Best PolySwarm Alternatives in 2024
Find the top alternatives to PolySwarm currently available. Compare ratings, reviews, pricing, and features of PolySwarm alternatives in 2024. Slashdot lists the best PolySwarm alternatives on the market that offer competing products that are similar to PolySwarm. Sort through PolySwarm alternatives below to make the best choice for your needs
-
1
Criminal IP
AI SPERA
1 RatingCriminal IP is a cyber threat intelligence search engine that detects vulnerabilities in personal and corporate cyber assets in real time and allows users to take preemptive actions. Coming from the idea that individuals and businesses would be able to boost their cyber security by obtaining information about accessing IP addresses in advance, Criminal IP's extensive data of over 4.2 billion IP addresses and counting to provide threat-relevant information about malicious IP addresses, malicious links, phishing websites, certificates, industrial control systems, IoTs, servers, CCTVs, etc. Using Criminal IP’s four key features (Asset Search, Domain Search, Exploit Search, and Image Search), you can search for IP risk scores and vulnerabilities related to searched IP addresses and domains, vulnerabilities for each service, and assets that are open to cyber attacks in image forms, in respective order. -
2
ManageEngine EventLog Analyzer
ManageEngine
148 RatingsEventLog Analyzer from Manage Engine is the industry's most affordable security information and event management software (SIEM). This cloud-based, secure solution provides all essential SIEM capabilities, including log analysis, log consolidation, user activity monitoring and file integrity monitoring. It also supports event correlation, log log forensics and log retention. Real-time alerting is possible with this powerful and secure solution. Manage Engine's EventLog Analyzer allows users to prevent data breaches, detect the root cause of security issues, and mitigate sophisticated cyber-attacks. -
3
PathSolutions
42 RatingsTotalView offers network monitoring as well as root-cause troubleshooting of problems in plain-English. The solution monitors every device as well as every interface on every device. In addition, TotalView goes deep, collecting 19 error counters, performance, configuration, and connectedness so nothing is outside of it’s view. A built-in heuristics engine analyzes this information to produce plain-English answers to problems. Complex problems can now be solved by junior level engineers leaving the senior level engineers to work on more strategic level projects. The core product includes everything needed to run a perfectly healthy network: Configuration management, server monitoring, cloud service monitoring, IPAM, NetFlow, path mapping, and diagramming. Get Total Network Visibility on your network and solve more problems faster. -
4
Secure Malware Analytics (formerly Threat Grid), combines advanced threat intelligence with sandboxing to provide a single solution to protect organizations against malware. You will be able to understand what malware is doing or trying to do, how big a threat it poses and how you can defend yourself against it. Secure Malware Analytics quickly analyzes files and suspicious behavior in your environment. Your security teams receive context-rich malware analytics, threat intelligence, and a quick response to threats. Secure Malware Analytics analyzes a file's behavior against millions of samples and billions upon billions of malware artifacts. Secure Malware Analytics identifies the key behavioral indicators and associated campaigns of malware. Secure Malware Analytics offers robust search capabilities, correlations, detailed static and dynamic analysis.
-
5
SIRP is a SOAR platform that is risk-based and non-code. It connects all security teams to achieve consistent strong outcomes through a single platform. SIRP empowers Security Operations Centers, Incident Response (IR), Threat Intelligence (VM) and Security Operations Centers (SOCs). It integrates security tools, powerful automation, and orchestration tools to enable these teams. SIRP is a NO-code SOAR platform that includes a security scoring engine. The engine calculates risk scores specific to your organization based on every alert, vulnerability, and incident. Security teams can map risks to individual assets and prioritize their response at scale with this granular approach. SIRP saves security teams thousands of hours every year by making all security functions and tools available at a push of a button. SIRP's intuitive drag and drop playbook building module makes it easy to design and enforce best practices security processes.
