Top Tools / February 18, 2022

The world's biggest online directory of resources and tools for startups and the most upvoted product on ProductHunt History.

Top 45 Threat Intelligence Tools

Today, digital technologies are at the heart of nearly every industry. Automation and increased connectivity have revolutionized the world's economic and cultural institutions, but they have also introduced risk in the form of cyberattacks. This has given rise to the emergence of Threat Intelligence Tools. Threat intelligence is information that enables you to prevent or mitigate attacks.

Threat intelligence, which is based on information, gives explanations to make well-informed security decisions, such as who is attacking you, what their motivation and abilities are, and what markers of a negotiated settlement in your processes to look for. Many businesses are implementing Threat Intelligence Tools to combat these issues. These tools can be used as a SaaS or on-premise solution to manage cyber threat intelligence and related entities such as actors, campaigns, incidents, signatures, bulletins, and TTP.

Below is a list of the Top Tools that you must know to protect yourself from these attacks.

1. Cisco Umbrella

Cisco is one of the world's largest providers of security and networking solutions. Cisco Umbrella is a cloud-based solution that protects your endpoints, remote users, and office locations by leveraging threat intelligence.

Key Features:

  • It gathers cross-product security information from Cisco infrastructure and third-party sources.

  • It provides end-to-end visibility and protection against phishing, malware, and ransomware attacks.

  • You can benefit from specific APIs and native connectors.


Cisco Umbrella is available in a variety of packages, with prices starting at $2.25 per user per month.


DeCYFIR is a cyber threat intelligence tool developed by the Singapore-based cybersecurity firm CYFIRMA. It aids in the detection and decoding of threats directly from the locations where hackers operate. This threat intelligence tool's key features include:

Key Features:

  • It can detect external indicators as well as correlate external threats with existing vulnerabilities.

  • Through additional training and education, it provides a complete cyber threat intelligence solution.

  • On request, it can be integrated with your existing infrastructure.


Pricing varies depending on the environment and requirements; for example, an all-in-one AWS implementation costs $20,000 per month.

3. Echosec

Echosec is a Canadian company that specializes in open-source intelligence (OSINT) tools. Its flagship platform protects your business by leveraging social media and dark web data. This cyber threat intelligence tool's key features include:

Key Features:

  • Echosec identifies urgent and real-time risk information, and it can even extract data from the deep and dark web.

  • It connects to a variety of external data sources, including illicit forums, dark web marketplaces, and global security feeds.

  • It provides round-the-clock monitoring and complete protection via pre-built data search filters.


You can request a quote on their website.

4. GreyNoise

GreyNoise is a cybersecurity startup based in the United States that helps reduce false positives when analyzing threat intelligence data. It collects information classified as noise, which a security analyst may overlook.

Key Features:

  • It collects IP label data to identify instances where security tools are overwhelmed by noise.

  • GreyNoise insights are delivered via APIs and visualizers that can be customized for a variety of scenarios.

  • GreyNoise can scan hundreds of thousands of IPs to highlight emerging threats, provide contextualized information, and find actionable alerts.


Pricing begins at $25,000 per year, with a free Community edition also available.

5. IntSights External Threat Protection (ETP) Suite

Rapid7's IntSights ETP Suite is a 360-degree cyber threat intelligence tool that is available on the NASDAQ. In 24 hours, it provides you with rich and actionable insights.

Key Features:

  • It is extremely adaptable and can be used for phishing protection, brand security, fraud detection, and data leak detection.

  • It is a comprehensive tool that protects against all types of cyber risks.

  • It is extensible in the sense that it can be integrated with other systems.


The cost of IntSights External Threat Protection (ETP) Suite is not disclosed, but a free threat intelligence report is available.

6. Luminar by Cognyte

Cognyte is a security analytics company that was previously a part of Verint Systems. Cognyte's cyber threat intelligence tool, Luminar, enables the implementation of a proactive, research-based cybersecurity strategy.

Key Features:

  • Luminar's dashboards can be customized, automated processes can be set up, and the tool can be tailored to your specific needs.

  • It is comprehensive in that it covers multiple domains such as financial crime and cyber-terrorism and can generate insights in over 20 languages.


You can request a quote on their website.

