Best Threat Intelligence Software

Threat intelligence software provides organizations with information related to the newest forms of cyber threats like zero-day attacks, new forms of malware, and exploits. Companies utilize the tools to keep their security standards up to date and fit to combat new threats as they emerge. These tools can improve security performance by providing information on threats to their specific networks, infrastructure, and endpoint devices. These products provide information about hazards and how they function, their capabilities, and remediation techniques. IT administrators and security professionals use the data delivered to better protect their systems from emerging threats and plan for possible vulnerabilities. The tools alert users as new threats emerge and provide information detailing best practices for resolution.

Many products like security information and event management (SIEM) and vulnerability management software can integrate with or provide similar information as threat intelligence products. Those products, though, tend to provide live updates and actionable intelligence, and focus on other components of a security ecosystem.

To qualify for inclusion in the Threat Intelligence category, a product must:

  • Provide information on emerging threats and vulnerabilities
  • Detail remediation practices for common and emerging threats
  • Analyze global threats on different types of networks and devices
  • Cater threat information to specific IT solutions
G2 Grid® for Threat Intelligence
High Performers
Market Presence
Star Rating

Threat Intelligence reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Compare Threat Intelligence Software

G2 takes pride in showing unbiased ratings on user satisfaction. G2 does not allow for paid placement in any of our ratings.
Results: 131
Filter Results
Filter by:
Sort by
Star Rating
Sort By:
Results: 131

    Perception Point provides proactive threat protection to SaaS businesses.

    Measure - Picus tells you security effectiveness right now including all emerging threats.; Categorize - Picus helps you prioritize your security resources to where you need it the most.; Monitor - continually asses your resilience to threats.; Alarm - Picus sends alarms for the situations where your security risk increases.

    Plurilock delivers preventative, instantaneous, and continuous solutions for insider threats and regulatory compliance.

    Proofpoint Premium Threat Information Service provides deeper understanding of the ongoing threat landscape and your organization's place in it, enabling you.

    The ProtectWise Grid is changing the way humans interact with security with one of the largest security data sets ever created and analyzed. It captures traffic - flows, metadata and packets - analyzes it in real time, retains it indefinitely, and visualizes it for immediate and effective detection and forensics.

    Red Hat Insights is a predictive analytics software that helps users to predict risks, get guidance and stay secure.

    ReversingLabs develops cyber threat detection and mitigation tools that address the the latest directed attacks, advanced persistent threats and polymorphic malware.

    Risk Ident offers anti-fraud solutions for companies within e-commerce and financial sectors.

    SD Elements is an award-winning platform that translates policies to prescriptive, measurable procedures that are used by IT and Engineering teams to achieve their security and compliance objectives. SD Elements generates and tracks granular controls with a flexible rule- based engine and integrates those controls into ALMs and enterprise workflows used by development teams, including those leveraging DevOps. SD Elements also delivers Just-In-Time training to developers, providing concise, contextual guidance on how to implement controls right when they need it.

    Secuirt Intelligence Platform is a security solution with powerful and integrated capabilities.

    The Seculert Attack Detection & Analytics Platform combines machine-learning based analytics and threat intelligence to automatically detect cyber attacks inside the network, revealing exactly which devices and users are compromised.

    SecurityScorecard helps enterprises gain operational command of their security posture and the security posture of their ecosystems through continuous, non-intrusive monitoring. The company’s approach to security focuses on identifying vulnerabilities from an outside-in perspective, the same way a hacker would. SecurityScorecard’s proprietary SaaS platform offers an unmatched breadth and depth of critical data points including a broad range of risk categories such as Web, Application Security, Patching Cadence, Network Security, Hacker Chatter, Social Engineering, and Leaked Credentials, DNS Health, Endpoint Security, IP Reputation and Cubit Score.

    The Senseon platform is a unique and innovative AI-led approach to cyber threat detection. Senseon offers security teams unparalleled visibility across their organisations, allowing for the detection of even the most subtle and complex of cyber attacks. By alerting accurately on genuine threats, Senseon dramatically reduces false positive alerts. Senseon’s ability to think like a human analyst allows it to not only automate many of the repetitive investigative tasks, but to go beyond the capabilities of traditional tools by detecting advanced threats that bypass their systems. In this way, Senseon helps organisations retain their invaluable people, who find real purpose in the work they do.