-
6
WildFire
Palo Alto Networks
WildFire®, which uses near-real-time analysis, detects targeted malware and advanced persistent threats that are previously unknown. This keeps your organization safe. Advanced file analysis capabilities are available to protect web portals and integrate with SOAR tools. WildFire's unique malware analysis capabilities that cover multiple threat vectors result in consistent security outcomes throughout your organization via an API. You can submit files and query volumes as you need them without the need for a next-generation firewall. Use industry-leading advanced analysis and prevent engine capabilities, regional cloud deployments, and a unique network effect. WildFire combines machine-learning, dynamic and static analysis with a custom-built environment to detect even the most complex threats across multiple stages. -
7
PT MultiScanner
Positive Technologies
PT MultiScanner offers multiple levels of anti-malware protection that can detect and block malware infections on corporate infrastructure, find hidden threats, and assist in investigating malware-related security incidents. Do you trust the same antivirus vendor every time? Instead, rely on the expertise of Positive Technologies and the top anti-malware vendors. PT MultiScanner is the best choice for both startups as well as large corporations due to its extensive integration support and scalability. Multiple anti-malware engines, static analyses, and Positive Technologies reputation list scanning are used to identify suspicious objects. The solution allows for scanning files and archives, even recursively compressed ones. PT MultiScanner is able to detect and block malware much more effectively than any single method. -
8
Jotti
Jotti
Jotti's malware scanner is a free service that allows you to scan suspicious files using multiple anti-virus programs. You can submit up 5 files simultaneously. Each file can only be 250MB in size. No security solution can guarantee 100% protection, even if it uses multiple anti-virus engines. Anti-virus companies share all files so that they can improve the detection accuracy of their antivirus products. Although we don't want to know the names or addresses of our visitors, some data is logged and used by us. We understand privacy is important. We want you to fully understand what happens to the information you provide to us. We keep files that you send us for scanning and we share them with anti-malware organizations. This is done to improve detection accuracy for anti-malware products. We keep your files confidential. -
9
REVERSS
Anlyz
Today's threat actors are highly skilled and use disruptive technologies to penetrate security walls of companies in an unrelenting manner. Reverss offers automated dynamic malware analysis that enables Cyber Intelligence Response Teams to (CIRT), to reduce obfuscated malicious software faster and more effectively. A central detection engine powers rapid detection of malware to drive security operations towards correct threat response. With the support of robust security libraries that track and reverse past threats, you can get actionable insights about how to respond to and quickly eliminate attacks. To make security analysts more aware of the threat behavior and to provide context, enrich their tasks. To protect your business against future attacks, you can create thorough Malware Analysis Reports that detail every detail of how, why and when an evasion occurred. -
10
CloudSEK
CloudSEK
The most advanced AI-powered Digital Risk Monitoring Platform that instantly detects third party data leaks. XVigil gathers millions from online sources to begin gathering data units. This raw data is then filtered using an AI engine to remove noise, false positives and anomalies. It is then indexed, parsed and checked against the historical data lakes. Finally, it is mapped to clients assets. Duplicates and known threats are removed. The remaining threats are rated according to severity and sent to customers as alerts. Monitors your internet-exposed infrastructure and curates a list. Then periodically monitors for misconfigurations and potential data leakages. XVigil uses the internet to detect and classify external threats, provide real-time alerts, and classify them based upon their severity. CloudSEK's "XVigil" is a SaaS-based platform that's easy to use and backed by five years of research and development. -
11
ReversingLabs Titanium Platform
ReversingLabs
Advanced malware analysis platform that detects malicious files faster through automated static analysis. It can be used in any cloud and any environment. More than 360 file formats were processed and 3600 file types were identified from various platforms, applications and malware families. Real-time, deep inspection and analysis of files. This can be scaled to 150 million files per hour without dynamic execution. Connectors that are tightly coupled integrate industry-leading email, SIEM and SOAR platforms, as well as EDR, SIEM and SIEM. Unique Automated Static Analysis completely dissects the internal contents of files in just 5 ms, without execution, which eliminates the need for dynamic analysis in most instances. -
12
Intezer Analyze
Intezer
