Best Threat Intelligence Platforms for Cloud - Page 6
View:
Compare the Top Threat Intelligence Platforms for Cloud as of May 2026 - Page 6
Sort By:
-
1
SpiderFoot
SpiderFoot
No matter your use case, SpiderFoot will save you time by automating the collection and surfacing of interesting OSINT. Found a suspicious IP address or other indicators in your logs that you need to investigate? Maybe you want to dig deeper into the e-mail address used, or the links referenced in a recent phishing campaign your organization faced? With over 200 modules for data collection and analysis, you can be confident that with SpiderFoot you’ll be gaining the most comprehensive view into the Internet-facing attack surface of your organization. Red teams and penetration testers love SpiderFoot due to it’s broad OSINT reach and identification of low hanging fuit, revealing long-forgotten and unmanaged IT assets, exposed credentials, open cloud storage buckets and much more. Use SpiderFoot to continually monitor OSINT data sources and detect when new intelligence is discovered about your organization. -
2
Black Kite
Black Kite
The Black Kite RSI follows a process of inspecting, transforming, and modeling collected from a variety of OSINT sources (internet wide scanners, hacker forums, the deep/dark web and more). Using the data and machine learning, the correlation between control items is identified to provide approximations. Operationalize with a platform that integrates with questionnaires, vendor management systems and process workflows. Automate adherence to cybersecurity compliance requirements and reduce the risk of a breach with a defense in depth approach. The platform uses Open-Source Intelligence (OSINT) and non-intrusive cyber scans to identify potential security risks, without ever touching the target customer. Vulnerabilities and attack patterns identified using 20 categories and 400+ controls, making the Black Kite platform 3x more comprehensive than competitors’. -
3
Netenrich
Netenrich
The Netenrich operations intelligence platform is built from the ground up to help enterprises resolve everyday and futuristic problems for stable, secure environments and infrastructures. We put the best of machine and human intelligence—AKA hybrid intelligence—to streamline threat detection, incident response, site reliability engineering (SRE), and several more of your high-profile goals. We start with self-learning machines trained with research, investigation, and remediation actions. Human intervention for tedious, automatable tasks approaches zero, freeing your team and technology to achieve goals like SRE, reduced MTTR, lesser SME dependency, and unprecedented scale without the distraction of running ops. From detection through resolution, the Netenrich platform heavy-lifts exploring and investigating alerts and threats. -
4
MITRE ATT&CK
MITRE ATT&CK
MITRE ATT&CK® is a globally-accessible knowledge base of adversary tactics and techniques based on real-world observations. The ATT&CK knowledge base is used as a foundation for the development of specific threat models and methodologies in the private sector, in government, and in the cybersecurity product and service community. With the creation of ATT&CK, MITRE is fulfilling its mission to solve problems for a safer world — by bringing communities together to develop more effective cybersecurity. ATT&CK is open and available to any person or organization for use at no charge. Adversaries may execute active reconnaissance scans to gather information that can be used during targeting. Active scans are those where the adversary probes victim infrastructure via network traffic, as opposed to other forms of reconnaissance that do not involve direct interaction. -
5
NETSCOUT Omnis Security
Netscout
Doing business in a digital economy requires agility, and corporate digital structures have changed significantly to provide it. However, as companies rush to transition to the cloud and expand activities in a globally distributed digital ecosystem, they must also reinvent cybersecurity to defend against emerging threats. NETSCOUT Omnis Security is an advanced attack analysis and response platform that provides the scale, scope, and consistency needed to protect today's digital infrastructure. Highly scalable network instrumentation that offers a comprehensive view of all distributed digital infrastructures. Threat detection with selected intelligence, behavioral analytics, open source data, and advanced statistics. Contextual threat detection and investigation using a robust source of metadata and packages. Automated edge blocking with the best stateless packet processing technology, or third-party blocking devices. -
6
Deepwatch
Deepwatch
Advanced managed detection and response to secure the distributed enterprise. Expert guided security operations for early detection and automated response to mitigate risk across the enterprise. Preemptively detect malicious activity and respond to active threats before the endpoint is compromised. Efficiently discover and remediate critical threats and vulnerabilities across the enterprise. Extensive experience across our team has led us to an important realization too often overlooked: each organization has unique aspects and requirements for its cyber solutions. No team is exactly the same and your threats aren’t either. We developed the Squad Delivery Model to foster collaborative, high touch, tailored services that meet your specific needs and requirements. -
7
Axellio
Axellio
