Threat Intelligence Platforms

Best Threat Intelligence Platforms include:

Sophos UTM.

Threat Intelligence Platforms Overview

What is a Threat Intelligence Platform?

A Threat Intelligence Platform helps organizations aggregate, correlate, and analyze threat data from multiple sources in real time to support defensive actions. A Threat Intelligence Platform can be a cloud or on-premise system to facilitate management of threat data from a range of existing security tools such as a SIEM, firewall, API, endpoint management software or Intrusion Prevention System. The primary purpose is to help organizations understand the risks and protect against a variety of threat types most likely to affect their environments.

Threat Intelligence Platforms Features & Capabilities

  • Data feeds from a variety of different sources including industry groups
  • Data triage
  • Alerts and reports about specific types of threats and threat actors
  • Analysis and sharing of threat intelligence
  • Normalization and scoring of risk data

Pricing Information

Threat intelligence pricing is often a subscription to multiple data feeds, with tiered pricing based on number of users. Data fees vary in cost from about $1,500 and $10,000 depending on the number of feeds.

Threat Intelligence Products

(1-25 of 35) Sorted by Most Reviews

AlienVault USM
652 ratings
382 reviews
Top Rated
AlienVault® Unified Security Management® (USM) delivers threat detection, incident response, and compliance management in one unified platform. It is designed to combine all the essential security capabilities needed for effective security monitoring across cloud and on-premises environments, inclu…
Sophos UTM
29 ratings
8 reviews
Sophos UTM provides core firewall features, plus sandboxing and AI threat detection for advanced network security. It has customizable deployment options.
WhoisXML API Enterprise API and Data Feed Packages
2 ratings
2 reviews
About WhoisXML APIWhoisXML API’s Enterprise API Packages and Data Feed Packages provide comprehensive, historical, and real-time domain, IP, and cyber intelligence. With API packages, enterprises, managed security providers, and security solutions vendors can stay one step ahead of potential securit…
Mimecast Threat Intelligence
2 ratings
2 reviews
Mimecast offers a threat intelligence service, including the company's Threat Intelligence Dashboard, threat remediation, and the Mimecast Threat Feed for integration threat intelligence into compatible SIEM or SOAR platforms.
SolarWinds Threat Monitor
3 ratings
2 reviews
SolarWinds Threat Monitor empowers MSSPs of all sizes by reducing the complexity and cost of threat detection, response, and reporting. You get an all-in-one security operations center (SOC) that is unified, scalable, and affordable.
Recorded Future
2 ratings
1 reviews
Boston-based Recorded Future presents a vulnerability management solution.
Anomali ThreatStream
3 ratings
1 reviews
ThreatStream from Anomali in Redwood City speeds detection of threats by uniting security solutions under one platform and providing tools to operationalize threat intelligence. ThreatStream also automates many of the tasks typically assigned to security professionals, freeing analysts to quickly ha…
ThreatConnect, from the company of the same name in Arlington, is described by the vendor as an Intelligence-Driven Security Operations Platform with both Security Orchestration Automation and Response (SOAR) and Threat Intelligence Platform (TIP) capabilities. They state ThreatConnect unites intell…
LookingGlass Cyber Solutions
LookingGlass Cyber Solutions is a threat protection solution protecting against cyber attacks to global enterprises and government agencies The product is augmented by a team of security analysts who enrich the data feeds and provide timely insights to customers of potential risks.
Exabeam Security Management Platform
Exabeam headquartered in San Mateo, offers their SIEM platform, the The Exabeam Security Management Platform. The vendor states the modular Exabeam platform allows analysts to collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response. The Exabeam platform…
Symantec DeepSight Intelligence
Symantec DeepSight Intelligence is provides timely, actionable threat intelligence enabling trams to assess risk and implement proactive controls.
FireEye iSIGHT Threat Intelligence
FireEye iSIGHT Threat Intelligence is a proactive, comprehensive threat intelligence platform delivering visibility to global threats before, during and after an attack. It also helps with incident response.
Proofpoint Domain Discover for Email
Proofpoint Domain Discover for Email provides a library and actionable intelligence of spoof and lookalike domains used to support phishing attempts against enterprise email users.
Proofpoint Nexus
Proofpoint Nexus is the security company's threat intelligence platform, now available to customers, which provides real-time data that spans email, social media, mobile devices and SaaS applications, supporting correlative study of attack behaviors and preemptive or forensic exploration and analysi…
Proofpoint Emerging Threat Intelligence
Proofpoint Emerging Threat (ET) Intelligence provides actionable threat intel feeds to identify IPs and domains involved in suspicious and malicious activity.
CenturyLink Analytics and Threat Management
With CenturyLink® Analytics and Threat Management services, you get the visibility needed to proactively identify potential security issues and respond to them before they cause harm. And with our event and incident management and response services, you can ease the burden of having to develop and …
Snare is an IT security analytics suite of applications from Prophecy International headquartered in Adelaide, providing a complete log monitoring and management solution, as well as network threat intelligence.
Sentinel IPS
Sentinel IPS promises advanced threat protection at the network’s edge with Network Cloaking™, blocking malware, exploitation attempts, and other threats before they reach the firewall. Sentinel Internal Intelligence aims to give visibility inside the network, and the ability to monitor the entire i…
Marlabs Rapid 360
Marlabs headquartered in Piscataway offers Rapid 360, a threat intelligence platform.
IBM X-Force Incident Response and Intelligence Services (IRIS)
IBM X-Force IRIS can be deployed on-site to provide a complete cybersecurity incident response, threat intelligence, and breach remediation platform.
IBM X-Force
IBM experts provide the X-Force threat intelligence suite of services, including X-Force Research and X-Force Research Publications, and the X-Force Exchange platform for sharing threat intelligence knowledge and best practice with industry experts.
Imperva Attack Analytics (formerly ThreatRadar)
Imperva Attack Analytics, (formerly ThreatRadar), is a threat intelligence service relying on research from Imperva's Application Defense Center (ADC), integratable into Imperva's WAF solutions and able to be fed into enterprise security data.
Check Point ThreatCloud
Check Point Software Technologies provides threat intelligence via the Check Point ThreatCloud.
Kaspersky Private Security Network
Kaspersky Labs offers threat intelligence as a service, but for those who prefer a secure on-premise technology-based solution, the company also provides Kaspersky Private Security Network, a threat intelligence platform supporting network security apps, appliances, and other Kaspersky security soft…
Webroot BrightCloud
Webroot offers the BrightCloud platform, providing a suite of threat intelligence services such as the Webroot BrightCloud Web Classification and Reputation Services, Webroot BrightCloud IP Reputation Service, the Webroot BrightCloud Real-Time Anti-Phishing Service, Webroot BrightCloud Streaming Mal…