# Best Threat Intelligence Software *By [Brandon Summers-Miller](https://research.g2.com/insights/author/brandon-summers-miller)* Threat intelligence software provides organizations with information related to the newest forms of cyber threats like zero-day attacks, new forms of malware, and exploits. Companies use these tools to keep their security standards up to date and fit to address new threats as they emerge. These tools can improve security performance by providing information on threats to their specific networks, infrastructure, and endpoint devices. Threat intelligence software provides information about hazards and how they function, their capabilities, and remediation techniques. IT administrators and security professionals use the delivered data to better protect their systems from emerging threats and plan for possible vulnerabilities. The tools alert users as new threats emerge and provide information detailing best practices for resolution. Many products, like [security information and event management (SIEM) software](https://www.g2.com/categories/security-information-and-event-management-siem) and [vulnerability management software](https://www.g2.com/categories/vulnerability-management), can integrate with or provide similar information as threat intelligence products. Additionally, these products continue to integrate with artificial intelligence (AI) to better tailor this complex suite of data for specific organizations’ needs. These newer capabilities can include being able to generate threat reports based on newly aggregated threat intelligence data. This data directly pertains to the organization where the software is deployed. The newer capabilities also help in creating threat detection rules based on observed patterns in malicious actors’ behaviors. To qualify for inclusion in the Threat Intelligence category, a product must: - Provide information on emerging threats and vulnerabilities - Detail remediation practices for common and emerging threats - Analyze global threats on different types of networks and devices - Cater threat information to specific IT solutions ## Category Overview **Total Products under this Category:** 184 ## Trust & Credibility Stats **Why You Can Trust G2's Software Rankings:** - 30 Analysts and Data Experts - 4,500+ Authentic Reviews - 184+ Products - Unbiased Rankings G2's software rankings are built on verified user reviews, rigorous moderation, and a consistent research methodology maintained by a team of analysts and data experts. Each product is measured using the same transparent criteria, with no paid placement or vendor influence. While reviews reflect real user experiences, which can be subjective, they offer valuable insight into how software performs in the hands of professionals. Together, these inputs power the G2 Score, a standardized way to compare tools within every category. ## Best Threat Intelligence Software At A Glance - **Leader:** [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) - **Highest Performer:** [CTM360](https://www.g2.com/products/ctm360-ctm360/reviews) - **Easiest to Use:** [CloudSEK](https://www.g2.com/products/cloudsek/reviews) - **Top Trending:** [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) - **Best Free Software:** [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) --- **Sponsored** ### Intruder Intruder is an exposure management platform for scaling to mid-market businesses. Over 3000 companies - across all industries - use Intruder to find critical exposures, respond faster and prevent breaches. Unifying Attack Surface Management, Vulnerability Management and Cloud security into one powerful, easy to use platform, Intruder simplifies the complex task of securing an ever-expanding attack surface. Recognizing no two business are alike, Intruder provides real-time, accurate scanning combined with intelligent risk prioritization, ensuring businesses focus on the exposures that are most relevant to them. And our proactive approach limits the window of risk, continuously monitoring for new threats while eliminating the noise that slows teams down. Whether you're an IT Manager, in DevOps or a CISO, Intruder's easy setup and context-driven approach will free you up to focus on exposures that cause real breaches, not just technical vulnerabilities. Keeping you one step ahead of attackers. [Visit website](https://www.g2.com/external_clickthroughs/record?secure%5Bad_program%5D=ppc&secure%5Bad_slot%5D=category_product_list&secure%5Bcategory_id%5D=1080&secure%5Bdisplayable_resource_id%5D=1423&secure%5Bdisplayable_resource_type%5D=Category&secure%5Bmedium%5D=sponsored&secure%5Bplacement_reason%5D=neighbor_category&secure%5Bplacement_resource_ids%5D%5B%5D=2832&secure%5Bprioritized%5D=false&secure%5Bproduct_id%5D=27706&secure%5Bresource_id%5D=1080&secure%5Bresource_type%5D=Category&secure%5Bsource_type%5D=category_page&secure%5Bsource_url%5D=https%3A%2F%2Fwww.g2.com%2Fcategories%2Fthreat-intelligence%3Fpage%3D2&secure%5Btoken%5D=a9e10c232bcf4b7f985a44d1d101660b59c1d842ea996881dcd8f73bd26acd56&secure%5Burl%5D=https%3A%2F%2Fwww.intruder.io%2F%3Futm_source%3Dg2%26utm_medium%3Dp_referral%26utm_campaign%3Dglobal%7Cfixed%7Cg2_clicks_2025&secure%5Burl_type%5D=free_trial) --- ## Top-Rated Products (Ranked by G2 Score) ### 1. [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) Organizations today face a serious challenge: managing numerous security vendors and tools while confronting an ever-evolving threat landscape. Sophisticated adversaries are becoming smarter, faster, and more evasive, launching complex attacks that can strike in minutes or even seconds. Traditional security approaches struggle to keep pace, leaving businesses vulnerable. The CrowdStrike Falcon Platform addresses this by offering a unified, cloud-native solution. It consolidates previously siloed security solutions and incorporates third-party data into a single platform with one efficient and resource-conscious agent, leveraging advanced AI and real-time threat intelligence. This approach simplifies security operations, speeds analyst decision making, and enhances protection to stop the breach, allowing organizations to reduce risk with less complexity and lower costs. CrowdStrike's Falcon Platform includes: - Endpoint Security: Secure the endpoint, stop the breach - Identify Protection: Identity is the front line, defend it - Next-Gen SIEM: The future of SIEM, today - Data Protection: Real-time data protection from endpoint to cloud - Exposure Management: Understand risk to stop breaches - Charlotte AI: Powering the next evolution of the SOC **Average Rating:** 4.7/5.0 **Total Reviews:** 368 **User Satisfaction Scores:** - **Security Validation:** 9.4/10 (Category avg: 9.0/10) - **Intelligence Reports:** 9.3/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 9.4/10 (Category avg: 8.6/10) - **Ease of Use:** 9.0/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [CrowdStrike](https://www.g2.com/sellers/crowdstrike) - **Company Website:** https://www.crowdstrike.com - **Year Founded:** 2011 - **HQ Location:** Sunnyvale, CA - **Twitter:** @CrowdStrike (110,215 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2497653/ (11,258 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Analyst, Cyber Security Analyst - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 46% Enterprise, 42% Mid-Market #### Pros & Cons **Pros:** - Features (113 reviews) - Threat Detection (103 reviews) - Ease of Use (98 reviews) - Security (97 reviews) - Detection (86 reviews) **Cons:** - Expensive (54 reviews) - Complexity (39 reviews) - Learning Curve (35 reviews) - Limited Features (31 reviews) - Pricing Issues (29 reviews) ### 2. [Recorded Future](https://www.g2.com/products/recorded-future/reviews) Recorded Future is the world’s largest threat intelligence company. Recorded Future’s Intelligence Cloud provides end-to-end intelligence across adversaries, infrastructure, and targets. Indexing the internet across the open web, dark web, and technical sources, Recorded Future provides real-time visibility into an expanding attack surface and threat landscape, empowering clients to act with speed and confidence to reduce risk and securely drive business forward. Headquartered in Boston with offices and employees around the world, Recorded Future works with over 1,900 businesses and government organizations across 80 countries to provide real-time, unbiased and actionable intelligence. Learn more at recordedfuture.com. **Average Rating:** 4.6/5.0 **Total Reviews:** 218 **User Satisfaction Scores:** - **Security Validation:** 8.2/10 (Category avg: 9.0/10) - **Intelligence Reports:** 