Axellio® enables organizations to improve their security posture through a comprehensive portfolio of threat detection and response solutions, from the base platform PacketXpress® to vertically integrated, end-to-end solutions combined with consulting and professional services. Our solutions are designed for work-flow efficiency and cost-effectiveness optimized for your people, processes, and technologies. Axellio’s goal is to leverage the security operations resources and tools you already have in place while providing faster access to richer, more contextual data. It enables you to prioritize what matters, for rapid and informed decisions, and for efficient response across your entire threat lifecycle: from threat detection over alert triage and incidence response to threat hunting. Our goal is to work with you to optimize a threat detection and response solution to fit your environment to prevent tool and data overload. -
8
Red Sift Brand Trust
Red Sift
Red Sift Brand Trust (formerly OnDOMAIN) enables Security personnel to quickly shut down phishing sites, discover and secure legitimate domains that have been forgotten about, and defend their brand against abuse and reputational damage. Uncover Red Sift Brand Trust monitors in the region of 150 million hostnames a day and has access to real-time domain registration data allowing users to stay up-to-date and ready to respond to emerging threats. Investigate Red Sift Brand Trust monitors asset health for all domains and subdomains within your perimeter including WHOIS data, rasterized web snapshots, logo detection, and live spam data. Logo Management & Detection enables you to easily upload all variants of your organization’s brand assets to its logo management library. machine vision-based logo detection then scans the web for both legitimate and illegitimate use of an organization’s brand. -
9
ZTEdge
ZTEdge
Designed for midsize enterprises, ZTEdge is a Secure Access Service Edge (SASE) platform that cuts complexity, reduces cyber-risk, and improves performance, at half the cost of other Zero Trust solutions. ZTEdge gives MSSPs a unified comprehensive cloud security platform to deliver Zero Trust capabilities to their customers. The cost-effective Secure Access Service Edge (SASE) solution is designed to simplify service delivery. Gain the confidence of knowing your organization is protected by anytime, anywhere, any-device Zero Trust security. Devices must be isolated from threats and zero-days so they can’t be used to spread malware throughout your organization. The innovative networking approach ZTEdge delivers represents the future of corporate networking. -
10
Maltiverse
Maltiverse
Cyber Threat Intelligence made simple for all types of businesses and independent analysts of cybersecurity. Maltiverse Freemium online resource to access aggregated sets of indicators of compromise with full context and history. When you have a cyber security incident and you need context to respond - you can access the database and search for the content manually. You can also connect the customized set of new threats to your Security Systems like SIEM, SOAR, PROXY or Firewall: Ransomware, C&C centers, malicious IP and URLs, Phishing Attacks, Other feeds.Starting Price: $100 per month -
11
Rapid7 Threat Command
Rapid7
Rapid7 Threat Command is an advanced external threat intelligence tool that finds and mitigates threats directly targeting your organization, employees, and customers. By proactively monitoring thousands of sources across the clear, deep, and dark web, Threat Command enables you to make informed decisions and rapidly respond to protect your business. Quickly turn intelligence into action with faster detection and automated alert responses across your environment. This is made possible through plug-and-play integrations with your existing technologies for SIEM, SOAR, EDR, firewall, and more. Simplify your SecOps workflows through advanced investigation and mapping capabilities that provide highly contextualized alerts with low signal-to-noise ratio. Unlimited 24/7/365 access to our expert analysts shortens investigation times as well as accelerates alert triage and response. -
12
Webz.io
Webz.io
Webz.io finally delivers web data to machines the way they need it, so companies easily turn web data into customer value. Webz.io plugs right into your platform and feeds it a steady stream of machine-readable data. All the data, all on demand. With data already stored in repositories, machines start consuming straight away and easily access live and historical data. Webz.io translates the unstructured web into structured, digestible JSON or XML formats machines can actually make sense of. Never miss a story, trend or mention with real-time monitoring of millions of news sites, reviews and online discussions from across the web. Keep tabs on cyber threats with constant tracking of suspicious activity across the open, deep and dark web. Fully protect your digital and physical assets from every angle with a constant, real-time feed of all potential risks they face. Never miss a story, trend or mention with real-time monitoring of millions of news sites, reviews and online discussions. -
13
PhishLabs
Fortra
