WINNER - Best Threat Intelligence Technology: Recorded Future
Our judges described Recorded Future as the “Complete Threat Intelligence platform” adding, “Outstanding achievement and product with wide market coverage,” and went on to comment that they also: “do loads that benefit the infosec community and our nation's infrastructure in general.”
Recorded Future is a software-as-a-service (SaaS) product using machine learning and natural language processing algorithms, combined with human analyst research to automatically collect and analyse structured and unstructured intelligence in every language from 900,000 sources on the open and dark web. The company says it does the work of 9,000 highly trained analysts, delivering real-time, contextualised, actionable intelligence so that organisations can identify unknown threats before they impact business and equip their security teams to respond to alerts 10 times faster. It enables customers to identify 22 percent more threats before they become an issue and says it achieves a 284 percent three-year ROI.
Recorded Future integrates with existing security solutions including SIEM, SOAR, GRC tools, endpoint security and vulnerability management providing security intelligence that is accessible and actionable for everyone, regardless of their industry experience. This means that its intelligence can be more easily used to provide insight for key strategic decisions alongside fighting immediate security threats. Scalability is simple; achieved by providing access to more users and integrating with more systems.
The AT&T Alien Labs Open Threat Exchange (OTX) is described by our judges as an “Impressive high volume platform,” adding that its “an exciting model providing an excellent service”, and a “Flexible option” with “good workable data and tools.”
This free, open threat intelligence platform has a global membership of 130,000 plus professionals who actively discuss, research, validate and share the latest data about threats, trends, and techniques. Users can submit files/URLs for malware analysis and data is organised into “Pulses” that provide context on threats, including the software targeted, details on threat actors, the organisations and industries targeted, and related indicators of compromise (IoCs) that can be used to directly detect threats. OTX also includes a “private groups” construct that allows organisations to share threat data privately and with their peers.