7. Recorded Future

Recorded Future is a cybersecurity firm based in the United States that provides predictive cyber threat intelligence. This information also includes brand, SecOps, fraud, vulnerability, and geopolitical threats.

Key Features:

  • It is based on the Intelligence Graph, a reference data set that has been curated over 10 years and is constantly updated.

  • It is adaptable in that it evaluates threat indicators for various risks that your business may face, and you can narrow your search using advanced filters.

  • It provides a comprehensive and end-to-end view of the threat lifecycle, from the attacker to the midpoint to the target.


Pricing varies depending on the implementation environment, with AWS starting at $10,000.

8. Threat Intelligence APIs

Threat Intelligence API is a collection of cyber threat intelligence integrations available at threat, a cybersecurity company based in the United States. It is a subsidiary of Whois API Inc.

Key Features:

  • Because of its API-based architecture, this cyber threat intelligence tool is inherently flexible.

  • It scans multiple threat data repositories as well as the company's collection of rich databases accumulated over time.

  • It covers a broad range of use cases, assisting with the analysis of domain infrastructure, SSL certificates and configurations, domain reputation, and malware.


Pricing begins at $15 per month, with a free (limited) plan available.

9. ThreatFusion

ThreatFusion is a cyber threat intelligence tool developed by SOCRadar, a cybersecurity firm based in the United States. It aids in threat investigations by utilizing artificial intelligence and big data.

Key Features:

  • It is highly adaptable and agile, allowing you to obtain accurate results from the dark web, third-party research, and other sources.

  • ThreatFusion includes the ThreatShare module, which collects external data from hacker chatter on social media and dark web communication channels.

  • It not only covers a substantial body of external threat knowledge but also auto-aggregates insights from weekly news.


ThreatFusion is available in four editions: Standard, Professional, Enterprise, and Premium, each with its price.

10. ZeroFox

ZeroFox is a company based in the United States that provides security intelligence to prevent phishing, impersonation, malicious domains, and data leakage. It recently announced its intention to go public.

Key Features:

  • ZeroFox is designed solely for external threat protection, safeguarding your brand and senior executives from malicious attacks.

  • It provides all-around protection by assisting in the elimination of hackers via Adversary Disruption and Takedown-as-a-Service.

  • ZeroFox has a large integration library that includes all popular IT tools.


You can request a quote on their website.

11. ManageEngine PAM360

ManageEngine PAM360 is a corporate IT team's administrator accounts security solution. It provides business owners with complete access control governance and allows for deep connection of advantaged access data with overall network data from a single, console.

Key Features:

  • Allow privileged users to connect to remote hosts with a single click, without the use of endpoint agents, browser plug-ins, or helper programs.

  • Record sessions and save them as video files to aid in investigative audits.

  • Provides AI and machine learning-driven anomaly detection capabilities to detect unusual privileged activity at a glance.


You can request a quote on their website.

12. ActivTrak

ActivTrak enables enterprises to realize their full overall productivity. Their prize-winning workforce analytics and productivity software solutions deliver expert insights that embolden employees while optimizing equipment and procedures.

Key Features:

  • This software will be an essential component of the new and improved learning process as more schools embrace technology in the classroom.

  • The ease of deployment and the service's stealth; it is almost undetectable, making it the ideal tool for the consulting services we provide as a company.

  • The support is fantastic and extremely beneficial. Over the last few months, customer care has resolved a few employee issues.


The package starts at $9 per month.

13. Keeper

Keeper is the foremost Password Security Platform for preventing data breaches and cyber threats caused by passwords. Keeper allows your company to auto-generate strong passwords, protect sensitive files in an encrypted digital vault, securely share records with teams, and integrate with SSO, LDAP, and 2FA.

Key Features:

  • Protection, ease of use, the ability to share records with your company's account managers, and a reasonable price.

  • This is widely used because it is a great place to save all of your passwords and it will autofill. Also suggests when a new website attempts to create a password.

  • A Keeper is an excellent tool for keeping your accounts (and the data contained within them) secure, and it assists you in creating secure passwords.


You can request a quote on their website.

14. TunnelBear

When you enable TunnelBear, your internet connection is encrypted with AES-256 bits and your public IP address is changed to the country of your choice. TunnelBear is used by businesses for Keeping remote and traveling employees safe. Testing for global quality assurance.

