TrustRadius: an HG Insights company

Recorded Future Intelligence Cloud

Score9.3 out of 10

15 Reviews and Ratings

Get a Demo

What is Recorded Future Intelligence Cloud?

Recorded Future is an intelligence company. Its Intelligence Cloud provides coverage across adversaries, infrastructure, and targets. Combining persistent and pervasive automated data collection and analytics with human analysis, Recorded Future provides visibility into the digital landscape, enabling countries and organizations to take proactive action to disrupt adversaries.

Categories & Use Cases

Key Features

Learn about the best (and worst!) features Recorded Future Intelligence Cloud has to offer, as determined by TrustRadius' reviewers.
Based on 15 ratings of Recorded Future Intelligence Cloud's features
View all features

Top Performing Features

  • Automated Alerts and Reporting

    Systems in place to automatically alert, report, or notify of issues that may need timely remediation.

    Category average: 8.1

  • Threat Intelligence Reporting

    Generates reports that display information on threats (such as name, type, frequency of attack, area affected, etc.)

    Category average: 8.1

  • Threat Analysis

    Analyzing known factors such as behavior patterns, affected areas, and other specific features to more easily identify a threat.

    Category average: 7.2

Areas for Improvement

  • Threat Recognition

    Detection and recognition of malicious software within a network that could pose a threat to sensitive information.

    Category average: 7.4

  • Vulnerability Classification

    Prioritizing vulnerabilities, to determine which vulnerabilities are most urgent and require a quicker resolution.

    Category average: 7.2

  • Network Analytics

    Analyzes various data reports and logs (DNS, firewall, user data, security information etc.) to identify threats in a network.

    Category average: 7.3

Reviews

What users are saying about Recorded Future Intelligence Cloud.
View all reviews

Nice to have - good coverage of thousands of sources

Incentivized
Verified User
Analyst in Information Technology (10,001+ employees employees)

Use Cases and Deployment Scope

Recorded Future is being used in a daily basis for research purposes. The tool is indexing a lot of different feeds and information that is published on the Internet in real-time. It is allowing us to search across thousand of sources at the same time and saving us a lot of time when researching about a certain topic. It is also possible to configure alerts, so as soon as a certain query is having any match, you receive an alert (email notification, push notification, slack message...).

Pros

  • Searching across multiple sources at the same time
  • Indexing information in real time
  • Dashboards, statistics and heatmaps about a certain topic

Cons

  • The learning curve for using the platform is high. It is not easy to use, and you have to invest time in order to know how to search appropriately.
  • Depending on your subscription and role, there are some information that is not available. Sometimes the information can be a little bit limited unless you have all the modules included in your subscription
  • API capabilities are improving but there are still some features that are missing and some errors that are hard to handle / understand

Return on Investment

  • We are able to cover a lot of sources only with this intelligence provider, not having to have specific tools for clear web / social media monitoring
  • As the Recorded Future staff is doing the under demand integration of new sources, we are saving a couple of positions as we do not have to develop our own crawlers
  • It is possible to integrate the solution with tools such as Splunk, which is really useful in order to obtain KPIs, metrics and other useful insights for the executive members of the company

Alternatives Considered

Mandiant Advantage Threat Intelligence, Kaspersky Threat Management and Defense and FlashPoints

Other Software Used

Mandiant Advantage Attack Surface Management, Kaspersky Threat Management and Defense, Cybersixgill

A tool every SOC should have

Incentivized
Verified User
Professional in Information Technology (51-200 employees employees)

Use Cases and Deployment Scope

Recorded Future is being utilized by SOC analysts as a threat intel. Since our company offers SOC services among our clients, Recorded Future has been advantageous to us in processing artifacts and identifying possible threats in a short period of time.

Pros

  • Gives latest threat reports regarding an artifact (IP, domain or hash).
  • Browser extension provides a real-time information about an artifact.
  • Accurate in identifying malicious domains and IPs.

Cons

  • For the Browser extension, since the main purpose is to present information with regards to the IP, I think it's best to give us an idea of where the IP originated/some additional information about the organization it belongs to.

Most Important Features

  • Web page display of the IP/domain reputation
  • Queries for pwned domains of our clients

Return on Investment

  • Recorded Future crashes my web browser in cases I have to open a web page containing hundreds of IPs. A quick disable feature for a particular tab would be beneficial for someone like me.

Alternatives Considered

VirusTotal

Other Software Used

VirusTotal

Brand-monitoring, reputation and risk-assessment in one tool.

Incentivized
Verified User
Engineer in Information Technology (501-1000 employees employees)

Pros

  • Everything they find is also available in their own cache. So for example if a pastebin expired, you can still view it later on.
  • The risk score of vulnerabilities shows actual malicious activity. Image the CVS-Score is medium, but there is a lot of exploit chatter, you want to prioritize fixing this vulnerability.
  • Their watchlists are easy to set up and offer monitoring your tech-stack, peers, persons of special interest, etc.

Cons

  • E-Mail reports can show unrelated content, especially sometimes you'll see alerts popping up for articles which have been published years ago but for some reason were just recently discovered by RF.
  • Yara rules from their insikt blog sometimes are not syntactically correct and need to be manually edited to actually work. There's some proper QA missing.
  • Their global and 3rd party risk reports could be more tailored towards the industries of their client. There is entries for totally unrelated security incidents. Of course a global list aims to find incidents on a global view, but it doesn't add much value at that point.

Return on Investment

  • We've been able to identify leaked credentials and close those accounts off.
  • We've also been able to identify malware being distributed or spam being sent out by customers using our infrastructure. Again we could shut off those accounts.
  • Their domain-monitoring allows us to identify typo-squats and issue domain-takedowns for those (or at least add them to our monitoring / detection)