The PhishLabs Platform is the foundation of Fortra's Digital Risk Protection solution. Developed over a decade in partnership with the world’s most targeted brands, PhishLabs delivers comprehensive collection, expert-driven curation, and complete and unlimited mitigation of digital risks. Brand impersonation, data leakage, and other external threats can happen anywhere online. Without extensive visibility across digital channels into domain activity, social media posts and ads, and the dark web and open web, these threats can easily go undetected and cause substantial harm. PhishLabs' Digital Risk Protection solution delivers comprehensive visibility by collecting massive amounts of data across the surface, deep, and dark web. We also monitor hundreds of social media sources and ingest data from hundreds of public and private data feeds. We also integrate data from client-specific sources such as referrer logs and 3rd party feeds. -
14
Silobreaker
Silobreaker
Silobreaker helps security, business and intelligence professionals make sense of the overwhelming amount of data on the web. Taking a proactive approach to intelligence means understanding the threats and opportunities faced by your organization on a daily basis. Our online platform extracts actionable insights from over a million sources on the web and puts it in your hands, wherever you are and whenever you need it. One system – offers a single application for an entire workflow. From collecting, aggregating and processing data to the analysis, report-generation and dissemination of intel. Return on investment – presents the significant value and cost-efficiency in comparison to multi-product investments, product segmentation by the same vendor, or ‘pay-as-you-request’ services offerings. -
15
LifeRaft Navigator
Navigator
Consolidate, assess, and investigate intelligence in a single platform. Collect and alert on data relevant to your security operations from social media, deep web, and darknet sources 24/7. Our unified intelligence platform automates collection and filtering, and provides a suite of investigative tools to explore and validate threats. Uncover critical information that impacts the security of your assets and operations. Navigator monitors the internet 24/7 with custom search criteria to detect high-risk threats to your people, assets, and operations from diversified sources. Finding the needle in the haystack is a growing challenge for security operations teams. Navigator provides advanced filtering tools to capture the breadth of the online threat landscape. Uncover, explore, and use a variety of sources to validate intelligence related to threat actors, events, and special interest projects or security issues. -
16
HackNotice
HackNotice
HackNotice is the only company-wide threat awareness platform, making employees safer online. Users monitor, review, and take swift actions against their real cyber threats. The platform bridges the gap between security teams and other employees through real-time alerts, around-the-clock monitoring, recovery recommendations, and a full security training and assessment program. HackNotice’s mission is to make all employees threat-aware, creating a resilient security culture. Founded in 2018, HackNotice is located in Austin, TX. -
17
Constella Intelligence
Constella Intelligence
Continuously monitor thousands of data sources across the public, deep & dark web to gain the insights you need to detect and act on emerging cyber-physical threats before damage occurs. And accelerate your investigations by delving deeper into risks threatening your organization. Analyze monikers, enrich information with other datasets, and quickly unmask malicious actors to solve cybercrimes faster. Defending your digital assets against targeted attacks, Constella is powered by a unique combination of unparalleled breadth of data, technology and human expertise from world-class data scientists. Data to link real identity information to obfuscated identities & malicious activity to inform your products and safeguard your customers. Profile threat actors faster with advanced monitoring analysis, automated early warning and intelligence alerts. -
18
Binary Defense
Binary Defense
To prevent breaches, you need complete cybersecurity protection. It takes a 24×7 security team to monitor, detect and respond to threats. Take the cost and complexity out of cybersecurity by extending your team and expertise. Our Microsoft Sentinel experts get your team deployed, monitoring, and responding faster than ever while our SOC Analysts and Threat Hunters always have your teams back. Guard the weakest points in your network – your laptops, desktops and servers. We provide advanced endpoint protection and system management. Gain comprehensive, enterprise-level security. We deploy, monitor and tune your SIEM with around-the-clock protection from our security analysts. Be proactive with your cybersecurity. We detect and thwart attackers before they strike by hunting for threats where they live. Identify unknown threats and prevent attackers from evading existing security defenses with proactive threat hunting. -
19
Unit 42
Unit 42
As the threat landscape changes and attack surfaces expand, security strategies must evolve. Our world-renowned incident response team and security consulting experts will guide you before, during, and after an incident with an intelligence-driven approach. Proactively assess and test your controls against real-world threats targeting your organization, then communicate your security risk posture to your board and key stakeholders. Improve your business resilience with a threat-informed approach to breach preparedness and tighter alignment across your people, processes, technology, and governance. Deploy Unit 42 incident response experts to quickly investigate, eradicate and remediate even the most advanced attacks, working in partnership with your cyber insurance carrier and legal teams. As threats escalate, we act as your cybersecurity partner to advise and strengthen your security strategies. -