8.8/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 7.8/10 (Category avg: 8.6/10) - **Ease of Use:** 8.4/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Recorded Future](https://www.g2.com/sellers/recorded-future) - **Company Website:** https://www.recordedfuture.com - **Year Founded:** 2009 - **HQ Location:** Somerville, US - **Twitter:** @RecordedFuture (108,201 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/678036/ (1,149 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Threat Intelligence Analyst, Cyber Threat Intelligence Analyst - **Top Industries:** Financial Services, Information Technology and Services - **Company Size:** 68% Enterprise, 19% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (100 reviews) - Features (96 reviews) - Threat Intelligence (68 reviews) - Threat Detection (65 reviews) - Insights (64 reviews) **Cons:** - Complexity (38 reviews) - Expensive (36 reviews) - Learning Curve (30 reviews) - Insufficient Information (26 reviews) - Difficult Learning (25 reviews) ### 3. [CloudSEK](https://www.g2.com/products/cloudsek/reviews) CloudSEK is a contextual AI company that predicts Cyber Threats. We combine the power of Cyber Crime monitoring, Brand Monitoring, Attack Surface monitoring, and Supply Chain intelligence to give context to our customers’ digital risks. **Average Rating:** 4.8/5.0 **Total Reviews:** 132 **User Satisfaction Scores:** - **Security Validation:** 9.4/10 (Category avg: 9.0/10) - **Intelligence Reports:** 9.4/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 9.4/10 (Category avg: 8.6/10) - **Ease of Use:** 9.6/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [CloudSEK](https://www.g2.com/sellers/cloudsek) - **Year Founded:** 2015 - **HQ Location:** Singapore, SG - **Twitter:** @cloudsek (2,417 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cloudsek/ (231 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Analyst - **Top Industries:** Financial Services, Banking - **Company Size:** 52% Enterprise, 31% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (53 reviews) - Monitoring (47 reviews) - Customer Support (44 reviews) - Features (42 reviews) - Threat Intelligence (34 reviews) **Cons:** - False Positives (36 reviews) - Inefficient Alerts (22 reviews) - Dashboard Issues (16 reviews) - Inefficient Alert System (15 reviews) - Complex UI (8 reviews) ### 4. [Cyble](https://www.g2.com/products/cyble/reviews) Cyble is an AI-native cybersecurity solution designed to help organizations enhance their digital security posture through real-time intelligence, detection, and response capabilities. By leveraging advanced agentic AI and processing vast amounts of data, Cyble empowers businesses to navigate the complexities of the cyber threat landscape effectively. Its unique approach involves collecting and enriching signals from various sources, including the dark web, deep web, and surface web, providing unparalleled visibility into emerging threats and adversarial activities. Targeting a wide range of industries, Cyble's platform is particularly beneficial for security teams, risk management professionals, and organizations that prioritize safeguarding their digital assets. The comprehensive suite of solutions offered by Cyble includes Threat Intelligence, Dark Web & Deep Web Monitoring, Attack Surface Management (ASM), and Brand Intelligence, among others. These tools are designed to address specific use cases such as identifying vulnerabilities, monitoring brand reputation, and managing third-party risks, making it an essential resource for organizations aiming to bolster their cybersecurity measures. Cyble's key features are centered around its unified platform, which integrates multiple cybersecurity functions into a single interface. This integration allows for seamless communication between different security components, enabling teams to anticipate, identify, and neutralize threats with remarkable speed and precision. For instance, the Digital Forensics & Incident Response (DFIR) capabilities equip organizations with the tools needed to investigate and respond to incidents effectively, while the DDoS Protection and Cloud Security Posture Management (CSPM) features ensure that businesses can maintain operational integrity even under attack. Moreover, Cyble stands out in its category by combining vast data intelligence with cutting-edge AI automation. This proactive defense strategy not only helps organizations react to cyber threats but also empowers them to stay ahead of potential risks. By enhancing visibility into the threat landscape and providing actionable insights, Cyble enables enterprises to protect their assets, safeguard brand trust, and operate with confidence in an increasingly complex digital environment. The result is a robust cybersecurity framework that supports organizations in navigating the ever-evolving challenges of the cyber world. **Average Rating:** 4.8/5.0 **Total Reviews:** 143 **User Satisfaction Scores:** - **Security Validation:** 9.3/10 (Category avg: 9.0/10) - **Intelligence Reports:** 9.6/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 9.3/10 (Category avg: 8.6/10) - **Ease of Use:** 9.5/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Cyble](https://www.g2.com/sellers/cyble) - **Company Website:** https://cyble.com - **Year Founded:** 2019 - **HQ Location:** Alpharetta, US - **Twitter:** @cybleglobal (16,408 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cyble-global/ (246 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 37% Enterprise, 17% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (74 reviews) - Threat Intelligence (71 reviews) - Features (57 reviews) - Insights (49 reviews) - Threat Detection (49 reviews) **Cons:** - Inefficient Alerts (28 reviews) - False Positives (20 reviews) - Limited Customization (20 reviews) - Poor Customer Support (20 reviews) - Poor Support Management (19 reviews) ### 5. [SOCRadar Extended Threat Intelligence](https://www.g2.com/products/socradar-extended-threat-intelligence/reviews) Since 2019, SOCRadar has been a pioneer in SaaS cybersecurity, now serving over 900 customers across 75 countries. Our mission is to provide accessible, proactive threat intelligence. Today, SOCRadar empowers security teams with our groundbreaking Extended Threat Intelligence (XTI) platform and is leading the charge toward the future with Agentic Threat Intelligence (ATI). What does SOCRadar do? At its core, SOCRadar provides a unified, cloud-hosted platform designed to enrich your cyber threat intelligence by contextualizing it with data from your attack surface, digital footprint, dark web exposure, and supply chain. We help security teams see what attackers see by combining External Attack Surface Management, Cyber Threat Intelligence, and Digital Risk Protection into a single, easy-to-use solution. This enables your organization to discover hidden vulnerabilities, detect data leaks, and shut down threats like phishing and brand impersonation before they can harm your business. By combining these critical security functions, SOCRadar replaces the need for separate, disconnected tools. Our holistic approach offers a streamlined, modular experience, providing a complete, real-time view of your threat landscape to help you stay ahead of attackers. Our vision for Agentic Threat Intelligence (ATI) goes beyond today's chatbots and LLMs. We are focused on making it practical for security teams to use AI agents to solve real-world problems. Our initiative will empower you to either deploy pre-built agents or easily create your own, leveraging deep integrations to automate complex tasks that were previously difficult to perform accurately. SOCRadar is dedicated to pioneering this change, making autonomous security an accessible reality for your team. **Average Rating:** 4.7/5.0 **Total Reviews:** 100 **User Satisfaction Scores:** - **Security Validation:** 8.9/10 (Category avg: 9.0/10) - **Intelligence Reports:** 9.2/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 8.5/10 (Category avg: 8.6/10) - **Ease of Use:** 9.1/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [SOCRadar ](https://www.g2.com/sellers/socradar) - **Company Website:** https://socradar.io - **Year Founded:** 2018 - **HQ Location:** Delaware - **Twitter:** @socradar (5,688 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/socradar (195 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Financial Services, Computer & Network Security - **Company Size:** 42% Mid-Market, 41% Enterprise #### Pros & Cons **Pros:** - Ease of Use (27 reviews) - Threat Intelligence (25 reviews) - Alerts (20 reviews) - Insights (19 reviews) - Monitoring (19 reviews) **Cons:** - Inefficient