G2 Crowd Acquires Siftery to Create a New Way to Buy and Manage Software Spend 🚀

Best Threat Intelligence Software

Threat intelligence software provides organizations with information related to the newest forms of cyber threats like zero-day attacks, new forms of malware, and exploits. Companies utilize the tools to keep their security standards up to date and fit to combat new threats as they emerge. These tools can improve security performance by providing information on threats to their specific networks, infrastructure, and endpoint devices. These products provide information about hazards and how they function, their capabilities, and remediation techniques. IT administrators and security professionals use the data delivered to better protect their systems from emerging threats and plan for possible vulnerabilities. The tools alert users as new threats emerge and provide information detailing best practices for resolution.

Many products like security information and event management (SIEM) and vulnerability management software can integrate with or provide similar information as threat intelligence products. Those products, though, tend to provide live updates and actionable intelligence, and focus on other components of a security ecosystem.

To qualify for inclusion in the Threat Intelligence category, a product must:

  • Provide information on emerging threats and vulnerabilities
  • Detail remediation practices for common and emerging threats
  • Analyze global threats on different types of networks and devices
  • Cater threat information to specific IT solutions
G2 Crowd Grid® for Threat Intelligence
Leaders
High Performers
Contenders
Niche
Momentum Leaders
Momentum Score
Market Presence
Satisfaction
Filters
Features
Star Rating

Threat Intelligence reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Compare Threat Intelligence Software
Results: 115
    G2 Crowd takes pride in showing unbiased ratings on user satisfaction. G2 Crowd does not allow for paid placement in any of our ratings.
    Sort By:

    Lookout is a mobile app that fights cybercriminals by predicting and stopping mobile attacks before they do harm.


    McAfee Threat Intelligence Exchange optimizes threat detection and response by closing the gap from malware encounter to containment from days, weeks, and months down to milliseconds.


    Cisco Talos is a threat intelligence organization dedicated to providing protection before, during, and after cybersecurity attacks.


    Web based threats continue to rise. Symantec saw over 568,000 web threats a day during 2013, an increase of 23 percent over the previous year. Against this ever changing landscape, preventing threats entering through web communications is critical. Symantec Web Security.cloud delivers always-on, advanced malware protection, enforces acceptable use policies, and protects against confidential data loss for businesses looking to protect web use for employees. Support for roaming users extends protection and control outside the corporate network.


    CylancePROTECT redefines what antivirus can and should do for your organization by leveraging artificial intelligence to detect AND prevent malware from executing on your endpoints in real time.


    The global network of highly skilled researchers and analysts, protecting businesses from known and emerging malware - viruses, rootkits and spyware.


    FireEye Network Security (NX) solutions protect against known and unknown advanced attacks with the signature-less Multi-Vector Virtual Execution (MVX) engine, conventional intrusion prevention system (IPS) and intelligence-driven detection.


    Alert Logic Threat Manager with ActiveWatch is a cloud-based managed intrusion detection and vulnerability assessment solution.


    Distil Networks protects your website from fraud, brute force attacks, web scraping, account hijacking, unauthorized vulnerability scans, spam, man-in-the-middle attacks, and click fraud. Slash the high tax that bots place on your internal teams and web infrastructure by outsourcing the problem to the team with a maniacal focus on blocking malicious bots. :: Harden your website security by eliminating malicious bots :: Protect data from web scrapers, unauthorized aggregators and competitors :: Increase insight and control over human, good bot and bad bot traffic :: Deploy on the Distil Cloud CDN or Distil Appliance (Physical | Virtual | AWS) Distil’s self-optimizing protection blocks 99.9% of malicious bots without impacting legitimate users -- eliminating the manual IP blocking that IT teams used to do.


    FortiGate offers a network security platform, designed to deliver threat protection and performance with reduced complexity.


    Vectra Networks provides an automated threat management solution that monitors internal network traffic to detect in real time active cyber attacks inside networks.


