Maltego Features
Orchestration (3)
Asset Management
As reported in 10 Maltego reviews.
Lets users group and organize their endpoints to gather threat intelligence on specific technologies.
Security Workflow Automation
Reduces the need for IT and security professionals to iterate repetitive tasks associated with gathering threat information.
Deployment
The process in which users integrate their existing security systems and endpoints to the threat intelligence platform.
Information (1)
Intelligence Reports
11 reviewers of Maltego have provided feedback on this feature.
The ability for users to produce reports outlining detailed and personalized threat information
Personalization (1)
Endpoint Intelligence
Analysis for users to examine threat intelligence data specific to their endpoint devices.
Response (4)
Resolution Automation
Diagnose and resolve incidents without the need for human interaction.
Resolution Guidance
Guide users through the resolution process and give specific instructions to remedy individual occurrences.
System Isolation
Cuts off network connection or temporarily inactivate applications until incidents are remedied.
Threat Intelligence
Gathers information related to threats in order to gain further information on remedies.
Records (3)
Incident Logs
Information on each incident is stored in databases for user reference and analytics.
Incident Reports
Produces reports detailing trends and vulnerabilities related to their network and infrastructure.
Resource Usage
Analyzes recurring incidents and remedies to ensure optimal resource usage.
Management (3)
Incident Alerts
Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.
Database Management
Adminstrators can access and organize data related to incidents to produce reports or make data more navigable.
Workflow Management
Administrators can organize workflows to guide remedies to specific situations incident types.
Detection (4)
Payment Verification
Requires verification of credit card, debit card, and money transfers prior to accepting payments
Bot Mitigation
Monitors for and rids systems of bots suspected of committing fraud.
Real-Time Monitoring
Constantly monitors system to detect anomalies in real time.
Alerts
Alerts administrators when fraud is suspected or transactions have been declined.
Analysis (3)
ID Analytics
Stores data from external or internal sources related to fake accounts, evaluating users for risk.
Intelligence Reporting
Actively gathers data on suspicious purchasing sources and characteristics of common committers of fraud.
Incident Reports
Produces reports detailing trends and vulnerabilities related to payments and fraud.
Administration (3)
Fraud Markers
Tags users suspected of committing fraud and identifies them upon return.
Transaction Scoring
Rates each transaction's risk based on specific factors and their benchmarked scores.
Blacklisting
Prevents previous committers of fraud from future transactions.
Identification (3)
Reseller Database
Provide a database or authorized and unauthorized resellers
Monitoring
Monitor online product and pricing information
Violations
Identify pricing or brand policy violations
Enforcement (3)
Communication
Ability to warn resellers about violations
Plans
Provide plans to enforce pricing and brand policies
Track
Track the effectiveness of enforcement activities
Analysis (5)
File Analysis
Identifies potentially malicious files and applications for threats files and applications for abnormalities and threats.
Memory Analysis
Analyzes infortmation from a computer or other endpoint's memory dump for information removed from hard drive.
Registry Analysis
Identifies recently accessed files and applications for abnormalities and threats.
Email Analysis
Parses and/or extracts emails and associated content for malware, phishing, other data that can be used in investigations.
Linux Analysis
Allows for parsing and/or extraction of artifacts native to Linux OS including but not limited to system logs, SSH activity, and user accounts.
Functionality (10)
Incident Alerts
Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.
Anomaly Detection
Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.
Continuous Analysis
Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.
Decryption
Facilitates the decryption of files and data stored using cryptographic algorithms.
Silent Deploy
Silently deploys on endpoints without alerting users.
Detect Data Movement
Detects data movement to external USBs or external drives or uploaded to cloud storage or emails and excessive printer-usage.
File and Application Activity
Tracks activities taken on files or in applications, including save, print, or delete actions.
Trigger Alerts
Sends alerts to administrators when users take insider threat actions .
Searchable Evidence
Maintains active and historical evidence in a searchable format.
Risk Scoring
Provides risk scoring for suspicious activity.
Remediation (3)
Incident Reports
Produces reports detailing trends and vulnerabilities related to their network and infrastructure.
Remediation Suggestions
Provides relevant and helpful suggestions for vulnerability remediation upon detection.
Response Automation
Reduces time spent remedying issues manually. Resolves common network security incidents quickly.
Monitoring (7)
Screen Recording
Records video or screenshots of endpoint sessions.
Keystroke Logging
Logs keystrokes of users.
Sentiment Analysis
Analyzes user writing patterns to determine sentiment changes to identify disgruntled workers.
Gap Analysis
Analyzes data associated with denied entries and policy enforcement, giving information of better authentication and security protocols.
Vulnerability Intelligence
Stores information related to common vulnerabilities and how to resolve them once incidents occur.
Compliance Monitoring
Monitors data quality and sends alerts based on violations or misuse.
Continuous Monitoring
Aggregates real-time updates and historical data from multiplate internal and external data sources to support ongoing proactive threat response.
Asset Management (3)
Asset Discovery
Detects new assets as they enter cloud environments and networks to add to asset inventory.
Shadow IT Detection
Identifies unsanctioned software.
Change Management
Provides tools to track and implement required security policy changes.
Risk Management (4)
Risk-Prioritization
Allows for vulnerability ranking by customized risk and threat priorities.
Reconnaissance
Gathers information about the system and potential exploits to be tested.
At-Risk Analysis
Uses machine learning to identify at-risk data.
Threat Intelligence
Stores information related to common threats and how to resolve them once incidents occur.
Generative AI (9)
AI Text Summarization
Condenses long documents or text into a brief summary.
AI Text Generation
Allows users to generate text based on a text prompt.
AI Text Summarization
Condenses long documents or text into a brief summary.
AI Text Summarization
Condenses long documents or text into a brief summary.
Generate Attack Scenarios
Use AI to propose possible threat actor tactics, techniques, and procedures against specific environments or assets.
Generate Threat Detection Rules
Use AI to automatically create detection rules based on observed patterns.
Generate Threat Summaries
Use AI to produce concise summaries of complex threat reports or alerts.
AI Text Generation
Allows users to generate text based on a text prompt.
AI Text Summarization
Condenses long documents or text into a brief summary.
Agentic AI - Threat Intelligence (4)
Autonomous Task Execution
Capability to perform complex tasks without constant human input
Multi-step Planning
Ability to break down and plan multi-step processes
Proactive Assistance
Anticipates needs and offers suggestions without prompting
Decision Making
Makes informed choices based on available data and objectives
Agentic AI - Fraud Detection (3)
Cross-system Integration
Works across multiple software systems or databases
Adaptive Learning
Improves performance based on feedback and experience
Decision Making
Makes informed choices based on available data and objectives
Top-Rated Alternatives