Free 1 RatingIntezer’s Autonomous SOC platform triages alerts 24/7, investigates threats, and auto-remediates incidents for you. "Autonomously" investigate and triage every incident, with Intezer’s platform working like your Tier 1 SOC to escalate only the confirmed, serious threats. Easily integrate your security tools to get immediate value and streamline your existing workflows. Using intelligent automation built for incident responders, Intezer saves your team from time wasted on false positives, repetitive analysis tasks, and too many escalated alerts. What is Intezer? Intezer isn't really a SOAR, sandbox, or MDR platform, but it could replace any of those for your team. Intezer goes beyond automated SOAR playbooks, sandboxing, or manual alert triage to autonomously take action, make smart decisions, and give your team exactly what you need to respond quickly to serious threats. Over the years, we’ve fine-tuned and expanded the capabilities of Intezer’s proprietary code-analysis engine, AI, and algorithms to automate more and more of the time-consuming or repetitive tasks for security teams. Intezer is designed to analyze, reverse engineer, and investigate every alert while "thinking" like an experienced security analyst. -
13
Cuckoo Sandbox
Cuckoo
Cuckoo can quickly provide detailed reports detailing the behavior of suspicious files when they are executed in a controlled environment. Malware is the Swiss-army knife of cybercriminals, and any other adversary to your company or organization. It's not enough to detect and remove malware artifacts in these changing times. It's also vital to understand how they work to understand the context, motivations and goals of a breach. Cuckoo Sandbox, a free software, automates the task of analysing any malicious file on Windows, macOS Linux, Linux, or Android. Cuckoo Sandbox, an open-source automated malware analysis system that is highly modular and flexible, has endless application possibilities. Analyze many malicious files (executables and office documents, emails, etc.) as well as malicious websites in virtualized Windows, Linux, macOS, Android environments. -
14
Deep Discovery Inspector
Trend Micro
Deep Discovery Inspector can be used as a virtual or physical network appliance. It is designed to quickly detect advanced malware, which can bypass traditional security defenses and infiltrate sensitive data. It uses specialized detection engines and custom-designed sandbox analysis to detect and prevent breaches. Targeted ransomware is a form of advanced malware that encrypts and demands payment for data release. It bypasses traditional security measures and can be used to compromise organizations' systems. Deep Discovery Inspector uses reputation analysis and known patterns to detect the latest ransomware attacks including WannaCry. The customized sandbox detects file modifications, encryption behavior and modifications to backup/restore processes. Security professionals are constantly being bombarded with threat data from multiple sources. Trend Micro™; XDR for Networks helps to prioritize threats and provide visibility into an attacker's attack. -
15
YARA
YARA
YARA is a tool that helps malware researchers identify and classify malware samples. Using YARA, you can create descriptions of malware families or any other description based on binary or textual patterns. Each description (also known as a rule) is composed of a set strings and a binary expression that determines its logic. YARA-CI could be a valuable addition to your toolbox. This GitHub application provides continuous testing of your rules. It helps you identify common errors and false positives. The above rule tells YARA that files containing any of the three strings must report as silent_banker. -
16
Binary Ninja
Binary Ninja
$299 one-time paymentBinary Ninja is an interactive disassembler and decompiler that can also be used as a binary analysis platform. It is available for Windows, macOS and Linux. You can disassemble executables and libraries in multiple formats, platforms, architectures. For any supported architecture, even your own, decompile code to C and BNIL. Automate analysis using C++, Python, or Rust APIs, from within or outside the UI. Interactively visualize control flow and navigate cross-references. Name variables and functions, apply types and create structures. Add comments. Our Enterprise product allows you to collaborate effortlessly by using synchronized commits. Our decompiler is available for all architectures that are officially supported. It works with all architectures at one cost and uses a powerful family IL called BNIL. Not only our architectures but also community architectures can provide amazing decompilation. -
17
AhnLab Xcanner
AhnLab
Due to their sensitive nature and outdated OS, it is difficult to apply the most recent security patch to fixed function systems such as Industrial Control Systems, Point of Sales (POS) Systems and KIOSKs. They are vulnerable to malware infection. These systems are often placed in low-bandwidth networks or air-gapped networks. Because these environments are limited to a set of processes that require minimal system requirements, it is often difficult to perform engine updates, real time detection and remediation using security programs designed for the PC environment. AhnLab Xcanner allows users to customize scan and repair options for each operating environment. There are no conflicts with pre-installed security software. It is easy to use and can be used by facility managers and workers on-site with no security knowledge. -
18
REMnux
REMnux
REMnux®, a Linux toolkit that allows you to reverse-engineer and analyze malicious software, is available. REMnux is a community-curated collection of tools that are free to use. Analysts can use it for malware analysis without the need to install or configure the tools. Downloading the REMnux virtual machines in OVA format is the easiest way to get them. Then import them into your hypervisor. You can also add the distro to an existing system that is running a compatible Ubuntu version or install it from scratch on a dedicated host. The REMnux toolkit provides Docker images of popular malware analysis software, so you can run them as containers. You can even run REMnux as a container. The REMnux documentation website provides information about how to install, use, and contribute to REMnux. -