    ShieldSquare helps online businesses filter non-human (bot) traffic on websites and mobile applications through a non-intrusive API based approach. With ShieldSquare's real-time protection, online businesses can protect themselves against account takeover, ad fraud, web scraping, carding, skewed analytics, and other forms of bot abuse. ShieldSquare processes tens of billions of page requests every month. We protect 80,000+ internet properties of global online brands spread across 70+ countries. Our clientele includes leading businesses from several industry verticals, e.g., E-commerce, Media, Classifieds, Real Estate, Travel, Gaming, Auction, and Healthcare.

    As businesses evolve, so do fraudsters. That's why Simility provides adaptive fraud prevention that grows with you. Simility's flexible platform ingests data sources in the public, private cloud or onsite. Plus, you can easily add new sources (whether structured, unstructured, or data lakes) as you grow. Without having to write any code, your analysts can quickly identify evolving fraudulent tactics across silos and create appropriate rules, thanks to a powerful combination of human intelligence with Simility's self-optimizing machine-learning models. Simility helps you stop fraud in real-time while providing greater fraud intelligence with fewer false positives. Learn more at

    SNYPR is a security analytics platform that transforms big data into actionable security intelligence.

    The new Soltra Edge® v2.11 release that became available on October 3, brings all the powerful capabilities that have come to make Soltra Edge the most widely used Cyber Threat Communications Platform for two-way sharing of cybersecurity information.

    Spotlight Secure Threat Intelligence Platform links security intelligence to policy enforcement for rapid protection against advanced threats.

    strixus is a deep web monitoring engine for cyber and brand threats.

    SurfWatch Threat Analyst is an easy-to-use SaaS product that delivers strategic and operational threat intelligence to help organizations identify adversarial opportunities for attack and proactively mitigate cyber risks.

    TDAC (Telesoft Data Analytics Capability) is a cost effective, field-proven ultra-high-rate monitoring, analytics and forensics platform. TDAC ingests and analyses millions of events per second, including network flow data, IDS alerts and system logs, enhancing data with known threat intelligence (including IP reputation, threat classification, geo-location), partitioning and pre-anaysing data for rapid sub-second query by Incident Response and Forensics teams.

    The Respond Analyst is security decision automation software that performs just like an expert cyber security analyst but at machine speed -- making escalations decisions by analyzing streaming security data. The Respond Analyst processes millions of alerts, in real-time, and escalates detailed, vetted security situations for security teams to respond to and defend against.

    Infoblox Threat Insight detects and automatically blocks attempts to steal data via DNS that evade traditional security controls and signature based detection methods.

    ThreatModeler integrates with cloud service providers and automatically builds threat modeling programs using cloud configuration data

    ThreatQuotient is a threat intelligence platform designed to enable threat operations and management and arm your analysts with the intelligence, controls and automation required to protect your business, employees and customers.

    TruSTAR is a threat intelligence exchange platform built to protect and incentivize information sharing.

    Uplevel is the first intelligent cybersecurity system powered by graph-based machine learning. Our platform centralizes and contextualizes security data to provide the insights required for an efficient, powerful response.

    Veriato Log Manager is a software provides reporting and consolidation tools for Windows server event log, Syslog, or even text log files.

    Veriato Recon is a software to insider threat detection. It combines machine learning and advanced statistical analysis to uncover indicators of compromise traditional preventative security measures miss.

    Based on threat intelligence, big data mining analysis, machine learning, visualization and other technologies, the network situational awareness is visible, manageable and controllable, helping regulators, governments, enterprises and institutions to improve discovery identification, understanding and analysis. Respond to the ability to deal with potential threats, and help enterprises understand the running status of online business in real time, and realize the closed-loop business linkage between monitoring and early warning and emergency response.

    Wapack Labs is a cyber intelligence operation designed to monitor and report on threats to IT, key personnel and investments in dozens of venues, and make that data available in both human and machine readable formats.

    Latest Threat Intelligence Articles