Recorded Future Threat Intelligence realizes security teams receive too many alerts but don’t have enough people to address them. This solution empowers organizations to make faster, more confident threat decisions by revealing unknown threats before business takes a hit. Machine learning, natural language processing and human analyst research combine to automatically collect and analyze structured and unstructured intelligence in every language from the open and dark webs.
It includes a variety of pre-built integrations that work with the most popular security tools to increase the power of the existing technologies by embedding real-time intelligence where it is needed most.
Intelligence Cards summarize all relevant, known information of on an entity and actively communicate with the command and control center. The platform generates the cards compromise indicators with risk scores of 75+, unless a customer configures risk scores below this threshold. The platform has created and laid out Intelligence Cards with more than 10,000 pieces of information per IP address for human analyst consumption. These pieces highlight the most important information yet allow analysts to delve as deeply and granularly as desired.
Customizable dashboards let analysts drill down into the enrichment dashboard. All alerts are delivered to the Home Screen Portal based on priority level. Organizations can configure prioritization to ensure attention is given to the business practices that need it. The system can customize home view based on an individual’s role. It provides an Analyst Notes section that allows internally generated intelligence to the platform.
The Email-to-Notes-Inbox feature forwards email to a dedicated Recorded Future Inbox where it it is automatically published as an Analyst Note. Notes are limited to text and do not retain formatting present in the original email. It automatically identifies entities in the title and text, the latter of which becomes the text of the note. After a brief processing time, the note appears in a similar fashion to all other Analyst Notes and can be made available on intelligence cards, where it can be edited.
Watch List Threat View displays all watch lists configured through an organization. For example, any organizations using software products on the Tech Stack Watch List should take proactive measures and monitor for vulnerabilities in those products. That could include server technologies, enterprise software or individual programs employees may have installed on their computers. By hovering over any of the risk companies in Risk Rules, analysts will find the rules associated with that company and can drill down further. A company lookup features more than 100,000 companies that analysts can search. Recorded Future continues to add more into this database.
With standout monitoring capabilities, the ability to search for any exposed AWS keys and the ability to build queries and set alerts to monitor 24/7/365 with priority capabilities Recorded Future is a solid choice for boosting the efficiency of security teams.
Starting price is $19,500. Basic, no-cost support is offered 24/7. This includes an in-product support site, email, phone and an online learning portal with knowledgebase. We found the support page to be thorough and sufficiently explanatory.
Tested by: Matthew Hreben