19
QFlow
Quarkslab
Analyze the threats that may be posed by files. Before accessing unknown websites, make sure URLs are checked. To improve your detection, optimize your resources. Restore trust following a breach Increase malware detection, filter false positives, and improve breach prevention. To optimize and speed up analysis, increase the capabilities of security analysts. Reduce incident response times and concentrate on the most important threats. Establish a system of detection to prevent threats and raise cybersecurity awareness throughout your organization. All users, including those with no cybersecurity skills, should be empowered. Set up consistent detection in your IT infrastructure and reserve your security team's expertise for the most serious threats. QFlow detection capabilities can be used to complement your existing incident response efforts. You can easily scale up to speed up your cyber-attack response, restore trust after a breach, and meet your business continuity plan goals. -
20
Comodo Valkyrie
Comodo
Valkyrie analyses the entire file's run-time behavior and is therefore more effective in detecting zero-day threats than the signature-based detection systems used by traditional antivirus products. Users can upload files to be scanned and view scan results in a variety of dashboards and reports from the Valkyrie console. Comodo Labs can be contacted to perform in-depth human expert checks. The Comodo Unknown File Hunter tool lets users scan entire networks looking for unknown files and then upload them to Valkyrie to be analysed. Valkyrie analysis systems use multiple techniques to ensure that every file submitted is thoroughly analyzed before presenting the verdict. Valkyrie employs two types technologies to accomplish this: Automatic analysis and Human Expert analysis. -
21
VIPRE ThreatAnalyzer
VIPRE Security Group
$5400/year for 5q/ day VIPRE ThreatAnalyzer is a cutting-edge dynamic malware analysis sandbox designed to help you stay ahead of cyber threats. Safely uncover the potential impact of malware on your organization and respond faster and smarter to real threats. Today’s most dangerous attacks often hide in seemingly legitimate files—like executables, PDFs, or Microsoft Office documents—waiting for a single click to unleash chaos, disrupt operations, and cause massive financial damage. With ThreatAnalyzer, you can see exactly how these threats operate. It intercepts and reroutes suspicious files, including ransomware and zero-day threats, to a secure sandbox environment where they’re detonated and analyzed by a machine-learning engine. This gives you valuable insights into how an attack is constructed, what systems are at risk, and how to fortify your defenses. Gain the upper hand by understanding attackers’ strategies without jeopardizing your network. With VIPRE ThreatAnalyzer, you can outsmart cybercriminals before they strike. -
22
Avira Cloud Sandbox
Avira
The Avira Cloud Sandbox, an automated, unlimited-scale malware analysis service, is an award-winning and highly regarded product. It combines multiple advanced analysis technologies to produce a complete threat intelligence report using an uploaded file. The Cloud Sandbox API provides a detailed, file-specific threat intelligence report. It provides valuable, actionable intelligence. The report includes a detailed classification of each file, information about the techniques, tactics, and procedures (IoCs), and a description of why and how the submitted file was deemed clean, malicious, or suspicious. Cloud Sandbox by Avira leverages technologies from the Avira Protection Cloud. This cloud security system underpins Avira's anti-malware, threat intelligence solutions. We protect nearly a billion people worldwide through OEM technology partnerships. -
23
Hybrid Analysis
Hybrid Analysis
These are common 'how to' and 'troubleshooting guides for the Falcon Sandbox platform and community platform. You can navigate through the articles by using the menu on the left. Hybrid Analysis requires users to go through the Hybrid Analysis Vetting Process before they can obtain an API key or download malware samples. Please be aware that you must adhere to the Hybrid Analysis Terms & Conditions and only use these samples as research purposes. It is not allowed to share your API key or user credentials with anyone else. If you suspect that your API key, or user credentials, have been compromised, please notify Hybrid Analysis immediately. Sometimes, a vetting request may be rejected because of incomplete data, missing real name, real company name, or any other means of validating cybersecurity credentials. It is possible to submit a vetting request again in this instance. -
24
Immunity Debugger
Immunity Debugger
The interfaces of Immunity Debugger include a GUI and a command-line. The command line is always accessible at the bottom of the GUI. It allows users to use shortcuts just like they would in a text-based debugger such as WinDBG and GDB. To ensure that your WinDBG users don't have to be retrained, Immunity has created aliases. This will allow them to get the productivity boost that comes with the best debugger interface available. Our command bar allows you to run Python commands directly. You can either go back to previous commands or click in the dropdown menu to see all of the most recent commands. The interfaces of Immunity Debugger include a GUI and a command-line. The command line is always accessible at the bottom of the GUI. It allows users to use shortcuts just like they would in a text-based debugger such as WinDBG and GDB. -