Key Features:

  • TunnelBear for Teams is ideal for small to medium-sized businesses that rely on cloud-based tools for day-to-day communication and collaboration.

  • TunnelBear is a reliable VPN service. It has strong security features, unblocks most streaming services such as Netflix, DAZN, and YouTube, and has a fun theme.

  • Additionally, there may be some improvements to torrenting, as users are currently experiencing throttling.


Pricing for Unlimited starts at $3.33 per month and scales up to other pricing tiers.

15. Netwrix Auditor

Netwrix Auditor is a connectivity technology that offers you control over adjustments, combinations, and access in hybrid IT environments while also relieving you of the pressure of your next compliance audit. Changes in your on-premises and cloud systems, such as Active Directory, Windows Server, file storage, databases, Transfer, VMware, and others, should be monitored.

Key Features:

  • The platform, which includes a RESTful API and user activity video recording, provides unified visibility and control across all of your on-premises and cloud-based IT systems.

  • The software is reasonably priced, and once installed and operational, it is very stable and solid.


You can request a quote on their website.

16. Datadog

Datadog is software-as-a-service monitoring, security, and analytics platform for cloud-scale infrastructure, applications, logs, and other data. The platform helps organizations improve agility, efficiency, and end-to-end visibility across dynamic or large-scale infrastructures.

Key Features:

  • Datadog enables Dev, Sec, and Ops teams to ensure application uptime and accelerate go-to-market efforts by collecting metrics and events from 400+ out-of-the-box services and technologies.

  • It is cloud-based monitoring, security, and analytics platform for developers, IT operations teams, security engineers, and business users.


Prices begin at $15 per host per month. There are pay-as-you-go and subscription options available.

17. Automox

Automox enshrines OS and third-party security patches, security configurations, and custom typescript across Windows, Mac, and Linux from a solitary intuitive console. IT and SecOps can gain significantly greater visibility and control of on-premises, distant, and virtual edge devices with no need to deploy costly facilities.

Key Features:

  • It enforces OS and third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console.

  • It significantly reduces corporate risk while increasing operational efficiency, allowing it to deliver best-in-class security outcomes faster and with fewer resources.


You can request a quote on their website.

18. Zoho Vault

Zoho Vault is a team-oriented online password manager. It allows you to securely store, share, and manage your passwords from any location. With Zoho Vault, you can stay organized while keeping your passwords secure.

Key Features:

  • Zoho Vault provides excellent security, fine control over users and passwords, and outstanding third-party integrations.

  • It's also reasonably priced, and the customer service is among the best we've seen in a password manager service.

  • It's an excellent password manager for organizations and businesses.


For personal use, there is no charge. Standard: $1 per month per user Professional: $4 per month per user Enterprise: $7 per month per user

19. AppTrana

AppTrana is a fully managed Web application firewall that includes Web application scanning to identify application-layer vulnerabilities; instant and managed risk-based protection with its WAF, Managed DDOS and Bot Mitigation service, and Web site acceleration with a bundled CDN or can integrate with an existing CDN.

Key Features:

  • AppTrana offers companies special precautions against known risks, as well as round-the-clock safeguards against DDOS, Bots, and arising security threats, and is ideal for growth.

  • AppTrana aids in the filtering of requests from specific geo-location IP addresses and provides a summary of blocked attacks in the daily report.

  • It is very effective for D Dos attack protection in addition to filtering traffic based on the source address.

  • The most important aspect is its low cost in comparison to other solutions with comparable features.


Pricing for AppTrana begins at $99.00 per feature, per month. There is a free version available. AppTrana provides a free trial period.

20. USM Anywhere

USM Anywhere provides a unified, simple, and cost-effective threat detection and compliance solution. USM enables mid-size organizations to defend against modern threats by leveraging the most recent AlienVault Labs Threat Intelligence and the Open Threat Exchange, the largest crowd-sourced threat intelligence exchange.

Key Features:

  • USM Anywhere is a cloud-based security platform that assists midsize to large businesses with risk detection, vulnerability assessment, security monitoring, and threat response.

  • Users can use the security platform to collect and detect information such as software services, the number of users logged in, and the operating system of assets.

  • Its behavioral monitoring capability also includes Netflow data, bandwidth, and traffic capture.