    Change Tracker Gen7R2 solves IT Security and the problems that plague all organizations – the overwhelming noise of change control and ensuring the integrity of IT systems. Completely redesigned with both security and IT operations in mind, Change Tracker Gen7 R2 is the only solution designed to reduce change noise and the complexity of integrity monitoring and policy management all while allowing for unprecedented scalability and management that meets the most demanding enterprise environments. Gen7R2 enables organizations to: - Define the systems that need protection - Ensure those systems are secured, compliant and fit for purpose at all times - Provide intelligent change control to ensure systems remain in a ‘known secure and compliant state’ - Enable organizations to move projects securely from Development to Operations Gen7 R2 integrates with leading Service desks and Change Management solutions to reconcile the changes that are actually occurring within your environment with those that were expected and part of an approved Request for Change. Security and IT Service Management (ITSM) have traditionally observed and managed change in two very different ways. By linking the changes approved and expected within the ITSM world with those that are actually happening from a security perspective, SecureOps is delivered and underpins effective, ongoing security and operational availability. With Gen7R2 you have the ability to reduce change noise by more than 90%, leaving only changes that are unknown, unwanted, unexpected or potentially malicious in nature for further investigation.


    Fortinet’s top-rated FortiSandbox provides the on-site intelligence that enables the Fortinet Security Fabric to address the fast moving and more targeted threats across a broad attack surface. Specifically, it delivers real-time intelligence through the automated detection and response to previously unknown malware. Broad Coverage of the Attack Surface with Security Fabric – applies advanced inspection across the top attack vectors of network, email, web infrastructure and even individual endpoints Automated Zero-day, Detection and Mitigation - Native integration and open APIs enable the exchange of objects from, and return of intelligence to, Fortinet and third-party vendor products for immediate threat response Certified and Top Rated - Constantly undergoes rigorous, real-world independent testing and consistently earns top marks such as ICSA ATD Certification and NSS Labs Recommendation for Breach Detection and Prevention.


    SCWX is a cybersecurity company that works to provide an early warning system for evolving cyber threats, enabling to prevent, detect, rapidly respond to and predict cyberattacks.


    Protecting your customers from the latest security threats isn’t an easy task - you need to monitor for threats, intrusions, and vulnerabilities across their infrastructure, take the appropriate action to remediate those threats quickly, and prepare the information needed to demonstrate their compliance to standards set by regulatory governing bodies. SolarWinds® Threat Monitor™ - Service Provider Edition is a fast, scalable, cloud-based platform built to enable security-minded Managed Service Providers (MSPs) with a unified tool to monitor managed networks for threats analyze logs against the latest and most up to date threat intelligence information from around the globe. For an MSP looking to grow your service offering portfolio, SolarWinds Threat Monitor – Service Provider Edition is the tool you need to detect, remediate, and report on security events for all your managed networks.


    ATI software provides enhancements for intrusion protection systems and intrusion detection systems.


    DeepSight Intelligence provides resources to make sharper decisions against emerging global threats.


    Sqrrl Enterprise enables the ingest and analysis of disparate datasets to facilitate proactive threat detection, in what's known as cyber threat hunting. Sqrrl's Big Data architecture leverages Hadoop, link analysis, machine learning, data-centric security, and advanced graph visualization technology.


    Advanced Threat Analysis is a security solution that combines sandboxing technology, dynamic code analysis, machine learning, and actionable threat reporting.


    CapStar Forensics is an analytic platform that complements Wireshark by enabling the syntax and vocabulary in a fully-programmable, stateful way, with a blazingly fast search engine that allows persistent searching.


    DomainTools' data and products work in harmony to enable security teams to start getting ahead of attacks, gain context and visibility into potential threats, and lower the skills barrier.


    Amazon GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads.GuardDuty also detects potentially compromised instances or reconnaissance by attackers.


    Check Point’s multilayered security technology provides protection against advanced and zero-day cyber threats, preventing attacks, minimizing risks and offering rapid response


    Check Point offers comprehensive intelligence to proactively stop threats, manage security services to monitor networks and incident response to quickly respond to and resolve attacks.


    Cofense Intelligence uses proprietary techniques to analyze millions of messages daily from a wide variety of sources.


    Digital Vaccine filters help your organization control the patch management life cycle by providing pre-emptive coverage between the discovery of a vulnerability and the availability of a patch as well as added protection for legacy, out-of-support software.


    Cloud-based ESET Threat Intelligence closes the gap between the cybersecurity information that security engineers get from their own networks and the cyberspace intelligence that ESET collects worldwide.