25
VirusTotal
VirusTotal
VirusTotal inspects items using over 70 antivirus scanners, URL/domain blocking services, and a multitude of tools to extract signals. Any user can use their browser to select a file and send it directly to VirusTotal. VirusTotal offers a variety of file submission options, including the primary web interface, desktop uploaders and browser extensions, as well as a programmatic API. The web interface is the most popular submission method. Submissions can be scripted using any programming language that uses the HTTP-based public API. VirusTotal is useful for detecting malicious content, as well as identifying false positives and normal items that have been detected as malicious by one or several scanners. URLs can be submitted in the same way as files. You can submit URLs via the VirusTotal webpage or browser extensions. -
26
The Respond Analyst
Respond
XDR Cybersecurity Solutions can accelerate investigations and increase analyst productivity. The Respond Analyst™, an XDR Engine automates the detection of security incidents. It transforms resource-intensive monitoring into consistent investigations. The Respond Analyst connects disparate evidence with probabilistic mathematics and integrated reasoning, determining whether events are malicious and possible actionable. The Respond Analyst enhances security operations teams by significantly reducing false positives, allowing for more time for threat hunting. The Respond Analyst lets you choose the best-of-breed controls for modernizing your sensor grid. The Respond Analyst integrates seamlessly with leading security vendors across key categories, including EDR, IPS Web Filtering and EPP, Vulnerability Scanning, Authentication and more. -
27
Radware Threat Intelligence
Radware
Radware's Threat intelligence Subscriptions enhance application and network security by providing constant updates on possible vulnerabilities and risks. Radware's Threat Intelligence Subscriptions protect your Attack Mitigation Systems by crowdsourcing, correlating, and validating real-life attacks data from multiple sources. It provides real-time protection against unknown actors and vectors, as well as emergency and ongoing protection. Radware's Live Threat Map provides near real-time information about cyberattacks, based on cloud system event information and our global threat deception network. These systems transmit a variety anonymized and sampled network attacks and application attacks to our Threat research center. They are also shared with the community via the threat map. -
28
CyCognito
CyCognito
$11/asset/ month Using nation-state-grade technology, uncover all security holes in your organization. CyCognito's Global Bot Network uses an attacker-like reconnaissance technique to scan, discover, and fingerprint billions digital assets around the globe. No configuration or input required. Discover the unknown. The Discovery Engine uses graph data modelling to map your entire attack surface. The Discovery Engine gives you a clear view on every asset an attacker could reach, their relationship to your business, and what they are. The CyCognito risk-detection algorithms allow the attack simulator to identify risks per asset and find potential attack vectors. It does not affect business operations and doesn't require configuration or whitelisting. CyCognito scores each threat based on its attractiveness to attackers, and the impact on the business. This dramatically reduces the number of attack vectors organizations may be exposed to to just a few. -
29
ThreatSync
WatchGuard
It can be difficult to manage security across an organization, whether you have 10 branch offices or distributed businesses with 10 employees. SMBs and distributed enterprises must have visibility into their network and endpoint data. They also need to be able quickly and efficiently to use actionable insights to eliminate threats. ThreatSync, an essential component of TDR, collects threat data from WatchGuard Firebox, Host Sensor, and enterprise-grade threat intelligence feeds. It then analyzes this data using a proprietary algorithm and assigns a threat score and rank. This powerful correlation engine allows cloud-based threat prioritization, empowering IT teams to respond quickly and confidently to threats. Collects and correlates threat events data from the Firebox or Host Sensor. -
30
Kroll Compliance
Kroll
Your organization is exposed to legal, reputational and compliance risks from third parties, customers, partners, and other people. The Kroll Compliance Portal gives you the tools to manage these risks at scale. A closer look may be required depending on the relative risk. Emailing back-and-forth with analysts, downloading and saving files, can slow you down, leave you open to information security risks, and create a gap on the audit trail. The Kroll Compliance Portal makes it easy to conduct due diligence without having to rely on emails or file folders. Manual processes and inflexible software can make compliance programs time-consuming and costly. Kroll Compliance Portal's Workflow Automation can help you stop this. Your business requires efficient third party onboarding. A thorough risk assessment is essential. The Kroll Compliance Portal Questionnaire automates the onboarding process by tracking, scoring and tracking in accordance with your risk model. -
31
Cysiv
Cysiv