Alerts (10 reviews) - Inefficient Alert System (10 reviews) - False Positives (8 reviews) - Insufficient Information (7 reviews) - Limited Features (7 reviews) ### 6. [GreyNoise](https://www.g2.com/products/greynoise/reviews) GreyNoise provides security teams with real-time, verifiable perimeter threat intelligence. We observe and analyze both global and targeted internet scanning and exploitation traffic, and make this intelligence available to customers in real-time. This allows security teams to improve the efficiency of their SOC, perform threat hunting campaigns, and focus on critical threats to their network. **Average Rating:** 4.8/5.0 **Total Reviews:** 141 **User Satisfaction Scores:** - **Security Validation:** 9.1/10 (Category avg: 9.0/10) - **Intelligence Reports:** 8.7/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 9.1/10 (Category avg: 8.6/10) - **Ease of Use:** 9.6/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [GreyNoise](https://www.g2.com/sellers/greynoise) - **Company Website:** https://www.greynoise.io/ - **Year Founded:** 2017 - **HQ Location:** Washington, D.C. - **Twitter:** @GreyNoiseIO (29,263 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/greynoise (60 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Network Engineer, Cloud Security Engineer - **Top Industries:** Information Technology and Services, Financial Services - **Company Size:** 75% Mid-Market, 31% Small-Business #### Pros & Cons **Pros:** - Ease of Use (63 reviews) - Automation (54 reviews) - Detailed Analysis (44 reviews) - Threat Detection (43 reviews) - Alerts (40 reviews) **Cons:** - Slow Loading (15 reviews) - Dashboard Issues (8 reviews) - Integration Issues (8 reviews) - Navigation Issues (8 reviews) - Inefficient Alert System (7 reviews) ### 7. [ZeroFox](https://www.g2.com/products/zerofox/reviews) ZeroFox is the solution used to illuminate threat actor intent, mitigate threats and exposures, remove threats from the internet, and preemptively safeguard your reputation. ZeroFox uniquely fuses the core capabilities of Cyber Threat Intelligence, Brand and Domain Protection, Attack Surface Intelligence, Executive Protection and Physical Security Intelligence in one platform packed with intelligence you’ll actually use. ZeroFox defends your business from the everyday attacks that impact revenue, erode trust, and frustrate teams by: Discovering exposed assets, brands, domains, accounts, and emerging threats Validating the risks that matter most to you and your digital estate Disrupting attacks before they harm your business, your customers, and your people Our continuous cycle—Discover, Validate, Disrupt—delivers outcomes and helps organizations achieve deeper threat contextualization, faster detection and response times, and longer-term cost savings by anticipating, understanding, and mitigating external digital threats at scale. Join thousands of customers, including some of the largest public sector organizations and leaders in finance, media, technology, retail, and healthcare, and let ZeroFox deliver timely, personal, and usable intelligence so you can stay ahead of what’s next and reclaim what’s right. **Average Rating:** 4.4/5.0 **Total Reviews:** 129 **User Satisfaction Scores:** - **Security Validation:** 8.5/10 (Category avg: 9.0/10) - **Intelligence Reports:** 8.3/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 7.5/10 (Category avg: 8.6/10) - **Ease of Use:** 8.7/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [ZeroFox](https://www.g2.com/sellers/zerofox) - **Company Website:** https://www.zerofox.com - **Year Founded:** 2013 - **HQ Location:** Baltimore, MD - **Twitter:** @ZeroFOX (5,206 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2890672 (885 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Financial Services, Banking - **Company Size:** 45% Enterprise, 28% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (35 reviews) - Protection (32 reviews) - Threat Detection (28 reviews) - Alert Notifications (23 reviews) - Alerts (22 reviews) **Cons:** - Inefficient Alerts (24 reviews) - False Alarms (16 reviews) - Slow Performance (14 reviews) - False Positives (12 reviews) - Inefficient Alert System (11 reviews) ### 8. [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) Cloudflare is the connectivity cloud for the "everywhere world," on a mission to help build a better Internet. We provide a unified platform of networking, security, and developer services delivered from a single, intelligent global network that spans hundreds of cities in over 125 countries. This empowers organizations of all sizes, from small businesses to the world's largest enterprises, to make their employees, applications, and networks faster and more secure everywhere, while significantly reducing complexity and cost. Our comprehensive platform includes: - Advanced Security: Protect your online presence with industry-leading DDoS protection, a robust Web Application Firewall (WAF), Bot mitigation, and API security. Implement Zero Trust security to secure remote access, data, and applications for your entire workforce. - Superior Performance: Accelerate website and application loading times globally with our Content Delivery Network (CDN), intelligent DNS, and smart routing capabilities. Optimize images and deliver dynamic content with unparalleled speed. - Powerful Developer Tools: Empower your developers to build and deploy full-stack applications at the edge using Cloudflare Workers (serverless functions), R2 Storage (object storage without egress fees), and D1 (serverless SQL database). Cloudflare helps connect and protect millions of customers globally, offering the control, visibility, and reliability businesses need to work, develop, and accelerate their operations in today's hyperconnected landscape. Our global network continuously learns and adapts, ensuring your digital assets are always protected and performing at their best. **Average Rating:** 4.5/5.0 **Total Reviews:** 576 **User Satisfaction Scores:** - **Security Validation:** 10.0/10 (Category avg: 9.0/10) - **Intelligence Reports:** 9.7/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 8.8/10 (Category avg: 8.6/10) - **Ease of Use:** 9.0/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Cloudflare, Inc.](https://www.g2.com/sellers/cloudflare-inc) - **Company Website:** https://www.cloudflare.com - **Year Founded:** 2009 - **HQ Location:** San Francisco, California - **Twitter:** @Cloudflare (276,983 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/407222/ (6,898 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Web Developer, Software Engineer - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 62% Small-Business, 26% Mid-Market #### Pros & Cons **Pros:** - Security (54 reviews) - Ease of Use (50 reviews) - Features (45 reviews) - Performance (36 reviews) - Reliability (36 reviews) **Cons:** - Complex User Interface (24 reviews) - Expensive (24 reviews) - Complex Setup (19 reviews) - Complexity (18 reviews) - Learning Curve (15 reviews) ### 9. [Falcon Security and IT operations](https://www.g2.com/products/falcon-security-and-it-operations/reviews) CrowdStrike Falcon for IT is a comprehensive IT operations and security solution that combines powerful endpoint management capabilities with enterprise-grade security protection. By unifying IT operations and security functions on a single platform, Falcon for IT enables organizations to streamline device management, automate software deployment, ensure compliance, and maintain robust security across their entire endpoint ecosystem. The solution leverages CrowdStrike's cloud-native architecture to provide real-time visibility, control, and protection for all managed devices, whether on-premises or remote. Designed for modern IT teams, Falcon for IT simplifies daily operations through automated patch management, application inventory, USB device control, and system performance monitoring. The platform's intuitive interface and automated workflows help IT professionals efficiently manage their endpoint environment while maintaining security best practices and reducing operational overhead. Whether managing software updates, deploying applications, or responding to IT incidents, Falcon for IT serves as a unified solution that empowers IT teams to maintain operational excellence while ensuring enterprise-grade security protection across their organization. **Average Rating:** 4.6/5.0 **Total Reviews:** 21 **User Satisfaction Scores:** - **Security Validation:** 8.7/10 (Category avg: 9.0/10) - **Intelligence Reports:** 9.4/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 9.2/10 (Category avg: 