20
Intel 471 TITAN
Intel 471
Cybercriminals never sleep. You need round-the-clock threat intelligence to anticipate and track bad actors’ every move, and how they might attack your business. Our customers rely on TITAN, an intuitive intelligence SaaS platform built by intelligence and security professionals for intelligence and security professionals. It enables them to access structured information, dashboards, timely alerts, and intelligence reporting via the web portal or API integration. But TITAN doesn’t stop there. Use TITAN’s programmable RESTful API to power numerous connectors and integrations, integrating and operationalizing customized intelligence into your security operations. TITAN delivers structured technical and non-technical data and intelligence that is continually updated by our global team and automated processes. With structured data, less noise, and high-fidelity results, you can focus your team on the threats that matter most. -
21
Interpres
Interpres
Interpres is a threat-informed defense surface management platform that fuses and operationalizes prioritized adversarial techniques, tactics, and procedures with your unique threat profile, your unique security stack, and finished intelligence to identify coverage gaps, prioritize actions, optimize defenses and reduce risk. For too long, security leaders have been trying to defend everything without understanding the adversaries’ tradecraft, resulting in waste, inefficiency, and suboptimal defenses. For too long, you have been consuming telemetry without understanding its value while incurring all of its costs. Optimize your security stack to defend against prioritized threats targeting you. Execute clear, prioritized actions to tune, configure, and optimize your defense surface against prioritized threats. Holistically know your threat coverage from the endpoint to the cloud. Continuously monitor and systematically improve security posture. -
22
Sekoia.io
Sekoia.io
Sekoia.io’s new take reinvents traditional cybersecurity solutions. Anticipation through attacker knowledge is natively associated with the automation capabilities of detection and response to attacks. Sekoia.io gives back the advantage to cyber teams to face attackers. With Sekoia.io SOC platform, detect computer attacks, neutralize their impacts and protect your information system effectively, in real time and 360 degrees. Sekoia.io natively integrates attacker intelligence flows and automation capabilities to identify, understand and neutralize attacks quicker. This innovative approach gives teams time to focus on high value-added tasks. Sekoia.io covers your different environments to remove complexity and natively provides detection capabilities that do not depend on knowledge of the system to be protected. -
23
Blackbird.AI
Blackbird.AI
Powered by our AI-driven narrative intelligence platform, organizations can proactively understand digital threats in real time for strategic decision-making when it matters most. The risk landscape has dramatically shifted for every industry. Our suite of solutions provides actionable risk intelligence for our customers and partners. Online audiences are being influenced in ways that have never been seen before by a new generation of actors and techniques. Listening tools are not enough. Quickly encapsulate narratives with daily risk intelligence summaries, providing real-time insights and empowering strategic decisions. Fine-tune your AI-generated narrative intelligence reports with the power of human context and enhance the relevance, accuracy, and strategic value of your insights. Enhance decision-making with data-driven recommendations tailored for a wide variety of problem sets, use cases, and personas. Accelerated reporting for intelligence professionals, saving time and effort. -
24
Lakera
Lakera
Lakera Guard empowers organizations to build GenAI applications without worrying about prompt injections, data loss, harmful content, and other LLM risks. Powered by the world's most advanced AI threat intelligence. Lakera’s threat intelligence database contains tens of millions of attack data points and is growing by 100k+ entries every day. With Lakera guard, your defense continuously strengthens. Lakera guard embeds industry-leading security intelligence at the heart of your LLM applications so that you can build and deploy secure AI systems at scale. We observe tens of millions of attacks to detect and protect you from undesired behavior and data loss caused by prompt injection. Continuously assess, track, report, and responsibly manage your AI systems across the organization to ensure they are secure at all times. -
25
Learn what a digital risk protection solution is and how it can help you be better prepared by understanding who is targeting you, what they’re after, and how they plan to compromise you. Google Digital Risk Protection delivers a broad digital risk protection solution either via stand-alone self-managed SaaS products or a comprehensive service. Both options give security professionals visibility outside their organization, the ability to identify high-risk attack vectors, malicious orchestration from the deep and dark web, and attack campaigns on the open web. The Google Digital Risk Protection solution also provides contextual information on threat actors and their tactics, techniques, and procedures to provide a more secure cyber threat profile. Gain visibility into risk factors impacting the extended enterprise and supply chain by mapping your attack surface and monitoring deep and dark web activity.