Cysiv's next generation, co-managed SIEM addresses all the problems and limitations associated with traditional SIEMs as well as other products used in a SOC. Our cloud-native platform automates key processes and improves effectiveness in threat detection, hunting and investigation, as well as response. Cysiv Command combines the essential technologies needed for a modern SOC into a unified cloud-native platform. It is the foundation of SOC-as a-Service. Most telemetry can either be pulled from APIs, or sent securely over the internet to Cysiv Command. Cysiv Connector is an encrypted conduit that allows you to send all required telemetry from your environment, such as logs, over Syslog UDP. Cysiv's threat engine uses a combination of signatures, threat intelligence and user behavior to automatically detect potential threats. Analysts can focus on the most important detections. -
32
Chronicle Threat Intelligence
Chronicle
Google Cloud Threat Intelligence researchers have created and maintained high-quality, actionable, out of-the-box threat detection content that will help you get better detections. Native detection sets cover a range of threats, including Windows-based attacks such as ransomware, remote access tools (RAT), infostealers and data exfiltration. New analytics from Google Cloud Threat Intelligence researchers reveal new and latent threats, unlocking new detection coverage. You can use GCTI detections for response actions and rules that are specific to your environment. The VirusTotal Augment widget can be used to increase efficiency in SOC processes and allow faster search for artifacts such as domains, URLs, IPs, URLs, or hashes. You can gain context beyond your network perimeter and expand your telemetry to explore related VirusTotal IIoCs in a graphical way. -
33
Trickest
Trickest
Join us on our mission to democratize the offensive security industry with best-in class solutions that are tailored to meet the needs of professionals and organisations. From the terminal, you can now use a specialized IDE to develop offensive security. Use Trickest's tool nodes to import your own scripts or add your favorite open-source software all in one place. Choose from template workflows to perform common tasks, and a growing list 300+ open-source tools that the security community loves. Automate your workflows with cost-control and easy autoscaling in the cloud. Stop paying for VPSs that are idle and skip manual infrastructure setup. Use Trickest's workspace versioning, spaces, projects and workspaces to keep track of even the most complex tasks. Trickest is designed for anyone involved in offensive security, including enterprise security teams and red teams. It also includes specialized pen testers, bounty hunters, security researchers and educators. -
34
Cyren
Cyren
Cyren Inbox Security, an innovative solution, turns the tables on phishers. It safeguards every Office 365 mailbox in your company against evasive phishing and business email compromise (BEC), and fraud. Continuous monitoring and detection alert you to any suspicious activity. Automated response and remediation will be performed for each mailbox and across all mailboxes within the organization. Our crowd-sourced user detection closes down the feedback loop on alerts, strengthening your security training and providing valuable threat information. An extensive, multi-dimensional presentation that includes critical threat characteristics. This helps analysts understand the changing threat landscape. Improved threat detection for existing security products like SIEM and SOAR. -
35
PassiveTotal
RiskIQ
RiskIQ PassiveTotal aggregates data across the internet, absorbing intelligence in order to identify threats and attacker infrastructure. It also leverages machine learning to scale threat hunting, response, and mitigation. PassiveTotal gives you context about who is attacking you, their tools, systems, and indicators that compromise outside of the firewall--enterprise or third party. Investigating can be fast and very fast. Over 4,000 OSINT articles, artifacts and documents will help you quickly find answers. RiskIQ's 10+ years of internet mapping gives it the most comprehensive and complete security intelligence. Passive DNS, WHOIS SSL, SSL, hosts and host pair, cookies, exposed service, ports, components, code, and more are all absorbed by RiskIQ. You can see the entire digital attack surface with curated OSINT and your own security intelligence. Take control of your digital presence to combat threats to your company. -
36
CINS
CINSarmy
As our Sentinel IPS unit base has grown, we have realized the value of the attack data we collect. This is true for both our customers and the wider community. Collective Intelligence Network Security (CINS) is pronounced "sins" This is our attempt to use this information in order to significantly improve the security and availability of our customers' networks. This vital information is also provided to the InfoSec community at no cost. Our CINS system continuously collects attack data from all Sentinel units on the field. We use this data to calculate a CINS Score (Cindy Insight Score) for each IP address that is flagged by our system. The CINS Score is similar to a FICO score which measures your credit quality, but it also shows you the trustworthiness of an IP address. The CINS Score lists the IP address' whois information, country and the nature, frequency, breadth, and breadth of its attacks across Sentinel networks. -
37
Palo Alto Networks AutoFocus
Palo Alto Networks