8.6/10) - **Ease of Use:** 9.2/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [CrowdStrike](https://www.g2.com/sellers/crowdstrike) - **Year Founded:** 2011 - **HQ Location:** Sunnyvale, CA - **Twitter:** @CrowdStrike (110,215 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/2497653/ (11,258 employees on LinkedIn®) - **Ownership:** NASDAQ: CRWD **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer & Network Security - **Company Size:** 48% Mid-Market, 43% Enterprise #### Pros & Cons **Pros:** - Ease of Use (11 reviews) - Easy Integrations (9 reviews) - Easy Setup (6 reviews) - Security (6 reviews) - Security Protection (6 reviews) **Cons:** - Expensive (5 reviews) - False Positives (2 reviews) - Poor Documentation (2 reviews) - Slow Loading (2 reviews) - Slow Performance (2 reviews) ### 10. [CTM360](https://www.g2.com/products/ctm360-ctm360/reviews) CTM360 is a consolidated external security platform that integrates External Attack Surface Management, Digital Risk Protection, Cyber Threat Intelligence, Brand Protection & Anti-phishing, Surface, Deep, & Dark Web Monitoring, Security Ratings, Third-party risk Management, and fully managed unlimited Takedowns. As a pioneer and innovator in preemptive security, CTM360 operates as an external CTEM technology platform outside an organization’s perimeter. Seamless and turn-key, CTM360 requires no configurations, installations or inputs from the end-user, with all data pre-populated and specific to your organization. All aspects are managed by CTM360. **Average Rating:** 4.7/5.0 **Total Reviews:** 111 **User Satisfaction Scores:** - **Security Validation:** 8.6/10 (Category avg: 9.0/10) - **Intelligence Reports:** 8.8/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 7.9/10 (Category avg: 8.6/10) - **Ease of Use:** 9.2/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [CTM360](https://www.g2.com/sellers/ctm360) - **Company Website:** https://www.ctm360.com/ - **Year Founded:** 2014 - **HQ Location:** Manama, BH - **Twitter:** @teamCTM360 (997 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/ctm360/ (125 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Banking, Financial Services - **Company Size:** 42% Mid-Market, 31% Enterprise #### Pros & Cons **Pros:** - Customer Support (48 reviews) - Ease of Use (45 reviews) - Features (31 reviews) - Monitoring (28 reviews) - Detection Efficiency (24 reviews) **Cons:** - Limited Features (9 reviews) - Integration Issues (8 reviews) - Lack of Features (5 reviews) - Lack of Integration (5 reviews) - Lack of Integrations (5 reviews) ### 11. [Check Point Exposure Management](https://www.g2.com/products/check-point-exposure-management/reviews) Exposure Management isn’t just a buzzword, it’s the future of cybersecurity. Attackers move fast, exploiting misconfigurations, leaked credentials, and control gaps before patch cycles even start. Traditional tools give you dashboards and alerts, but visibility without action is just noise. Check Point’s latest innovation changes the game. By combining billions of internal telemetry points from Check Point’s global footprint with billions of external signals from the open, deep, and dark web via Cyberint, we deliver a Unified Intelligence Fabric that provides complete clarity across your attack surface. The industry is moving from fragmented feeds to real context on what’s an actual priority. Further prioritization is enabled through active validation of the threats, confirmation of compensating controls and deduplication of alerts between tools. Then, with Veriti’s safe-by-design remediation, we’re not just assigning tickets to the ether. Fixes are actually implemented. Every fix is validated before enforcement, meaning exposures are remediated without downtime, and risk reduction becomes measurable. Gartner predicts organizations adopting CTEM with mobilization will see 50% fewer successful attacks by 2028, and we’re leading that charge with action, not just tickets. Ready to see how exposure management done right looks? Get a 15-minute demo and experience preemptive security in action \> https://l.cyberint.com/em-demo **Average Rating:** 4.6/5.0 **Total Reviews:** 168 **User Satisfaction Scores:** - **Security Validation:** 8.8/10 (Category avg: 9.0/10) - **Intelligence Reports:** 9.0/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 8.4/10 (Category avg: 8.6/10) - **Ease of Use:** 9.1/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Check Point Software Technologies](https://www.g2.com/sellers/check-point-software-technologies) - **Company Website:** https://www.checkpoint.com/ - **Year Founded:** 1993 - **HQ Location:** Redwood City, CA - **Twitter:** @CheckPointSW (70,978 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/check-point-software-technologies/ (8,356 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Security Threat Analyst, Cyber Security Analyst - **Top Industries:** Banking, Financial Services - **Company Size:** 69% Enterprise, 20% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (64 reviews) - Threat Intelligence (63 reviews) - Threat Detection (52 reviews) - Insights (41 reviews) - Customer Support (39 reviews) **Cons:** - Inefficient Alerts (21 reviews) - False Positives (15 reviews) - Inefficient Alert System (15 reviews) - Integration Issues (11 reviews) - Limited Features (11 reviews) ### 12. [Cisco Talos](https://www.g2.com/products/cisco-talos/reviews) Cisco Talos is a threat intelligence organization dedicated to providing protection before, during, and after cybersecurity attacks. **Average Rating:** 4.4/5.0 **Total Reviews:** 37 **User Satisfaction Scores:** - **Security Validation:** 9.2/10 (Category avg: 9.0/10) - **Intelligence Reports:** 9.0/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 8.9/10 (Category avg: 8.6/10) - **Ease of Use:** 8.9/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Cisco](https://www.g2.com/sellers/cisco) - **Year Founded:** 1984 - **HQ Location:** San Jose, CA - **Twitter:** @Cisco (721,388 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cisco/ (95,742 employees on LinkedIn®) - **Ownership:** NASDAQ:CSCO **Reviewer Demographics:** - **Top Industries:** Computer Software, Information Technology and Services - **Company Size:** 43% Mid-Market, 31% Enterprise #### Pros & Cons **Pros:** - Threat Detection (2 reviews) - Accuracy of Information (1 reviews) - Automation (1 reviews) - Detailed Analysis (1 reviews) - Reliability (1 reviews) **Cons:** - Complexity (1 reviews) - Integration Issues (1 reviews) - Lack of Customization (1 reviews) - Poor Reporting (1 reviews) - Time-Consuming (1 reviews) ### 13. [Group-IB Threat Intelligence](https://www.g2.com/products/group-ib-threat-intelligence/reviews) The first line of defense shouldn’t be your infrastructure; optimize your security and defeat attacks before they begin with knowledge of who, how, and when you will be attacked. Group-IB’s Threat Intelligence provides unparalleled insight into your adversaries and maximizes the performance of every component of your security ecosystem. Equip your team with it to strengthen your security with the strategic, operational and tactical intelligence. Understand threat trends and anticipate specific attacks with thorough knowledge of your threat landscape. Group-IB provides precise, tailored and reliable information for data-driven strategic decisions. - Revolutionize risk management with tailored on-demand, and regular monthly and quarterly threat reports written by analysts specifically for the board and executives - Enable growth with actionable threat intelligence before expanding into a new region/business line, and get industry-specific threats before digital transformation - Lower the cost of cyber security by avoiding unnecessary purchases and postponing upgrades by maximizing the efficacy of your existing security investments Strengthen defenses with detailed insight into attacker behaviors and infrastructure. Group-IB delivers the most comprehensive insight into past, present and future attacks targeting your organization, industry, partners and clients. - Transform security and adapt instantly, use the insights to block malicious network and endpoint activity the moment it is first observed anywhere in the world - Identify and remove weaknesses before they are exploited by arming your Red Team with detailed knowledge of threat actor’s tools, tactics and processes - Automate workflows and improve team efficiency by enriching your SIEM, SOAR, EDR and vulnerability management platforms with out-of-the-box API integrations supporting TAXII and STIX Identify attacks faster and reduce response time with comprehensive visibility of the