Pricing for USM Anywhere begins at $3.00 as a one-time payment. There is a free version available.

21. ThisData

ThisData prevents account takeover by verifying the identity of a user logging into your app using machine learning algorithms and contextual information. ThisData allows developers to quickly add a second authentication factor to their apps.

Key Features:

  • Users can generate reports that reveal shared user accounts and lost revenue.

  • To prevent account takeover and security breaches, ThisData will automatically block access to high-risk logins or confirmed threats.

  • The solution is globally available and can be implemented without any configuration.

  • ThisData verifies users' identities by utilizing anomaly detection, contextual information, and machine learning.


Paid plans begin at $49 and include additional features and higher limits. Enterprise plans are available for users with more than 10,000 MAU.

22. Threat Detection Marketplace

SOC Prime Threat Detection Marketplace is a SaaS content platform that enables security professionals to detect and respond to cyber threats through the use of SIEM, EDR, and SOAR tools. TDM is an online library of over 52,000 SIEM & EDR rules, queries, and other tools designed to work directly in the SIEM platform you already own.

Key Features:

  • TDM includes SOC-ready dashboards, rule packages, Elastic Stack Machine Learning recipes, and Sigma rules that are updated daily and streamed via API.

  • They work together to deliver rules, parsers, and machine learning models that cover the most recent threats, behavior-based threat hunting, cloud security monitoring, and proactive exploit detection.

  • As a pioneer supporter of the Sigma language, SOC Prime collaborates with a global community of 300+ security researchers.


You can request a quote on their website.

23. IBM X-Force Exchange

IBM X-Force Exchange is a cloud-based, collaborative threat intelligence platform that assists security analysts in focusing on the most critical threats and reducing time to action. This TIP combines human-generated intelligence with a global security feed to provide a unique view of potential threats. IBM X-Force Exchange monitors over 25 billion websites worldwide, thanks to its internal research team and the software that powers its feed.

Key Features:

  • The X-Force Exchange dashboard is customizable, allowing users to prioritize relevant intelligence, such as advisories and vulnerabilities, based on their needs.

  • Using the Timeline view, analysts can easily see the risk level assigned to potential threats, as well as how the risk level has changed over time.

  • It provides intelligence on IP and URL reputation, web applications, malware, vulnerabilities, and spam and boasts unlimited scalability and queries.


The package starts at $2,000 per user per 10,000 records per month.

24. Anomali ThreatStream

Anomali ThreatStream collects millions of threat indicators to detect new attacks, discover existing breaches, and help security teams quickly understand and contain threats. Anomali makes it simple to extend the information collected by the TIP through the Anomali App store, in addition to the 140 open-source feeds included with the product. Users can evaluate and purchase additional intelligence feeds from this page. This additional information contextualizes threats, reducing the occurrence of false positives significantly.

Key Features:

  • Anomali's highly accurate machine-learning algorithm assigns scores to indicators of compromise (IoCs) so that security teams can prioritize mitigation tasks is a key differentiator.

  • Compatibility with third-party intelligence tools

  • Extraction of data from suspected phishing emails

  • It provides some free threat intelligence tools.

  • ThreatStream can also be integrated with a variety of popular SIEMs and orchestration platforms to improve threat detection and remediation workflows.


You can request a quote on their website.

25. SolarWinds Security Event Manager

SolarWinds Security Event Manager (SEM) integrates event tracking and a threat intelligence feed. It can detect both potential and active threats and automatically deploy responses to mitigate them. SEM can detect and respond to threats in both on-premises data centers and cloud environments.

Key Features:

  • Tracking of Log Events

  • SolarWinds SEM was built with a simple, centralized dashboard and command interface that makes it simple to keep track of identified threats and quickly resolve security issues.

  • Analysis and correlation of logs

  • Alarm system with a centralized interface

  • Reports on compliance


SolarWinds LEM is priced on a per-node basis, with 30 nodes starting at $4,585.

26. Palo Alto Networks Cortex

Palo Alto Networks AutoFocus threat intelligence service has been replaced by the new Cortex XSOAR Threat Intelligence Management (TIM) platform. The new platform aims to surface the most relevant threats using context, automation, and threat data from Palo Alto's Unit 42 threat intelligence group as well as the company's vast network, endpoint, and cloud intel sources.