Unrivaled threat intelligence is essential for tomorrow's operations. AutoFocus can help you speed up investigation, prevention, and response. Palo Alto Networks, the provider of the industry-leading next generation firewall, has created the highest-fidelity repository for threat intelligence in the world. It is sourced from the largest network sensors and is available for any team or tool. AutoFocus™, a contextual threat intelligence service, is your one-stop source for threat intelligence. Your teams will have instant access to every event, with unrivaled context provided by Unit 42 threat researchers. You can also embed rich threat intelligence into analyst's existing tools to speed up investigation, prevention, response. You will have unprecedented visibility into crowdsourced attacks from the industry's largest network, endpoint and cloud intel sources. Every threat is enhanced with the most detailed context from Unit 42 threat researchers. -
38
Polis Chain
Polis Chain
Polis is a community-driven smart chain that aims to create technology that allows cryptocurrency payments to be accepted easily and securely. Polis is a cryptocurrency for the community. You can trade, swap, and engage in a vibrant society that is shaping the future of payments. Polis stakers are responsible for securing the network by supporting chain validaters. Validators are awarded the rewards at the end each epoch. They also share the rewards proportionally with all stakers who supported them. There are many places that allow you to buy and sell Polis. Compare all the options to find the one that best suits your needs. Our Governance has changed over the past four years to make the Polis Project more efficient, transparent, accessible, and accessible to our community. This has allowed us to take great initiatives. -
39
CrowdSec
CrowdSec
CrowdSec, a free, open-source, and collaborative IPS, analyzes behaviors, responds to attacks, and shares signals across the community. It outnumbers cybercriminals. Create your own intrusion detection system. To identify cyber threats, you can use behavior scenarios. You can share and benefit from a crowdsourced, curated cyber threat intelligence platform. Define the type and location of the remediation you wish to apply. Use the community's IP blocklist to automate your security. CrowdSec can be run on containers, virtual machines, bare metal servers, containers, or directly from your code using our API. Our cybersecurity community is destroying cybercriminals' anonymity. This is our strength. You can help us create and distribute a qualified IP blocklist that protects everyone by sharing IP addresses you have been annoyed by. CrowdSec can process massive amounts of logs faster than Fail2ban, and is 60x faster than Fail2ban. -
40
Resecurity
Resecurity
Resecurity Risk is a dedicated threat monitoring platform for brands and their subsidiaries, assets, executives, and employees. In less than 24 hours, you can import your unique digital identifiers to get instant updates of more than 1 Petabytes of actionable intelligence that is directly impacting you. If all active threat vectors can be ingested within our platform, and are from verified sources with accurate risk scores, security information and event management tools (SIEM), can help you identify and highlight critical events. Resecurity Risk is an omni-directional threat product that would normally require multiple vendors to resolve. To maximize the risk score of an enterprise footprint, integrate security solutions. Context™ powered by your data. A holistic approach to counterfeit monitoring and piracy for different industry verticals. Use actionable intelligence to prevent illicit distribution and misuse of your products. -
41
FOFA
Beijing Huashun Xin'an Technology Co., Ltd
FreeFOFA is a search engine that allows you to map global cyberspace. More than 4 billion assets have been identified through active detection of global Internet assets. Additionally, 350,000 fingerprint rules have been accumulated. This allows for the identification of most software and hardware network assets. Asset data can be used to support external presentation and application in many ways and can perform hierarchical portraits based on IP. -
42
ZeroHack TRACE
WhizHack
ZeroHack TRACE, a cyber threat intelligence platform, uses decoy technology to generate and analyze threat information. It features customizable, intelligent, dynamic shifting sensors, easy configuration, and self healing. TRACE's DPI engine captures real-time information for analysis by users. Honeynet data is processed to enhance visualization and correlation. This allows analysts to secure networks in a comprehensive manner. The Dynamic Intelligent Shifting Sensors of ZeroHack TRACE enhance security by changing sensor positions periodically to avoid detection by hackers. ZeroHack TRACE uses honeynets that are tailored to specific IT environments. ZeroHack TRACE sensors are self-healing and auto-update to minimize maintenance. Each ZeroHack sensor is equipped with a deep packet-inspection engine that captures data in real-time, allowing detailed network monitoring and rapid threat identification. -
43
Reveelium
ITrust.fr
Hacking and computer attacks are a problem in 34% of companies. 90% of companies have essential security equipment that doesn't detect these malicious attacks. These attacks, which include malicious behavior, viruses, and crypto lockers, can override security defenses. No current tool can detect them. These attacks leave behind traceable footprints. These malicious traces are difficult to find on large amounts of data. Reveelium aggregates logs from all types of information systems and detects malicious activity. Reveelium SIEM is an essential tool in fighting cyber-malware. It can be used either alone or with Revelium UEBA, ITrust's Acsia EDR and Ikare to create a true next-generation security centre (SOC). Get an objective opinion from a third party about the safety of its practices. -