-
26
Quadrant XDR
Quadrant Information Security
Quadrant fuses traditional EDR, advanced SIEM, continuous monitoring and a proprietary security and analytics solution into a single technology and services layer that guarantees robust, cross-environment coverage for your business. Hassle-free, fully-guided implementations allow your team to focus on other priorities. Experts, with years of experience, ready to serve as an extension of your team. Thorough investigation and analysis of the cause of the incident enable us to enhance your security with customized recommendations. We work closely with you from threat detection through validation, remediation, and post-incident management. We don't wait for trouble to emerge, actively hunting for threats and working to stay ahead. Quadrant's diverse security experts work relentlessly on your behalf, moving from better hunting to faster response and recovery, always communicating and collaborating. -
27
Unkown Cyber
Unkown Cyber
Get the information advantage needed to beat the next threat. 24/ 7 investigation of alerts that remain unknown to other solutions. Immediately know that an unknown suspect’s code is a variant of malware quantifiably with 70-100% similarity. Immediately know all the suspect’s matched malware families, the type of malware, and IOCs. Act automatically and block perfect malware matches. Escalate suspects after obtaining an information advantage that arrives with the code of interest already identified. Automatically employ newly extracted IOCs and all matched IOCs to harden. Hunt and monitor with automatically created highly accurate bytecode-based YARA created from the suspect just convicted, our collection of matched code, or from specifically selected malware samples. Customizable API lets you automate action to save expert time by automatically deobfuscating and reversing exploit code to individual functions. -
28
Intrusion
Intrusion
In cybersecurity, speed is critical, and Intrusion helps you understand your environment’s biggest threats, fast. See the real-time list of all blocked connections, drill down on an individual connection to see more details like why it was blocked, risk level, etc. An interactive map shows you what countries your business is communicating with the most. Quickly see which devices have the most malicious connection attempts to prioritize remediation efforts. If an IP is trying to connect, you’ll see it. Intrusion monitors traffic bidirectionally in real time, giving you full visibility of every connection being made on your network. Stop guessing which connections are actual threats. Informed by decades of historical IP records and reputation in the global threat engine, it instantly identifies malicious or unknown connections in your network. Reduce cyber security team burnout and alert fatigue with autonomous real-time network monitoring and 24/7 protection. -
29
Doppel
Doppel
Detect phishing scams on websites, social media, mobile app stores, gaming platforms, paid ads, the dark web, digital marketplaces, and more. Identify the highest impact phishing attacks, counterfeits, and more with next-gen natural language & computer vision models. Track enforcements with an auto-generated audit trail through our no-code UI that works out of the box. Stop adversaries before they scam your customers and team. Scan millions of websites, social media accounts, mobile apps, paid ads, etc. Use AI to categorize brand infringement and phishing scams. Automatically remove threats as they are detected. Doppel's system has integrations with domain registrars, social media, app stores, digital marketplaces, the dark web, and countless platforms across the Internet. This gives you comprehensive visibility and automated protection against external threats. Doppel offers automated protection against external threats. -
30
Base Operations
Base Operations
Increase your knowledge of every corner of the world by harnessing the power of street-level threat intelligence. Access crime and unrest data of unparalleled granularity to evaluate threats before incidents occur. Apply recent and historical data to identify patterns, analyze trends, and contextualize information. Better understand areas of strategic importance to keep people safe and assets secure. Leverage intelligence gathered from thousands of public and proprietary sources to analyze the threat landscape at the street level. Quickly identify patterns and trends in a hyperlocal area to anticipate future developments. Launch with swift onboarding and an intuitive interface, progressing toward security priorities on the first day of implementation. Base Operations is like having a team of data scientists behind each member of the corporate security team. Assessments, briefings, and recommendations are supercharged with the world’s most comprehensive threat data and trend analysis.