Key Features:

  • Proactive anti-attack defense

  • Rich threat intelligence is automatically embedded in an analyst's existing tools to provide context and understanding of threats and events in real-time.

  • Automatic mapping to assist you in identifying relevant threats, relationships between threat actors, and previously unknown attack techniques in your environment.

  • Granular search with an infinite number of combinations

  • Automated playbooks, as well as 700+ third-party product integrations


You can request a quote on their website.

27. LogRhythm Threat Lifecycle Management (TLM) Platform

The LogRhythm Threat Lifecycle Management (TLM) Platform provides a coordinated collection of data analysis and incident response capabilities that enable organizations all over the world to detect, neutralize, and recover from security incidents. It can process 26 billion messages per day. With pattern matching and advanced correlation to machine learning and statistical analysis, the platform can also automate threat detection and prioritization.

Key Features:

  • This robust platform can provide SIEM, log management, endpoint monitoring, Network Behavior Analytics (NB), User and Entity Behavior Analytics (UEBA), and Security Automation Orchestration (SAO) capabilities by leveraging big data technology and machine learning.

  • Automated threat detection

  • Integrations with third parties

  • This set of capabilities results in a comprehensive, end-to-end threat management workflow.


You can request a quote on their website.

28. Mandiant Threat Intelligence Suite

Although FireEye and Mandiant are splitting into product and services businesses, the Mandiant Threat Intelligence Suite will continue to provide superior intelligence to cybersecurity teams. Before, during, and after an attack, Mandiant Threat Intelligence adds context and priority to global threats. Data from the world's largest breaches is gathered from the adversarial underground, virtual network detection sensors, and Mandiant IR investigations.

Key Features:

  • Intelligence for strategic purposes

  • Dark Web surveillance

  • Tools for research and alerting

  • Mandiant has over 1,000 experts who respond to incidents and conduct research on attacks.


The cost of data fees ranges between $1,500 and $10,000, depending on the number of feeds.

29. LookingGlass Cyber Solutions

LookingGlass Cyber Solutions is an open source-based threat intelligence platform that provides global enterprises and government agencies with unified threat protection against sophisticated cyberattacks by operationalizing threat intelligence. It is supplemented by a global team of security analysts who enrich data feeds.

Key Features:

  • LookingGlass collects structured and unstructured data from over 87 out-of-the-box feeds as well as additional commercial feeds purchased separately.

  • It organizes network elements into a repository called Collections to provide the most relevant data to a business.

  • This information is then used by its Threat Indicator Confidence scoring tool to identify the highest priority risks that an organization faces.


You can request a quote on their website.

30. ThreatConnect

The ThreatConnect platform collects data from all sources automatically and presents it to users in context. The information can then be manually or automatically analyzed by security teams to look for evidence of cybersecurity threats. The platform displays associations in data, assisting specialists in identifying meaningful connections.

Key Features:

  • ThreatConnect's platform also employs Playbooks, an intelligence-driven orchestration feature.

  • Users can program it to perform specific tasks in response to specific triggers.

  • For instance, the tool could detect a new IP address on the network and automatically block it until cybersecurity teams investigate further.

  • This capability reduces manual labor and the possibility of error, resulting in increased productivity.


You can request a quote on their website.

31. CrowdStrike Falcon X

CrowdStrike Falcon X threat intelligence platform is available in three editions: Falcon X, Falcon X Premium, and Falcon X Elite. All include automated malware investigation features, which shorten the time required to identify threats and determine their severity. For those who already use the company's Falcon products, the platform also offers user-friendly endpoint integration that does not necessitate new installations or deployments.

Key Features:

  • Individuals can also benefit from intelligence reports that provide daily alerts and strategic insights.

  • Customized breakdowns enable monitoring for DDoS attacks as well as social media-based threats against an organization.

  • The most expensive level of this service includes a cybersecurity expert researching specific threats and providing a customized report on the findings.


Prices begin at $25.00 per endpoint, per year (minimums apply).

32. Kaspersky Threat Intelligence Portal

Kaspersky's subscription-based product combines everything a cybersecurity expert needs in a single tool to analyze risk. It allows users to verify the security of IP and web addresses, files, and file hashes.

