, multi-dimensional presentation of critical threat characteristics to help analysts understand the evolving threat landscape. Improved threat detection for existing security products such as SIEM and SOAR solutions.
  • 22
    Google Security Operations (SecOps)
    Google Security Operations (SecOps) is an intelligence-driven, AI-powered security operations platform designed to help organizations detect, investigate, and respond to cyber threats at scale. Built as a cloud-native solution, Google SecOps unifies SIEM, SOAR, and threat intelligence into a single operational experience. The platform ingests and analyzes massive volumes of security telemetry with Google-level speed and scalability. Google SecOps applies Google’s curated and applied threat intelligence to uncover high-priority threats faster and with greater accuracy. Generative AI powered by Gemini enhances analyst productivity through natural language search, automated investigations, and contextual insights. Integrated automation and orchestration capabilities enable rapid response using playbooks and collaboration tools. Google Security Operations empowers security teams to reduce risk, improve response times, and modernize their SOC operations.
  • 23
    Kroll Compliance
    Third parties, customers, and partners present legal, reputational, and compliance risks to your organization. The Kroll Compliance Portal arms you with the capabilities to control those risks at scale. Relative risk can dictate the need for a closer look. Emailing back and forth with analysts and downloading and saving files can slow you down, create a gap in the audit trail, and leave you vulnerable to information security risks. Take the due diligence process out of emails and file folders and bring order with the Kroll Compliance Portal. Many compliance programs become time and resource intensive because of manual processes or inflexible software. Put an end to that with the Kroll Compliance Portal’s Workflow Automation. Your business demands efficient third party onboarding. You need an accurate risk assessment. The Kroll Compliance Portal Questionnaire accelerates the onboarding process through automation, tracking and scoring in line with your risk model.
  • 24
    SpiderFoot

    SpiderFoot

    SpiderFoot

    No matter your use case, SpiderFoot will save you time by automating the collection and surfacing of interesting OSINT. Found a suspicious IP address or other indicators in your logs that you need to investigate? Maybe you want to dig deeper into the e-mail address used, or the links referenced in a recent phishing campaign your organization faced? With over 200 modules for data collection and analysis, you can be confident that with SpiderFoot you’ll be gaining the most comprehensive view into the Internet-facing attack surface of your organization. Red teams and penetration testers love SpiderFoot due to it’s broad OSINT reach and identification of low hanging fuit, revealing long-forgotten and unmanaged IT assets, exposed credentials, open cloud storage buckets and much more. Use SpiderFoot to continually monitor OSINT data sources and detect when new intelligence is discovered about your organization.
  • 25
    Black Kite

    Black Kite

    Black Kite

    The Black Kite RSI follows a process of inspecting, transforming, and modeling collected from a variety of OSINT sources (internet wide scanners, hacker forums, the deep/dark web and more). Using the data and machine learning, the correlation between control items is identified to provide approximations. Operationalize with a platform that integrates with questionnaires, vendor management systems and process workflows. Automate adherence to cybersecurity compliance requirements and reduce the risk of a breach with a defense in depth approach. The platform uses Open-Source Intelligence (OSINT) and non-intrusive cyber scans to identify potential security risks, without ever touching the target customer. Vulnerabilities and attack patterns identified using 20 categories and 400+ controls, making the Black Kite platform 3x more comprehensive than competitors’.
  • 26
    Netenrich

    Netenrich

    Netenrich

    The Netenrich operations intelligence platform is built from the ground up to help enterprises resolve everyday and futuristic problems for stable, secure environments and infrastructures. We put the best of machine and human intelligence—AKA hybrid intelligence—to streamline threat detection, incident response, site reliability engineering (SRE), and several more of your high-profile goals. We start with self-learning machines trained with research, investigation, and remediation actions. Human intervention for tedious, automatable tasks approaches zero, freeing your team and technology to achieve goals like SRE, reduced MTTR, lesser SME dependency, and unprecedented scale without the distraction of running ops. From detection through resolution, the Netenrich platform heavy-lifts exploring and investigating alerts and threats.
  • 27
    Leviathan Lotan

    Leviathan Lotan

    Leviathan Security Group

    Lotan™ provides your enterprise with the unique capability to detect attacks earlier, and with greater confidence. The fragility of exploits in the face of modern countermeasures and environment heterogeneity often leads to application crashes. Lotan analyzes these crashes to detect the attack and aid the response. Lotan collects crashes using either a simple registry change on Windows, or a small userland application for Linux. A RESTful API allows you to share evidence and conclusions with your existing Threat Defense and SIEM solutions. The API provides insight into each step of Lotan's workflow, including detailed information required to understand and respond to the threat rapidly. Lotan greatly increases the accuracy, rate, and speed with which threats are detected, and impedes the ability of adversaries to operate undetected within your network.
  • 28
    MITRE ATT&CK

    MITRE ATT&CK

    MITRE ATT&CK

    MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. With the creation of ATT&CK, MITRE is fulfilling its mission to solve problems for a safer world — by bringing communities together to develop more effective cybersecurity. ATT&CK is open and available to any person or organization for use at no charge. Adversaries may execute active reconnaissance scans to gather information that can be used during targeting. Active scans are those where the adversary probes victim infrastructure via network traffic, as opposed to other forms of reconnaissance that do not involve direct interaction.
  • 29
    NETSCOUT Omnis Security
    Doing business in a digital economy requires agility, and corporate digital structures have changed significantly to provide it. However, as companies rush to transition to the cloud and expand activities in a globally distributed digital ecosystem, they must also reinvent cybersecurity to defend against emerging threats. NETSCOUT Omnis Security is an advanced attack analysis and response platform that provides the scale, scope, and consistency needed to protect today's digital infrastructure. Highly scalable network instrumentation that offers a comprehensive view of all distributed digital infrastructures. Threat detection with selected intelligence, behavioral analytics, open source data, and advanced statistics. Contextual threat detection and investigation using a robust source of metadata and packages. Automated edge blocking with the best stateless packet processing technology, or third-party blocking devices.
  • 30
    Deepwatch

    Deepwatch

    Deepwatch

    Advanced managed detection and response to secure the distributed enterprise. Expert guided security operations for early detection and automated response to mitigate risk across the enterprise. Preemptively detect malicious activity and respond to active threats before the endpoint is compromised. Efficiently discover and remediate critical threats and vulnerabilities across the enterprise. Extensive experience across our team has led us to an important realization too often overlooked: each organization has unique aspects and requirements for its cyber solutions. No team is exactly the same and your threats aren’t either. We developed the Squad Delivery Model to foster collaborative, high touch, tailored services that meet your specific needs and requirements.