Best Threat Intelligence Software

Threat intelligence software provides organizations with information related to the newest forms of cyber threats like zero-day attacks, new forms of malware, and exploits. Companies utilize the tools to keep their security standards up to date and fit to combat new threats as they emerge. These tools can improve security performance by providing information on threats to their specific networks, infrastructure, and endpoint devices. These products provide information about hazards and how they function, their capabilities, and remediation techniques. IT administrators and security professionals use the data delivered to better protect their systems from emerging threats and plan for possible vulnerabilities. The tools alert users as new threats emerge and provide information detailing best practices for resolution.

Many products like security information and event management (SIEM) and vulnerability management software can integrate with or provide similar information as threat intelligence products. Those products, though, tend to provide live updates and actionable intelligence, and focus on other components of a security ecosystem.

To qualify for inclusion in the Threat Intelligence category, a product must:

  • Provide information on emerging threats and vulnerabilities
  • Detail remediation practices for common and emerging threats
  • Analyze global threats on different types of networks and devices
  • Cater threat information to specific IT solutions
G2 Grid® for Threat Intelligence
Leaders
High Performers
Contenders
Niche
Market Presence
Satisfaction
Star Rating

Threat Intelligence reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Compare Threat Intelligence Software

G2 takes pride in showing unbiased ratings on user satisfaction. G2 does not allow for paid placement in any of our ratings.
Results: 139
Filter Results
Filter by:
Sort by
Star Rating
Sort By:
Results: 139

    Going beyond malware protection, F-Secure provides end-point protection and security management solutions. Developed in Europe for businesses around the globe.

    Amazon GuardDuty is a managed threat detection service that continuously monitors for malicious or unauthorized behavior to help you protect your AWS accounts and workloads.GuardDuty also detects potentially compromised instances or reconnaissance by attackers.

    Cisco Talos is a threat intelligence organization dedicated to providing protection before, during, and after cybersecurity attacks.

    McAfee Threat Intelligence Exchange optimizes threat detection and response by closing the gap from malware encounter to containment from days, weeks, and months down to milliseconds.

    Lookout is a mobile app that fights cybercriminals by predicting and stopping mobile attacks before they do harm.

    FortiGate offers a network security platform, designed to deliver threat protection and performance with reduced complexity.

    CylancePROTECT redefines what antivirus can and should do for your organization by leveraging artificial intelligence to detect AND prevent malware from executing on your endpoints in real time.

    Web based threats continue to rise. Symantec saw over 568,000 web threats a day during 2013, an increase of 23 percent over the previous year. Against this ever changing landscape, preventing threats entering through web communications is critical. Symantec Web Security.cloud delivers always-on, advanced malware protection, enforces acceptable use policies, and protects against confidential data loss for businesses looking to protect web use for employees. Support for roaming users extends prote

    Alert Logic's SIEMless Threat Management offering seamlessly connects an award-winning security platform, threat intelligence & expert defenders to provide the right level of security & compliance coverage for the right resources across your environments. Choose your level of coverage for asset discovery, vulnerability scanning, cloud configuration checks, threat monitoring, intrusion detection, log collection & monitoring, WAF defense & more - with 24/7 support & SOC service

    Performance issues, unavailability of critical applications, security breaches. These can cause financial loss, reputation damage, employee dissatisfaction and churn of customers. The Flowmon solution provides IT operations with a deep understanding of network and application behavior to avoid these situations. Based on performance, scalability and ease-of-use, Flowmon is trusted by companies globally, delivering them monitoring, diagnostics and analytics for optimizing performance of their infr

    Vectra AI provides an automated threat management solution that monitors internal network traffic to detect in real time active cyber attacks inside networks.

    Optimized for quick response

    Protecting your customers from the latest security threats isn’t an easy task - you need to monitor for threats, intrusions, and vulnerabilities across their infrastructure, take the appropriate action to remediate those threats quickly, and prepare the information needed to demonstrate their compliance to standards set by regulatory governing bodies. SolarWinds® Threat Monitor™ - Service Provider Edition is a fast, scalable, cloud-based platform built to enable security-minded Managed Service P

    Fortinet’s top-rated FortiSandbox provides the on-site intelligence that enables the Fortinet Security Fabric to address the fast moving and more targeted threats across a broad attack surface. Specifically, it delivers real-time intelligence through the automated detection and response to previously unknown malware. Broad Coverage of the Attack Surface with Security Fabric – applies advanced inspection across the top attack vectors of network, email, web infrastructure and even individual endpo

    SIRP is a Security Orchestration, Automation and Response (SOAR) platform that helps organizations effectively manage their security operations with Incident Management, Threat Intelligence, Vulnerability Management and Risk Management modules. It combines security infrastructure orchestration, playbook automation and case management capabilities to integrate your team, processes and tools together. SIRP makes security data instantly actionable, provides valuable intelligence and context, and en

    Change Tracker Gen7R2 solves IT Security and the problems that plague all organizations – the overwhelming noise of change control and ensuring the integrity of IT systems. Completely redesigned with both security and IT operations in mind, Change Tracker Gen7 R2 is the only solution designed to reduce change noise and the complexity of integrity monitoring and policy management all while allowing for unprecedented scalability and management that meets the most demanding enterprise environments.

    WildFire cloud-based threat analysis service is the industrys most advanced analysis and prevention engine for highly evasive zero-day exploits and malware. The cloud-based service employs a unique multi-technique approach combining dynamic and static analysis, innovative machine learning techniques, and a groundbreaking bare metal analysis environment to detect and prevent even the most evasive threats.

    Terapackets analyzer was designed to compliment Wireshark in advanced packet analysis which requires more than just one line of filter expression. Most professionals can easily understand and extend Terapackets and search large pcap file in blazing speed.