Key Features:

  • The product also employs a variety of metrics to determine whether a file poses a risk.

  • Analysis tools look at static and dynamic properties, as well as how the system behaves.

  • The interface allows users to submit files for verification and prioritization of threats based on risk levels displayed in context.

  • People can also subscribe to premium services. They include financial intelligence reporting, threat data feeds, and a database of known security threats.


You can request a quote on their website.

33. AT&T Cybersecurity

AT&T Cybersecurity – formerly AlienVault – Unified Security Management (USM) receives threat intelligence from AlienVault Labs and the world's largest crowd-sourced collaborative threat exchange, the Open Threat Exchange (OTX). It offers cloud and on-premises environments centralized threat detection, incident response, and compliance management.

Key Features:

  • USM is automatically updated every 30 minutes with threat intelligence provided by AT&T Alien Labs, keeping it at the forefront of evolving and emerging threats.

  • Response to an incident

  • Management of compliance

  • Availability of OTX

  • As a result, security teams can concentrate on responding to alerts rather than identifying them.


You can request a quote on their website.

34. Azure Sentinel

Security analytics that is intelligent for your entire enterprise. With SIEM reinvented for the modern world, you can see and stop threats before they cause harm. Azure Sentinel provides a bird's-eye view of the enterprise. Put to use the cloud and large-scale intelligence gleaned from decades of Microsoft security experience. Using artificial intelligence, you can make your threat detection and response smarter and faster (AI).

Key Features:

  • Remove the need for security infrastructure setup and maintenance, and elastically scale to meet your security requirements—all while lowering IT costs.

  • Collect data at the cloud-scale—across all users, devices, applications, and infrastructure, on-premises and across multiple clouds.

  • Detect previously unknown threats and reduce false positives with Microsoft's analytics and unrivaled threat intelligence.

  • Investigate threats with AI and detect suspicious activity at scale, drawing on Microsoft's decades of cybersecurity experience.


Azure Log Analytics Pay-As-You-Go pricing is $2.76 per GB, with a free 5-GB per customer per month

35. NetFoundry

NetFoundry is the market leader in Application Specific Networking, enabling businesses to seamlessly connect distributed applications in any cloud, on any device, and from any location. The NetFoundry platform enables enterprises to securely and reliably connect apps without the use of VPNs, proprietary hardware, or private circuits.

Key Features:

  • By rising above your infrastructure and elevating your network, you can simplify and future-proof your application development, security, and connectivity initiatives.

  • By abstracting infrastructure, NetFoundry provides power and agility.

  • NetFoundry can help developers, ISVs, SaaS providers, and solution providers turn secure networking into an innovation enabler.


You can request a quote on their website.

36. Check Point

Check Point Software Technologies is a multinational software and hardware-software company headquartered in the United States and Israel that specializes in network security, endpoint security, cloud security, mobile security, data security, and management.

Key Features:

  • Check Point Software Technologies Ltd. is a world leader in cyber security solutions for governments and businesses.

  • Its products safeguard customers against 5th generation cyber-attacks by detecting malware, ransomware, and advanced targeted threats at an industry-leading rate.


You can request a quote on their website.

37. Barkly

Barkly is enhancing endpoint security by combining the most powerful protection, the smartest technologies, and simple management. The Barkly Endpoint Protection PlatformTM detects and prevents threats across all vectors and intentions, including exploits, scripts, executables, and ransomware.

Key Features:

  • Barkly is the only defense with visibility into all system layers, including the CPU, and it stays current thanks to its continuous machine-learning engine.

  • Barkly offers services to small and medium-sized businesses across a wide range of industries.

  • Everyone who uses anti-virus software today should consider Barkly for endpoint protection.


You can request a quote on their website.

38. Webroot SecureAnywhere

Webroot is one of the most effective computer security programs for detecting endpoint security measures. Prevents internet problems and web-based malware risks. The complete package includes fast deployment, online setup, real-time data, and intelligence stage—instant access from any location, at any time.

Webroot SecureAnywhere AntiVirus is an intriguing Windows and Mac application that employs a novel method of malware detection.

Key Features:

  • Webroot spends the majority of its time monitoring smart behavior, allowing it to detect even the most recent threats.

  • Because it isn't searching every potential file for known dangers, the software is small – 15MB on our test PC vs 1GB+ for many suites – and scans are often completed in seconds.