    Falcon Xâ„¢ automates the threat analysis process and delivers actionable intelligence and custom IOCs specifically tailored for the threats encountered on your endpoints.


    FireEye Threat Intelligence anticipates and respond to cyber attacks.


    Flowmon Networks provides a solution that helps companies to enhance performance of their networks and secure them against modern cyber threats.


    Going beyond malware protection, F-Secure provides end-point protection and security management solutions. Developed in Europe for businesses around the globe.


    Apply artificial intelligence to accelerate incident analysis and rapidly respond to threats.


    IBM Security X-Force Threat Intelligence is a security solution that adds dynamic Internet threat data to the analytical capabilities of IBM QRadar Security Intelligence Platform.


    Intrusion Prevention (IPS) Protect against known, unknown, and undisclosed vulnerabilities in network.


    Powered by XGen security, Trend Micro Network Defense goes beyond next-gen IPS to provide a blend of cross-generational techniques that apply the right technology at the right time to deliver integrated detection and prevention of known, unknown and undisclosed threats.


    OPSWAT is a cyber security software company that provides solutions to secure and manage IT infrastructure.


    ET Intelligence helps prevent attacks and reduce risk by helping you understand the historical context of where these threats originated, who is behind them, when have they attacked, what methods they used, and what they're after.


    Recorded Future delivers the only complete threat intelligence solution powered by patented machine learning to lower risk. We empower organizations to reveal unknown threats before they impact business, and enable teams to respond to alerts 10 times faster. To supercharge the efforts of security teams, our technology automatically collects and analyzes intelligence from technical, open, and dark web sources and aggregates customer-proprietary data. Recorded Future delivers more context than threat feeds, updates in real time so intelligence stays relevant, and centralizes information ready for human analysis, collaboration, and integration with security technologies. 91 percent of the Fortune 100 use Recorded Future.


    Ridgeback is an enterprise security software platform designed to defeat malicious network invasion in real time.


    Everyone uses the internet, both the good guys and bad guys. RiskIQ catalogs, maps, and enriches the structure of the internet to let you take charge of your digital presence and combat threats to your organization. Our four key products that make up our Digital Threat Management suite include RiskIQ Digital Footprint, External Threats, PassiveTotal, and Security Intelligence Services.


    SolarWinds Risk Intelligence makes it concrete by assigning value to your data vulnerability, helping you build a strong business case for data protection and triage the most important problems to tackle.


    InfoArmor VigilanteATI is a feature-rich, comprehensive solution delivering actionable, targeted threat intelligence with context that alerts you to the potential impact of attacks before they become a direct or peripheral risk to your organization. We search the dark web for chatter from bad actors, analyze threat data and offer a scalable solution that keeps your business assets safe from both current and emerging threats. VigilanteATI provides the necessary comprehensive advanced threat intelligence to effectively reveal the "who, what, why, when and how" to defend against past, present and future global cyber threats.


    Acalvio provide an Advanced Defense solutions using a combination of Distributed Deception and Data Science technologies that allows security practitioners in detecting, engaging and responding to malicious activity with high precision in a timely and cost-effective fashion.


    Gathering targeted and actionable intelligence, Argos pools both technological and human resources to generate real-time incidents of targeted attacks, data leakage and stolen credentials compromising your organization.


    Arbor has built a world-class team of security researchers that are dedicated to discovering and analyzing emerging Internet threats and developing targeted defenses.


    BlueVoyant Threat Intelligence monitors your company’s external attack surface, assesses emerging risks, and delivers near real-time, actionable intelligence that is specific to your organization.


    BluSapphire is a network security software that provides visibility into advanced persistent threats (APT) and malicious activity on a client's infrastructure.


    CAWS seeks out, captures, and analyzes live threats in the wild, in real time.


    The CenturyLink Adaptive Threat Intelligence service lifts the burden of appliance maintenance and risk analysis from your shoulders, allowing you to act on threats rather than digging for them.


    The Telesoft CERNE combines a high rate 40Gbps IDS engine with automated record of relevant network traffic for real-time and historical threat investigation. CERNE continuously scans and collects all network packets and only stores traffic associated with an IDS alert, discarding all other traffic, giving an analyst rapid access to critical packets up to 2.4 seconds before an event.