    Check Point Infinity is the only fully consolidated cyber security architecture that provides unprecedented protection against Gen V mega-cyberattacks as well as future cyber threats across all networks, endpoint, cloud and mobile. The architecture is designed to resolve the complexities of growing connectiviity and inefficient security

    SCWX is a cybersecurity company that works to provide an early warning system for evolving cyber threats, enabling to prevent, detect, rapidly respond to and predict cyberattacks.

    Prevent, not just detect, advanced threats using scalable inline malware protection and real-time threat intelligence

    ATI software provides enhancements for intrusion protection systems and intrusion detection systems.

    DeepSight Intelligence provides resources to make sharper decisions against emerging global threats.

    TrustedID offers a suite of identity protection solutions.

    Advanced Threat Analysis is a security solution that combines sandboxing technology, dynamic code analysis, machine learning, and actionable threat reporting.

    Check Point’s multilayered security technology provides protection against advanced and zero-day cyber threats, preventing attacks, minimizing risks and offering rapid response

    DomainTools' data and products work in harmony to enable security teams to start getting ahead of attacks, gain context and visibility into potential threats, and lower the skills barrier.

    IBM Security X-Force Threat Intelligence is a security solution that adds dynamic Internet threat data to the analytical capabilities of IBM QRadar Security Intelligence Platform.

    AutoFocus contextual threat intelligence service accelerates analysis, correlation and prevention workflows. Unique, targeted attacks are automatically prioritized with full context, allowing security teams to respond to critical attacks faster, without additional IT security resources.

    Provides the registration details, also known as the Whois Record, of a domain name or an IP address.

    Apache Metron provides a scalable advanced security analytics framework built with the Hadoop Community evolving from the Cisco OpenSOC Project.

    Gathering targeted and actionable intelligence, Argos pools both technological and human resources to generate real-time incidents of targeted attacks, data leakage and stolen credentials compromising your organization.

    Check Point offers comprehensive intelligence to proactively stop threats, manage security services to monitor networks and incident response to quickly respond to and resolve attacks.

    Threat Grid combines advanced sandboxing with threat intelligence into one unified solution to protect organizations from malware. With a robust, context-rich malware knowledge base, you will understand what malware is doing, or attempting to do, how large a threat it poses, and how to defend against it.

    Cofense Intelligence uses proprietary techniques to analyze millions of messages daily from a wide variety of sources.

    Digital Vaccine filters help your organization control the patch management life cycle by providing pre-emptive coverage between the discovery of a vulnerability and the availability of a patch as well as added protection for legacy, out-of-support software.

    Cloud-based ESET Threat Intelligence closes the gap between the cybersecurity information that security engineers get from their own networks and the cyberspace intelligence that ESET collects worldwide.

    Falcon X™ automates the threat analysis process and delivers actionable intelligence and custom IOCs specifically tailored for the threats encountered on your endpoints.

    FireEye Helix is a intelligence-led platform designed to simplify, integrate and automate security operations.

    FireEye Threat Intelligence anticipates and respond to cyber attacks.

    Apply artificial intelligence to accelerate incident analysis and rapidly respond to threats.

    Netwrix Corporation is a software company focused exclusively on providing IT security and operations teams with pervasive visibility into user behavior, system configurations and data sensitivity across hybrid IT infrastructures to protect data regardless of its location.

    OPSWAT is a cyber security software company that provides solutions to secure and manage IT infrastructure.

    ET Intelligence helps prevent attacks and reduce risk by helping you understand the historical context of where these threats originated, who is behind them, when have they attacked, what methods they used, and what they're after.

    Pulsedive is a brand-new analyst-centric threat intelligence platform that can provide users with comprehensive community threat intelligence to help identify known threats. Pulsedive is currently consuming over 40 OSINT feeds, equating to over one million IPs, domains, and URLs that are searchable for free at https://pulsedive.com. A dedicated solution is available for enterprise customers who want to consume vendor threat intelligence and manage their internal and private data without sharing

    Recorded Future delivers the only complete threat intelligence solution powered by patented machine learning to lower risk. We empower organizations to reveal unknown threats before they impact business, and enable teams to respond to alerts 10 times faster. To supercharge the efforts of security teams, our technology automatically collects and analyzes intelligence from technical, open, and dark web sources and aggregates customer-proprietary data. Recorded Future delivers more context than thr

    Ridgeback is a unique & innovative enterprise security software platform and the First Intruder Expulsion System. Cyber adversaries need lateral movement to steal data. Ridgeback extinguishes any malicious lateral movement in real-time and autonomously (no person in the loop) to protect networks from all the most damaging types of attacks. Ridgeback generates no false-positive incident alerts. It is easy to deploy and highly cost-effective, especially in labor. Current cyber defense tec

    Everyone uses the internet, both the good guys and bad guys. RiskIQ catalogs, maps, and enriches the structure of the internet to let you take charge of your digital presence and combat threats to your organization. Our four key products that make up our Digital Threat Management suite include RiskIQ Digital Footprint, External Threats, PassiveTotal, and Security Intelligence Services.

    SolarWinds Risk Intelligence makes it concrete by assigning value to your data vulnerability, helping you build a strong business case for data protection and triage the most important problems to tackle.

    The Respond Analyst is security decision automation software that performs just like an expert cyber security analyst but at machine speed -- making escalations decisions by analyzing streaming security data. The Respond Analyst processes millions of alerts, in real-time, and escalates detailed, vetted security situations for security teams to respond to and defend against.

    ThreatConnect is a in-platform analytics and automation solution.

    Latest Threat Intelligence Articles