  • Despite its small size, Webroot SecureAnywhere AntiVirus includes a plethora of features such as anti-virus, real-time antiphishing, an additional anti-ransomware layer, a simple firewall, and network monitoring.


The package starts from $38 per month.

39. Resolver Vulnerability Management

Resolver Vulnerability Management is a comprehensive cyber security solution for businesses and government agencies. End-to-end solutions for Windows are provided by Resolver Vulnerability Management. This online Cyber Security solution includes prioritization, patch management, incident management, policy management, and endpoint management.

Key Features:

  • Risk Management Incident Management

  • Policy Administration

  • Prioritization of Vulnerability Scanning

  • Patch Administration

  • Vulnerability Assessment for Endpoint Management Asset Tagging


You can request a quote on their website.

40. Netsparker

Netsparker Security Scanner is a critical cyber security tool for detecting web app vulnerabilities and flaws and providing superior security solutions. Vulnerability scanning and IOC verification are also part of the package.

Key Features:

  • In today's world, Netsparker has evolved into a market-leading online application security solution.

  • Netsparker integrates with CI/CD and other SDLC tools, resulting in completely customizable workflows that optimize vulnerability assessments, triaging, and verification.


You can request a quote on their website.

41. Kogni

Kogni is a cyber threat intelligence tool that aids in the organization and protection of sensitive data. Some of the software's features include data discovery, document recognition, prebuilt workflows, data security, and data masking.

Key Features:

  • Kogni detects sensitive data in enterprise data sources, secures it, and constantly monitors for new sensitive data.

  • GDPR, PCI, HIPAA, PHI, FERPA, and other regulations are among those with which Kogni assists organizations in complying.

  • Kogni's data security approach reduces the impact of a data breach by monitoring for policy violations, assisting organizations in complying with regulations, and enabling data governance initiatives.


You can request a quote on their website.

42. WebTitan

WebTitan is one of the most effective computer security programs on the market, with features such as website security, the ability to delete unwanted items, customizable policies, scalability and speed, good customer service, reporting, and remote access. The hotel also offers secure Wi-Fi to help with the business.

Key Features:

  • WebTitan is a DNS-based web content filter and security layer that provides granular web content control while protecting against cyber-attacks, malware, ransomware, and malicious phishing.

  • Every day, the WebTitan DNS filtering system processes approximately 2 billion DNS requests and detects 300,000 malware iterations.


You can request a quote on their website.

43. Astra Web Security

Astra Security is a web application security and solutions firm with offices in the United States and India. They offer comprehensive website security solutions such as real-time malware monitoring, threat protection, malware eradication, and website protection. ASTRA, their flagship product, combines a powerful feature set of manual and automated penetration testing tools with a comprehensive vulnerability assessment and proactive threat response.

Key Features:

  • Every day, Astra detects and blocks over a million attacks in its customers' web applications.

  • Using the VA/PT solution, over 100,000 vulnerabilities in client applications were discovered.

  • Astra Online Security is a cutting-edge cyber security solution that offers small, medium, and large businesses web firewalls and security testing services.


The package starts from $19 per month.

44. Grafana

Grafana allows you to consolidate all relevant data into a single visually appealing dashboard. These dashboards are made up of various panels that make it easier to visualize, query, and comprehend the data you have — regardless of where it is stored. Grafana is completely customizable, allowing you to fine-tune your dashboard and the information you receive so that you only see what you need.

Key Features:

  • Grafana is completely open-source and has an active community to help you if you run into a snag or require technical assistance.

  • Because Grafana has a strong and supportive community, you can find plugins and pre-built dashboards in the official library.


You can request a quote on their website.

45. HanSight TIP

You can obtain actionable information to combat cyber threats by using HanSight TIP intelligence. It also aids in the discovery of new threats and the development of a more targeted response and remediation system.

Key Features:

  • Real-time intelligence gathering: Rather than relying on a single vector, gather intelligence from all over the world.

  • Actionable intelligence: HanSight TIP's highly accurate results allow you to assess the situation proactively and take control.

  • Alert feedback: Obtain verified alarms by integrating platforms seamlessly.


You can request a quote on their website.