stages of attack used by threat actors. Group-IB gives your teams the best possible insight into the methods used by adversaries. - Prioritize vulnerability patching for your technology stack with automated alerts that inform you the moment vulnerabilities are discovered or exploited by threat actors targeting your industry - Eliminate false positive alerts and focus on legitimately risky events with a database of indicators of compromise for cybercriminals in your threat landscape - Reduce response time and quickly remove attackers from your network with knowledge of the cyber kill chain used by threat actors in the MITRE ATT&CK matrix format **Average Rating:** 4.7/5.0 **Total Reviews:** 28 **User Satisfaction Scores:** - **Security Validation:** 8.8/10 (Category avg: 9.0/10) - **Intelligence Reports:** 8.9/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 8.7/10 (Category avg: 8.6/10) - **Ease of Use:** 8.9/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Group-IB](https://www.g2.com/sellers/group-ib) - **Company Website:** https://www.group-ib.com/ - **Year Founded:** 2003 - **HQ Location:** Singapore - **Twitter:** @GroupIB (9,535 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/group-ib/ (490 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Banking, Financial Services - **Company Size:** 61% Enterprise, 21% Mid-Market #### Pros & Cons **Pros:** - Threat Detection (2 reviews) - Automation (1 reviews) - Detailed Analysis (1 reviews) - Ease of Use (1 reviews) - Features (1 reviews) **Cons:** - Expensive (1 reviews) ### 14. [Doppel](https://www.g2.com/products/doppel/reviews) Doppel is built to outsmart the internet’s biggest threat—social engineering. Using generative AI, we don’t just defend; we disrupt attackers' tactics and infrastructures, providing holistic protection against these attacks. Our platform learns from every attempt, evolving in real-time to protect all customers and stay ahead of ever-changing threats. By pairing cutting-edge AI with expert analysis, we outpace threats like phishing, impersonation, and disinformation—delivering comprehensive coverage, speed, and precision that legacy systems can’t touch. **Average Rating:** 4.7/5.0 **Total Reviews:** 44 **User Satisfaction Scores:** - **Security Validation:** 9.1/10 (Category avg: 9.0/10) - **Intelligence Reports:** 8.9/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 8.7/10 (Category avg: 8.6/10) - **Ease of Use:** 9.2/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Doppel](https://www.g2.com/sellers/doppel) - **Company Website:** https://www.doppel.com/ - **Year Founded:** 2022 - **HQ Location:** N/A - **LinkedIn® Page:** https://www.linkedin.com/company/doppelhq/about/ (269 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Financial Services, Information Technology and Services - **Company Size:** 49% Mid-Market, 36% Small-Business #### Pros & Cons **Pros:** - Customer Support (9 reviews) - Alerts (7 reviews) - Response Time (6 reviews) - Threat Detection (5 reviews) - Ease of Use (4 reviews) **Cons:** - Expensive (2 reviews) - Information Overload (1 reviews) - Not User-Friendly (1 reviews) - Poor Detection Performance (1 reviews) - Poor Documentation (1 reviews) ### 15. [Lookout](https://www.g2.com/products/lookout/reviews) Lookout is a mobile app that fights cybercriminals by predicting and stopping mobile attacks before they do harm. **Average Rating:** 4.3/5.0 **Total Reviews:** 67 **User Satisfaction Scores:** - **Security Validation:** 8.8/10 (Category avg: 9.0/10) - **Intelligence Reports:** 9.3/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 9.6/10 (Category avg: 8.6/10) - **Ease of Use:** 8.8/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Lookout](https://www.g2.com/sellers/lookout) - **Year Founded:** 2007 - **HQ Location:** San Francisco, CA - **Twitter:** @Lookout (44,339 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/824768/ (515 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Information Technology and Services, Computer Software - **Company Size:** 43% Small-Business, 41% Enterprise #### Pros & Cons **Pros:** - Ease of Use (5 reviews) - Security (4 reviews) - Protection (3 reviews) - Features (2 reviews) - Management Ease (2 reviews) **Cons:** - Limited Features (2 reviews) - Alert Issues (1 reviews) - Deployment Issues (1 reviews) - Inadequate Reporting (1 reviews) - Inadequate Security (1 reviews) ### 16. [Flashpoint](https://www.g2.com/products/flashpoint/reviews) Flashpoint is the largest privately held threat intelligence provider, enabling mission-critical organizations to proactively confront security challenges globally. Flashpoint Ignite, our unified threat intelligence platform, harnesses the power of primary-source collections, curated human insight, and artificial intelligence to deliver decisive action against a comprehensive range of critical threats. Core Capabilities: → Identify and remediate cyber threats, fraud, vulnerabilities, physical security, and national security risks. → Access over 3.6 petabytes of continuously collected data from the internet’s open and difficult-to-access spaces. Add new channels and data sources in minutes to track sources as they surface. → Operationalize intelligence across your entire security stack with seamless integrations throughout the intelligence lifecycle. **Average Rating:** 4.5/5.0 **Total Reviews:** 83 **User Satisfaction Scores:** - **Security Validation:** 7.1/10 (Category avg: 9.0/10) - **Intelligence Reports:** 8.3/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 7.0/10 (Category avg: 8.6/10) - **Ease of Use:** 8.4/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Flashpoint for Threat Intelligence](https://www.g2.com/sellers/flashpoint-for-threat-intelligence) - **Year Founded:** 2010 - **HQ Location:** New York, NY - **Twitter:** @FlashpointIntel (13,823 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/flashpoint-intel/ (358 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Financial Services, Security and Investigations - **Company Size:** 63% Enterprise, 23% Small-Business #### Pros & Cons **Pros:** - Ease of Use (23 reviews) - Features (21 reviews) - Helpful (13 reviews) - Insights (13 reviews) - Search Functionality (12 reviews) **Cons:** - Lack of Features (8 reviews) - Complexity (6 reviews) - Confusing Interface (6 reviews) - Limited Features (6 reviews) - User Frustration (6 reviews) ### 17. [OpenCTI by Filigran](https://www.g2.com/products/opencti-by-filigran/reviews) OpenCTI is an open-source threat intelligence platform built by practitioners, for practitioners - to break data silos and make threat intelligence available and actionable. Make threat intelligence flow freely between your security systems, make it relevant with business context and build threat exposure reports for executive visibility. Operationalize Threat Intelligence like never before. Visualize, link and enrich it through a unified and consistent data model, STIX. **Average Rating:** 4.7/5.0 **Total Reviews:** 39 **User Satisfaction Scores:** - **Intelligence Reports:** 9.0/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 8.1/10 (Category avg: 8.6/10) - **Ease of Use:** 8.1/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Filigran](https://www.g2.com/sellers/filigran) - **Company Website:** https://filigran.io/ - **Year Founded:** 2022 - **HQ Location:** New York, US - **Twitter:** @FiligranHQ (826 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/filigran (218 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 56% Enterprise, 28% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (18 reviews) - Features (18 reviews) - Customer Support (11 reviews) - Integrations (10 reviews) - Integration Capabilities (9 reviews) **Cons:** - Feature Limitations (6 reviews) - Complexity (5 reviews) - Poor Customer Support (4 reviews) - Poor Documentation (4 reviews) - Dashboard Issues (3 reviews) ### 18. [RiskProfiler - External Threat Exposure Management](https://www.g2.com/products/riskprofiler-external-threat-exposure-management/reviews) RiskProfiler is an advanced cybersecurity platform purpose-built for Continuous Threat Exposure Management (CTEM). It unifies external, cloud, vendor, and brand risk intelligence into a single ecosystem—providing organizations with real-time visibility, contextual threat insights, and actionable remediation guidance. Through its integrated suite, External Attack Surface Managemnet, Third\_party Risk Management, Cloud Attack Surface Management, and Brand Risk Protection; the platform continuously discovers, classifies, and evaluates external-facing assets and risks across the internet, multi-cloud environments, and