44
RST Cloud
RST Cloud
$50/month RST Cloud collects actual knowledge about threats from all the available public TI sources. Normalise, filter, enrich and score it and gives it to your SOC and SecOps team, or directly put to your security solutions in ready-to-use format. RST Cloud offers: - RST Threat Feed, - RST Report Hub, - RST Noise Control, - RST IoC Lookup, - RST Whois API. -
45
Chronicle SOC
Google
Although we live in a digital age, the current economics of storing enterprise security data make it almost impossible to combat cybercrime. What if the economics and scale of storing and analysing your organization's security information were no longer an issue? Chronicle was built on the largest data platform in the world to provide unmatched resources and capabilities to help you gain the edge. Google Cloud threat signals, which were sourced by Chronicle's security team, are embedded in the Chronicle platform. Uppercase signals are based upon a mixture of proprietary data sources and public intelligence feeds. Even the most skilled analysts have difficulty processing the volume of security telemetry modern enterprises generate. Chronicle can automatically handle petabytes worth of data. Automated analysis allows your analysts to understand suspicious activity in seconds and not hours. -
46
ThreatCloud
Check Point Software Technologies
Real-time threat intelligence, derived from hundreds millions of sensors around the world, enhanced with AI-based engines. Exclusive research data from Check Point Research Team. Unknown threats are detected daily, resulting in 2,000 attacks per day. Advanced predictive intelligence engines, data gathered from hundreds of millions sensors and cutting-edge research by Check Point Research and an external intelligence feed. The most current information about the latest attack vectors and hacking methods. ThreatCloud is Check Point's rich cyber defense database. Its threat intelligence powers Check Point's zero-day protection solutions. Protect yourself 24x7 using award-winning technology, expert analysis, and global threat intelligence. The service also offers recommendations to help customers improve their protection against threats. Customers can access a Managed Security Services Web Portal. -
47
WinMagic SecureDoc
WinMagic
SecureDoc is a solution for encryption and security management that protects data at rest. The software consists of two components: client software to encrypt and decrypt data, and server software to configure and manage the organization's laptops and desktops. SecureDoc uses a FIPS140-2 validated AES256-bit cryptographic algorithm to ensure compliance with industry regulations. The software protects sensitive data on multiple platforms (Windows, macOS, and Linux) with features such as pre-boot authentication, central management, and encryption. -
48
Tenable Lumin
Tenable
Tenable Lumin allows you to quickly and accurately assess your risk. Compare your health and remediation to other Tenable users in your Salesforce industry or the wider population. Tenable Lumin correlates raw data on vulnerabilities with asset business-criticality and threat context data to support faster and more targeted analysis workflows compared to traditional vulnerability management tools. Cyber risk scoring and advanced risk-based analysis are based on a combination of asset criticality, threat data and vulnerability. It provides clear guidance on how to prioritize remediation efforts. Get insights from a single, comprehensive overview of your entire attack surface, including traditional IT, public clouds, web apps and containers, IoT and OT. Watch the evolution of your organization's cyber-risk over time. Manage risk using quantifiable metrics that are aligned with the business. -
49
Cortex XSOAR
Palo Alto Networks
Orchestrate. Automate. Innovate. Innovate. Automated, scalable processes that can be used for any security purpose will transform your security operations. You can reduce the number of alerts that require human review by up to 95% Cortex XSOAR ingests alerts from all sources and executes automated workflows/playbooks in order to speed up incident response. Cortex XSOAR case management allows for a standard response to high-volume attacks and helps your teams adapt to more complex one-off threats. Cortex XSOAR playbooks can be complemented by real time collaboration capabilities that allow security teams to rapidly iterate on emerging threats. Cortex XSOAR is a new approach in threat intelligence management. It unifies threat intelligence aggregation scoring and sharing with playbook-driven automation. -
50
ThreatQ
ThreatQuotient
Threat intelligence platform - threatQ, to understand and prevent threats more effectively and efficiently, your security infrastructure and people must work smarter, and not harder. ThreatQ is an extensible and open threat intelligence platform that can accelerate security operations through simplified threat operations and management. The integrated, self-tuning, adaptive threat library, open exchange, and workbench allow you to quickly understand threats and make better decisions, thereby accelerating detection and response. Based on your parameters, automatically score and prioritize internal or external threat intelligence. Automate the aggregation and operationalization of threat intelligence across all systems. Integrating your tools, teams, and workflows will increase the effectiveness of your existing infrastructure. All teams have access to a single platform that enables threat intelligence sharing, analysis, and investigation.