Things To Consider While Selecting Threat Intelligence Tools


The foundation of cyber threat intelligence is data and analytics. To create a reliable repository of threat-related knowledge, the tool must collect information from multiple public, gated, and third-party sources. When a malicious entity launches an attack, it typically leaves a fingerprint or cyber threat indicator in its wake.


The tool you select must be adaptable enough to meet a wide range of use cases. It should, for example, connect with branch offices and distributed locations to provide you with centralized visibility. Alternatively, you could integrate it with your internal security information and event management (SIEM) platform and check IT events for potential anomalies.


The main distinction between cyber threat intelligence tools and other types of vulnerability management software is that it focuses solely on external threats. It may integrate with internal systems to help with threat detection and response, but its primary function is to scan external data feeds, repositories, and sources for emerging threat types.


Your cyber threat intelligence tool must protect all devices, cloud and on-premise services, and network ports. To accomplish this, it must scan massive volumes of external feeds that cover threat information from around the world – including the dark web, if your organization requires it.


The cyber threat intelligence tool should be easily extensible so that it can be linked to the rest of your cybersecurity landscape. Some tools concentrate on application programming interface (API) services, allowing you to integrate a robust threat intelligence feed into a custom security app. Others may have an integration marketplace that is ready to use.


The year 2022 will be pivotal in the field of threat intelligence. According to the 2021 SANS survey, the most significant impediment to the use of cyber threat intelligence was a lack of in-house skills. The tools discussed in this article provide teams with actionable insights without requiring extensive training or complex setup and configuration. These next-generation cyber threat intelligence tools are critical for improving enterprise resilience and protecting against external (as well as internal) attacks.


What is Threat Intelligence Tools?

Threat Intelligence Platforms (TIP) are critical security tools that proactively identify, mitigate, and remediate security threats by utilizing global security data. Every day, new and constantly evolving threats emerge. While security analysts understand that analyzing data on these threats is the key to staying ahead of them, the challenge is determining how to efficiently collect large amounts of data and derive actionable insights to proactively thwart future attacks.

What should you consider while using Threat Intelligence Tools?

Threat Intelligence Tools use threat intelligence feeds to aggregate security intelligence from vendors, analysts, and other reputable sources about threats and suspicious activity detected all over the world. This data can take the form of malicious IP addresses, domains, file hashes, and other information.

Threat Intelligence Tools then turn these advanced analytics into actionable intelligence to detect malicious activity within your network. These feeds are frequently integrated into other security products such as EDR, SIEM, and next-generation firewalls.

What are the features of Threat Intelligence Tools?

The ability to analyze and share threat data is the most important feature of any threat intelligence platform. These tools can detect threat signatures on a network and relay that information to other installations, as well as retrieve information about new threats from threat feeds. As a result, threat intelligence platforms are critical for detecting zero-day threats.

Another important feature is the ability to triage data and generate alerts when threats are detected. Although the platforms may require some fine-tuning, they will only send out alerts when legitimate threats arise in order to avoid an unnecessary flood of notifications that can muddy the waters for remediation. To aid in remediation, they can also assign a risk score so that security teams can prioritize which issues to address.

What are the differences between Threat Intelligence and Anti-Virus Tools?

Human intelligence providers and machine-generated intelligence are the two methods for generating threat intelligence. Human intelligence is derived from security expert-operated research labs that identify attack trends and distribute updates to security products ranging from enterprise security tools such as EDR, SIEM, and NGFWs to consumer products such as antivirus software. These labs are frequently run by the product's vendor.

Machine intelligence is generated by the security products themselves. They can transmit data to all other security products from that vendor in real-time as they identify attack signatures and anomalous behavior. To keep up with advanced and evolving threats, this process also includes live threat feeds that can pull new attack signatures from multiple sources, including security expert research labs.

Why is cybercrime on the rise?

Personal data theft is the most costly and rapidly growing type of cybercrime. The increasing availability of identity information on the web via cloud services is driving this trend.

It is, however, not the only one. Power grids and other infrastructure can be harmed or destroyed if industrial controls are disrupted or destroyed. Cyber-attacks may also compromise data integrity (erase or modify data) in order to instill distrust in a company or government.

Top 45 Threat Intelligence Tools

The world's biggest online directory of resources and tools for startups and the most upvoted product on ProductHunt History.