third-party ecosystems. Powered by AI-enabled risk questionnaires, RiskProfiler automates the exchange, validation, and scoring of security assessments, dramatically accelerating third-party due diligence and compliance validation. The platform’s context-enriched graph engine correlates vulnerabilities, exposures, and configurations with real-world threat data, revealing how attackers might exploit an organization’s digital footprint. Its newly enhanced Cyber Threat Intelligence (CTI) module provides live insights into industry-specific attack trends, threat actor profiles, and evolving TTPs, directly embedded within the dashboard. By analyzing CVEs, IOCs, and exploit patterns, it maps these to relevant assets and potential attack paths, enabling focused, prioritized mitigation. From identifying exposed cloud resources across AWS, Azure, and Google Cloud to uncovering brand impersonation, phishing campaigns, or logo abuse, RiskProfiler delivers unified visibility and continuous monitoring that extends beyond the perimeter. It helps organizations anticipate, contextualize, and neutralize threats before they turn into breaches, transforming exposure management into a truly intelligent, predictive defense capability. **Average Rating:** 4.9/5.0 **Total Reviews:** 117 **User Satisfaction Scores:** - **Intelligence Reports:** 10.0/10 (Category avg: 9.1/10) - **Ease of Use:** 9.9/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Riskprofiler](https://www.g2.com/sellers/riskprofiler) - **Company Website:** https://riskprofiler.io/ - **Year Founded:** 2019 - **HQ Location:** Rock Hill , US - **Twitter:** @riskprofilerio (211 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/riskprofiler (28 employees on LinkedIn®) **Reviewer Demographics:** - **Who Uses This:** Software Engineer, Security Consultant - **Top Industries:** Information Technology and Services, Design - **Company Size:** 66% Mid-Market, 33% Small-Business #### Pros & Cons **Pros:** - Risk Management (70 reviews) - Features (32 reviews) - Customer Support (31 reviews) - Ease of Use (30 reviews) - Easy Setup (29 reviews) **Cons:** - Learning Curve (17 reviews) - Complexity (16 reviews) - Difficult Learning (16 reviews) - Learning Difficulty (10 reviews) - Complex Setup (8 reviews) ### 19. [Microsoft Defender Threat Intelligence](https://www.g2.com/products/microsoft-defender-threat-intelligence/reviews) Microsoft Defender Threat Intelligence (MDTI is a comprehensive security solution designed to help organizations identify, understand, and mitigate cyberthreats. By leveraging a vast repository of threat intelligence, MDTI enables security teams to expose adversaries, analyze their methods, and enhance their defense strategies. The platform integrates seamlessly with existing security tools, providing continuous monitoring and actionable insights to protect against evolving cyberthreats. Key Features and Functionality: - Continuous Threat Intelligence: MDTI offers a complete view of the internet, tracking daily changes to help organizations understand and reduce their exposure to cyberthreats. - Adversary Identification: The platform provides insights into cyberattackers and their tools, enabling organizations to identify potential threats and understand their methods. - Enhanced Alert Investigations: MDTI enriches incident data with comprehensive threat intelligence, allowing security teams to uncover the full scale of cyberattacks. - Accelerated Incident Response: Organizations can investigate and neutralize malicious infrastructure, such as domains and IPs, associated with cyberattackers. - Collaborative Threat Hunting: The platform facilitates teamwork by allowing analysts to collaborate on investigations, share knowledge, and manage security artifacts. - Improved Security Posture: MDTI helps uncover malicious entities and prevent access to dangerous internet resources, enhancing overall security. - File and URL Intelligence: Users can submit files or URLs to instantly assess their reputation, enriching security incidents with contextual threat intelligence. Primary Value and Problem Solved: MDTI empowers organizations to proactively defend against cyberthreats by providing real-time, actionable intelligence. It addresses the challenge of identifying and mitigating complex cyberattacks by offering deep insights into adversaries and their methods. By integrating with existing security tools, MDTI enhances detection, investigation, and response capabilities, enabling organizations to stay ahead of evolving threats and strengthen their overall security posture. **Average Rating:** 4.3/5.0 **Total Reviews:** 21 **User Satisfaction Scores:** - **Security Validation:** 8.2/10 (Category avg: 9.0/10) - **Intelligence Reports:** 8.5/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 8.5/10 (Category avg: 8.6/10) - **Ease of Use:** 8.6/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Microsoft](https://www.g2.com/sellers/microsoft) - **Year Founded:** 1975 - **HQ Location:** Redmond, Washington - **Twitter:** @microsoft (13,105,844 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/microsoft/ (227,697 employees on LinkedIn®) - **Ownership:** MSFT **Reviewer Demographics:** - **Top Industries:** Computer & Network Security - **Company Size:** 43% Small-Business, 26% Enterprise #### Pros & Cons **Pros:** - Ease of Use (4 reviews) - Automation (1 reviews) - Easy Integrations (1 reviews) - Helpful (1 reviews) - Installation Ease (1 reviews) **Cons:** - Incomplete Information (2 reviews) - Information Overload (1 reviews) - Limited Functionality (1 reviews) - Navigation Issues (1 reviews) ### 20. [MetaDefender](https://www.g2.com/products/metadefender/reviews) MetaDefender Platform is an advanced threat prevention solution that lets organizations embed multi-layer file security into existing applications and security architectures, especially to protect common attack vectors like malicious file uploads, untrusted file transfers, and file-based supply chain risk. It’s designed for environments that need stronger protection against highly evasive malware, zero-day attacks, and APTs, including IT and OT/critical infrastructure use cases. MetaDefender easily integrates into your existing IT solutions and can be deployed on-premises (including air-gapped), in cloud/IaaS, or as SaaS. We offer flexible implementation options for ICAP enabled devices, containerized applications, AWS, Azure, NAS/Storage workflows and Rest API. Overview: Multi-engine malware scanning: Quickly scan files with 30+ antivirus engines and detect over 99% of known malware. Deep CDR (Content Disarm & Reconstruction): Recursively sanitize and rebuild 200+ file types to neutralize embedded threats while maintaining file usability, with extensive reconstruction and file conversion options. Proactive DLP: Remove, redact, or watermark sensitive data in files before content enters or leaves the organization; also supports AI-powered document classification. File-based Vulnerability Assessment: Identify vulnerabilities in installers, binaries, and applications before they are installed/executed and reduce exposure to known software flaws. Threat intelligence-driven detection: Identify malicious domains and IPs embedded in documents and support near real-time blocking using curated threat intelligence. Adaptive threat analysis (sandboxing): Detonate and analyze suspicious files in a controlled environment and improve zero-day detection. SBOM & software supply chain visibility: Generate SBOMs and identify vulnerabilities in source code and containers. Reputation Engine: Use file hash reputation (known good/known bad/unknown) and advanced analysis to remediate false positives faster. Visibility, reporting, and policy control: Gain operational visibility, use automated reports for remediation, and configure workflow/analysis rules based on user, business priority, file source, and file type. Free Training - OPSWAT Academy: https://www.opswat.com/academy **Average Rating:** 4.5/5.0 **Total Reviews:** 21 **User Satisfaction Scores:** - **Security Validation:** 7.2/10 (Category avg: 9.0/10) - **Intelligence Reports:** 7.8/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 6.7/10 (Category avg: 8.6/10) - **Ease of Use:** 9.2/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [OPSWAT](https://www.g2.com/sellers/opswat) - **Company Website:** https://www.opswat.com - **Year Founded:** 2002 - **HQ Location:** Tampa, Florida - **Twitter:** @OPSWAT (7,234 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/opswat/ (1,124 employees on LinkedIn®) **Reviewer Demographics:** - **Company Size:** 67% Mid-Market, 43% Small-Business #### Pros & Cons **Pros:** - Ease of Use (12 reviews) - Security (11 reviews) - Protection (10 reviews) - Scanning Efficiency (10 reviews) - Scanning (9 reviews) **Cons:** - Complex Configuration (3 reviews) - Difficult Setup (3 reviews) - Excessive Blocking (3 reviews) - Overblocking (3 reviews) - Policy Management (3 reviews) ### 21. [BlackFog](https://www.g2.com/products/blackfog/reviews) Founded in 2015, BlackFog is a global AI based cybersecurity company that has pioneered on-device anti data exfiltration (ADX) technology to protect organizations from ransomware and data loss. With more than 95% of all attacks involving some form of data exfiltration, preventing this has become critical in the fight against extortion, the loss of customer data and trade secrets. BlackFog recently won the “Best Threat Intelligence Technology” in the 2024 Teiss Awards, “AI-based Cybersecurity Innovation of the Year” award in the CyberSecurity Breakthrough Awards, as well as the 2024 Fortress Data Protection award for its pioneering anti data exfiltration (ADX) technology. BlackFog also won Gold at the Globee awards in 2024 for best Data Loss Prevention and the State of Ransomware report which recognizes outstanding contributions in securing the digital landscape. Trusted by hundreds of organizations all over the world, BlackFog is redefining modern cybersecurity practices. For more information visit blackfog.com **Average Rating:** 4.9/5.0 **Total Reviews:** 32 **User Satisfaction Scores:** - **Security Validation:** 9.8/10 (Category avg: 9.0/10) - **Intelligence Reports:** 9.7/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 9.8/10 (Category avg: 8.6/10) - **Ease of Use:** 9.2/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [BlackFog](https://www.g2.com/sellers/blackfog) - **Company Website:** https://www.blackfog.com - **Year Founded:** 2015 - **HQ Location:** BlackFog Inc. Suite 1400 4 Embarcadero Ctr San Francisco CA 94111, United States - **Twitter:** @blackfogprivacy (1,496 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/blackfog/ (27 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Computer & Network Security, Information Technology and Services - **Company Size:** 58% Small-Business, 27% Mid-Market #### Pros & Cons **Pros:** - Security (17 reviews) - Protection (16 reviews) - Customer Support (12 reviews) - Ease of Use (12 reviews) - Security Protection (10 reviews) **Cons:** - Missing Features (4 reviews) - UX Improvement (4 reviews) - Limited Features (3 reviews) - Alert Management (2 reviews) - Complexity (2 reviews) ### 22. [Dataminr](https://www.g2.com/products/dataminr/reviews) Dataminr provides a revolutionary real-time AI platform for detecting events, risks and critical information from public data signals. Recognized as one of the world's leading AI companies, Dataminr enables faster real-time response and more effective risk management for public and private sector organizations, including multinational corporations, governments, NGOs, and newsrooms. Dataminr Pulse for Corporate Security With Dataminr Pulse for Corporate Security, you can detect, visualize, and respond to events and threats in real-time to: • Improve People Safety: Improve the safety of your employees, executives, customers, and contractors against external risks and threats wherever they are—in the office, working from home, or on a business trip. • Secure Facilities and Events: Protect all your global premises—including offices, manufacturing plants, warehouses, data centers, retail stores, stadiums, arenas, and temporary work locations—against external threats and hazards. • Increase Operational Resilience: Safeguard your revenue-generating activities against external threats and disruptive events that could directly or indirectly affect core business operations. Dataminr Pulse for Cyber Risk Enhance cyber resilience with Dataminr Pulse for Cyber Risk, a real-time, external cyber threat detection solution that empowers your team to: • Identify Digital Risk: Respond quickly to early warnings of threats to and exposures of your organization's digital assets. • Expose Third-Party Risk: Mitigate risk to your organization with increased visibility into threats to your subsidiaries, vendors, and service providers. • Receive Vulnerability Intelligence: Improve prioritization of patching with visibility into the full lifecycle of vulnerabilities. Get alerts about exploits, emerging and trending vulnerabilities, and more. • Respond to Cyber-Physical Risks: Respond to real-time alerts on cyber threats affecting physical assets and physical threats affecting digital assets. **Average Rating:** 4.5/5.0 **Total Reviews:** 48 **User Satisfaction Scores:** - **Security Validation:** 7.6/10 (Category avg: 9.0/10) - **Intelligence Reports:** 7.6/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 8.0/10 (Category avg: 8.6/10) - **Ease of Use:** 8.5/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Dataminr](https://www.g2.com/sellers/dataminr) - **Year Founded:** 2009 - **HQ Location:** New York, NY - **Twitter:** @Dataminr (16,457 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/dataminr/ (776 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Security and Investigations - **Company Size:** 56% Enterprise, 33% Small-Business #### Pros & Cons **Pros:** - Ease of Use (7 reviews) - Alerts (6 reviews) - Monitoring (5 reviews) - Alert Notifications (4 reviews) - Improvement (4 reviews) **Cons:** - Inefficient Alerts (5 reviews) - Complexity (3 reviews) - False Positives (3 reviews) - Information Overload (3 reviews) - Learning Curve (3 reviews) ### 23. [ThreatMon](https://www.g2.com/products/threatmon/reviews) ThreatMon is an AI-powered cyber risk intelligence platform designed to assist organizations in detecting, analyzing, and responding to external cyber threats that may impact their digital assets, brand reputation, and third-party ecosystem. This comprehensive solution provides real-time visibility into an organization’s attack surface exposure, the evolving threat landscape, and overall cyber risk posture, all accessible from a single, unified platform. The platform is particularly beneficial for security and risk management teams who require a holistic view of their cyber environment. ThreatMon integrates various functionalities including attack surface management, threat intelligence, dark web monitoring, fraud detection, surface web monitoring, and supply chain risk intelligence. This integration eliminates the need for multiple, disconnected tools, streamlining the process of threat detection and risk assessment. By consolidating these capabilities, ThreatMon allows organizations to efficiently manage their cyber risk landscape while reducing operational complexity. Key features of ThreatMon include the ability to discover exposed assets, detect phishing attempts, monitor for brand impersonation, and track leaked credentials and data breaches. Additionally, it provides insights into threat actors and assesses vendor and third-party risks, which is crucial for organizations that rely on a complex ecosystem of partners and suppliers. The platform’s built-in governance, risk, and compliance (GRC) capabilities further enhance its utility by mapping compliance requirements and generating executive-level reports. This functionality translates technical findings into actionable business-level insights, enabling stakeholders to make informed decisions regarding their cyber risk management strategies. By unifying external exposure monitoring, threat intelligence, fraud detection, supply chain risk visibility, and governance-level reporting, ThreatMon empowers both security operations teams and executives to understand, prioritize, and respond to cyber risks more effectively. This shift from fragmented, reactive security measures to a proactive, intelligence-driven approach allows organizations to better safeguard their assets and maintain their reputation in an increasingly complex digital landscape. With ThreatMon, organizations can enhance their overall security posture and foster a culture of proactive risk management, ensuring they remain resilient against evolving cyber threats. **Average Rating:** 4.9/5.0 **Total Reviews:** 26 **User Satisfaction Scores:** - **Security Validation:** 9.8/10 (Category avg: 9.0/10) - **Intelligence Reports:** 9.9/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 9.6/10 (Category avg: 8.6/10) - **Ease of Use:** 9.7/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [ThreatMon](https://www.g2.com/sellers/threatmon) - **Company Website:** https://threatmon.io/ - **Year Founded:** 2022 - **HQ Location:** Sterling VA - **Twitter:** @MonThreat (16,162 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/threatmon/ (34 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Computer & Network Security - **Company Size:** 38% Mid-Market, 38% Enterprise #### Pros & Cons **Pros:** - Monitoring (10 reviews) - Threat Detection (10 reviews) - Ease of Use (7 reviews) - Detailed Analysis (6 reviews) - Threat Intelligence (6 reviews) **Cons:** - Excessive Notifications (4 reviews) - Information Overload (4 reviews) - Limited Features (4 reviews) - Inefficient Alerts (3 reviews) - Inefficient Alert System (3 reviews) ### 24. [DeCYFIR by CYFIRMA](https://www.g2.com/products/decyfir-by-cyfirma/reviews) DeCYFIR is an AI-powered preemptive External Threat Landscape Management platform engineered to help organizations predict and prevent cyberattacks before they occur. Adopting a hacker's perspective, it delivers early warnings, prioritized insights, and actionable intelligence across the full external threat landscape. Built on a proprietary 9-pillar architecture — spanning Attack Surface Discovery & Intelligence, Vulnerability Intelligence & Threat Prioritization, Brand & Online Exposure Management, Digital Risk & Identity Protection, Third Party Risk Management, Situational Awareness & Emerging Threats, Predictive Threat Intelligence, Threat Adaptive Awareness & Training, and Sector Tailored Deception Intelligence. DeCYFIR correlates signals across all pillars to cut through noise, surface what is truly critical, and empower security teams to stay decisively ahead of emerging threats. **Average Rating:** 4.7/5.0 **Total Reviews:** 24 **User Satisfaction Scores:** - **Security Validation:** 9.0/10 (Category avg: 9.0/10) - **Intelligence Reports:** 9.0/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 9.2/10 (Category avg: 8.6/10) - **Ease of Use:** 8.8/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [CYFIRMA](https://www.g2.com/sellers/cyfirma) - **Year Founded:** 2017 - **HQ Location:** Singapore, SG - **Twitter:** @cyfirma (1,004 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/cyfirma/ (124 employees on LinkedIn®) - **Phone:** marketing@cyfirma.com **Reviewer Demographics:** - **Top Industries:** Information Technology and Services - **Company Size:** 40% Mid-Market, 40% Small-Business #### Pros & Cons **Pros:** - Threat Detection (12 reviews) - Threat Intelligence (10 reviews) - Cybersecurity (9 reviews) - Features (7 reviews) - Security (7 reviews) **Cons:** - Not User-Friendly (4 reviews) - Complexity (3 reviews) - Learning Curve (3 reviews) - Limited Customization (3 reviews) - Complex Setup (2 reviews) ### 25. [Pentera](https://www.g2.com/products/pentera/reviews) Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers, unfolding true, current security exposures at any moment, at any scale. Thousands of security professionals and service providers around the world use Pentera to guide remediation and close security gaps before they are exploited. Its customers include Casey's General Stores, Emeria, LuLu International Exchange, IP Telecom PT, BrewDog, City National Bank, Schmitz Cargobull, and MBC Group. Pentera is backed by leading investors such as K1 Investment Management, Insight Partners, Blackstone, Evolution Equity Partners, and AWZ. Visit https://pentera.io for more information. **Average Rating:** 4.5/5.0 **Total Reviews:** 141 **User Satisfaction Scores:** - **Security Validation:** 8.2/10 (Category avg: 9.0/10) - **Intelligence Reports:** 8.9/10 (Category avg: 9.1/10) - **Endpoint Intelligence:** 7.8/10 (Category avg: 8.6/10) - **Ease of Use:** 8.7/10 (Category avg: 9.1/10) **Seller Details:** - **Seller:** [Pentera](https://www.g2.com/sellers/pentera) - **Company Website:** https://pentera.io/ - **Year Founded:** 2015 - **HQ Location:** Boston, MA - **Twitter:** @penterasec (3,324 Twitter followers) - **LinkedIn® Page:** https://www.linkedin.com/company/penterasecurity/ (486 employees on LinkedIn®) **Reviewer Demographics:** - **Top Industries:** Banking, Information Technology and Services - **Company Size:** 51% Enterprise, 40% Mid-Market #### Pros & Cons **Pros:** - Ease of Use (9 reviews) - Vulnerability Identification (8 reviews) - Automation (7 reviews) - Customer Support (7 reviews) - Security (6 reviews) **Cons:** - Inadequate Reporting (3 reviews) - Access Control (2 reviews) - False Positives (2 reviews) - Limited Reporting (2 reviews) - Missing Features (2 reviews) ## Parent Category [System Security Software](https://www.g2.com/categories/system-security) ## Related Categories - [Dark Web Monitoring Tools](https://www.g2.com/categories/dark-web-monitoring) - [ Attack Surface Management Software](https://www.g2.com/categories/attack-surface-management) - [Digital Risk Protection (DRP) Platforms](https://www.g2.com/categories/digital-risk-protection-drp-platforms) --- ## Buyer Guide ### What You Should Know About Threat Intelligence Software ### Threat Intelligence Software FAQs ### What are the best threat intelligence software options for small businesses? Here are some of the best threat intelligence software solutions designed to protect [small businesses](https://www.g2.com/categories/threat-intelligence/small-business): - [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) provides small businesses with real-time threat detection and security recommendations across cloud environments. - [ThreatLocker](https://www.g2.com/products/threatlocker-inc-threatlocker/reviews) delivers application whitelisting and ringfencing controls, helping small teams prevent unauthorized access and malware execution. - [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) combines threat protection with performance optimization, ideal for small businesses running web-based services. - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) offers lightweight, cloud-delivered endpoint protection that detects threats quickly without overloading system resources. - [FortiGate NGFW](https://www.g2.com/products/fortigate-ngfw/reviews) delivers enterprise-grade firewall and threat intelligence capabilities in a scalable package suited for small business networks. ### What are the best-rated threat intelligence apps for IT teams? Here are some of the highest-rated threat intelligence apps tailored for IT teams managing complex environments: - [Recorded Future](https://www.g2.com/products/recorded-future/reviews) delivers real-time threat intelligence with deep web insights, helping IT teams proactively detect and prioritize risks. - [CrowdStrike Falcon Endpoint Protection Platform](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) combines threat detection with automated response tools, enabling IT teams to secure endpoints at scale. - [Microsoft Defender for Cloud](https://www.g2.com/products/microsoft-defender-for-cloud/reviews) provides integrated threat detection and security posture management across multi-cloud and hybrid environments. - [Cyberint, a Check Point Company](https://www.g2.com/products/cyberint-a-check-point-company/reviews), offers external threat intelligence focused on digital risk protection, empowering IT teams to counter emerging threats beyond the firewall. - [ZeroFox](https://www.g2.com/products/zerofox/reviews) specializes in identifying external threats across social media, domains, and the dark web, equipping IT teams with actionable intelligence. ### What are the best-rated threat intelligence platforms for startups? Here are some of the most reliable threat intelligence platforms well-suited for agile and growing startups: - [Cloudflare Application Security and Performance](https://www.g2.com/products/cloudflare-application-security-and-performance/reviews) combines powerful DDoS protection and threat intelligence in a lightweight, cost-effective platform ideal for startups scaling web infrastructure. - [ThreatLocker](https://www.g2.com/products/threatlocker-inc-threatlocker/reviews) offers granular application control and real-time threat blocking, giving startups enterprise-grade security without complexity. - [CrowdStrike Falcon Endpoint Protection Platfor](https://www.g2.com/products/crowdstrike-falcon-endpoint-protection-platform/reviews) delivers scalable, cloud-native endpoint protection that’s easy for lean startup teams to deploy and manage. - [CloudSEK](https://www.g2.com/products/cloudsek/reviews) provides AI-driven threat detection and digital risk monitoring, helping startups stay ahead of emerging threats across assets and brand mentions. - [Censys Search](https://www.g2.com/products/censys-search/reviews) enables startups to continuously map and monitor their attack surface, offering visibility and threat data without heavy setup.