Threat intelligence software provides organizations with information related to the newest forms of cyber threats like zero-day attacks, new forms of malware, and exploits. Companies utilize the tools to keep their security standards up to date and fit to combat new threats as they emerge. These tools can improve security performance by providing information on threats to their specific networks, infrastructure, and endpoint devices. These products provide information about hazards and how they function, their capabilities, and remediation techniques. IT administrators and security professionals use the data delivered to better protect their systems from emerging threats and plan for possible vulnerabilities. The tools alert users as new threats emerge and provide information detailing best practices for resolution.
Many products like security information and event management (SIEM) and vulnerability management software can integrate with or provide similar information as threat intelligence products. Those products, though, tend to provide live updates and actionable intelligence, and focus on other components of a security ecosystem.
To qualify for inclusion in the Threat Intelligence category, a product must:
Threat Intelligence reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.
Web based threats continue to rise. Symantec saw over 568,000 web threats a day during 2013, an increase of 23 percent over the previous year. Against this ever changing landscape, preventing threats entering through web communications is critical. Symantec Web Security.cloud delivers always-on, advanced malware protection, enforces acceptable use policies, and protects against confidential data loss for businesses looking to protect web use for employees. Support for roaming users extends protection and control outside the corporate network.
Protecting your customers from the latest security threats isn’t an easy task - you need to monitor for threats, intrusions, and vulnerabilities across their infrastructure, take the appropriate action to remediate those threats quickly, and prepare the information needed to demonstrate their compliance to standards set by regulatory governing bodies. SolarWinds® Threat Monitor™ - Service Provider Edition is a fast, scalable, cloud-based platform built to enable security-minded Managed Service Providers (MSPs) with a unified tool to monitor managed networks for threats analyze logs against the latest and most up to date threat intelligence information from around the globe. For an MSP looking to grow your service offering portfolio, SolarWinds Threat Monitor – Service Provider Edition is the tool you need to detect, remediate, and report on security events for all your managed networks.
Change Tracker Gen7R2 solves IT Security and the problems that plague all organizations – the overwhelming noise of change control and ensuring the integrity of IT systems. Completely redesigned with both security and IT operations in mind, Change Tracker Gen7 R2 is the only solution designed to reduce change noise and the complexity of integrity monitoring and policy management all while allowing for unprecedented scalability and management that meets the most demanding enterprise environments. Gen7R2 enables organizations to: - Define the systems that need protection - Ensure those systems are secured, compliant and fit for purpose at all times - Provide intelligent change control to ensure systems remain in a ‘known secure and compliant state’ - Enable organizations to move projects securely from Development to Operations Gen7 R2 integrates with leading Service desks and Change Management solutions to reconcile the changes that are actually occurring within your environment with those that were expected and part of an approved Request for Change. Security and IT Service Management (ITSM) have traditionally observed and managed change in two very different ways. By linking the changes approved and expected within the ITSM world with those that are actually happening from a security perspective, SecureOps is delivered and underpins effective, ongoing security and operational availability. With Gen7R2 you have the ability to reduce change noise by more than 90%, leaving only changes that are unknown, unwanted, unexpected or potentially malicious in nature for further investigation.
Performance issues, unavailability of critical applications, security breaches. These can cause financial loss, reputation damage, employee dissatisfaction and churn of customers. The Flowmon solution provides IT operations with a deep understanding of network and application behavior to avoid these situations. Based on performance, scalability and ease-of-use, Flowmon is trusted by companies globally, delivering them monitoring, diagnostics and analytics for optimizing performance of their infrastructure. Flowmon ADS module delivers fast anomaly detection, network behavior analysis and protection against advanced cyber threats. Flowmon APM allows you to drive user experience and application value. With Flowmon DDoS Defender you can protect applications against volumetric attacks. For full-scale IP traffic recording, IT professionals can rely on Flowmon Traffic Recorder.
Fortinet’s top-rated FortiSandbox provides the on-site intelligence that enables the Fortinet Security Fabric to address the fast moving and more targeted threats across a broad attack surface. Specifically, it delivers real-time intelligence through the automated detection and response to previously unknown malware. Broad Coverage of the Attack Surface with Security Fabric – applies advanced inspection across the top attack vectors of network, email, web infrastructure and even individual endpoints Automated Zero-day, Detection and Mitigation - Native integration and open APIs enable the exchange of objects from, and return of intelligence to, Fortinet and third-party vendor products for immediate threat response Certified and Top Rated - Constantly undergoes rigorous, real-world independent testing and consistently earns top marks such as ICSA ATD Certification and NSS Labs Recommendation for Breach Detection and Prevention.
Powered by XGen security, Trend Micro Network Defense goes beyond next-gen IPS to provide a blend of cross-generational techniques that apply the right technology at the right time to deliver integrated detection and prevention of known, unknown and undisclosed threats.
Everyone uses the internet, both the good guys and bad guys. RiskIQ catalogs, maps, and enriches the structure of the internet to let you take charge of your digital presence and combat threats to your organization. Our four key products that make up our Digital Threat Management suite include RiskIQ Digital Footprint, External Threats, PassiveTotal, and Security Intelligence Services.
Acalvio provide an Advanced Defense solutions using a combination of Distributed Deception and Data Science technologies that allows security practitioners in detecting, engaging and responding to malicious activity with high precision in a timely and cost-effective fashion.
The Telesoft CERNE combines a high rate 40Gbps IDS engine with automated record of relevant network traffic for real-time and historical threat investigation. CERNE continuously scans and collects all network packets and only stores traffic associated with an IDS alert, discarding all other traffic, giving an analyst rapid access to critical packets up to 2.4 seconds before an event.
Check Point Infinity is the only fully consolidated cyber security architecture that provides unprecedented protection against Gen V mega-cyberattacks as well as future cyber threats across all networks, endpoint, cloud and mobile. The architecture is designed to resolve the complexities of growing connectiviity and inefficient security
Cloud Conformity is a cloud infrastructure governance system designed to help you prevent, detect, and correct critical threats to your AWS environments. The Real Time Monitoring product in the Cloud Conformity suite gives organizations visibility of infrastructure changes at the event and user level, combined with alert triggers for threat and remediation notifications for instant awareness and resolution. Leveraging both the CloudWatch and CloudTrail AWS services, the dashboard collects actionable analytics across regions, accounts, and resources. Further, an open source auto-remediation (aka self-healing) function is available for use with high-risk policies.
CounterCraft is a Cyber Deception Platform that fits seamlessly into existing security strategies and delivers high-end deception for threat hunting and threat detection using controlled, highly credible synthetic environments. CounterCraft accelerates threat detection earlier in the attack lifecycle, provides evidence of malicious activity and modus operandis and already protects leading organizations.
CTX/Soltra Edge leverages the open industry standards of STIX (Structured Threat Information eXpression) and TAXII (Trusted Automated eXchange of Indicator Information) to collect threat intelligence from various sources and convert it into the industry-standard language, revealing information that helps firms make decisions on what actions they need to take to help users better protect their organizations against cyber threats.
Inspired by the brain's natural ability to learn, Deep Instinct is the first successful application of deep learning to cybersecurity. Deep Instinct's neural network's powerful deep learning algorithms, instinctively identify and block zero-day and advanced persistent threats in real time on any device, platform and operating system.
Detect, learn and predict fraudulent activity using behavioral analysis and machine learning. DetectTA analyzes user behavior and sends alerts on any deviations from established regular behavioral patterns. This cutting-edge machine intelligence can be combined with user-defined analytics, rules, policies, and workflows for comprehensive coverage and flexibility.