Threat Intelligence Platform Comparison body { font-family: ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji"; } .animate-fade-in { animation: fadeIn 0.3s ease-out forwards; } @keyframes fadeIn { from { opacity: 0; } to { opacity: 1; } } .animate-slide-up { animation: slideUp 0.5s ease-out forwards; } @keyframes slideUp { from { transform: translateY(100%); } to { transform: translateY(0); } } { "imports": { "react": "https://aistudiocdn.com/react@^19.2.0", "react-dom/": "https://aistudiocdn.com/react-dom@^19.2.0/", "react/": "https://aistudiocdn.com/react@^19.2.0/" }}
const { useState, useEffect, useMemo, useCallback } = React; // --- All application code is now below --- // --- From constants.ts --- const VENDORS_DATA = [ { id: 16, name: 'Anomali', logoUrl: 'https://logo.clearbit.com/anomali.com', description: 'Offers a Threat Intelligence Platform (TIP) that automates the collection, curation, and integration of threat intelligence.', strengths: ['ThreatStream TIP', 'Big Data approach', 'IOC management', 'Integration with security controls'], focusAreas: ['Threat Intelligence Platform', 'Threat Matching & Prioritization', 'Security Operations'], dataSources: ['Commercial feeds', 'OSINT', 'ISACs', 'Government'], integrations: ['SIEM', 'SOAR', 'EDR', 'Firewalls'], pricingModel: 'Subscription', website: 'https://www.anomali.com/' }, { id: 9, name: 'Cisco Talos', logoUrl: 'https://logo.clearbit.com/talosintelligence.com', description: 'One of the largest commercial threat intelligence teams, leveraging telemetry from Cisco\'s vast security product portfolio.', strengths: ['Massive global telemetry (email, web, network)', 'Open-source contributions (Snort)', 'Deep malware analysis', 'Vulnerability research (Zero-days)'], focusAreas: ['Vulnerability Discovery', 'Threat Research', 'Malware Analysis', 'Global Threat Landscape'], dataSources: ['Cisco Network/Email/Endpoint Products', 'Honeypots', 'OSINT'], integrations: ['Cisco Secure products', 'Open-source tools'], pricingModel: 'Free Tier', website: 'https://www.talosintelligence.com/' }, { id: 3, name: 'CrowdStrike Falcon Intelligence', logoUrl: 'https://logo.clearbit.com/crowdstrike.com', description: 'Actionable threat intelligence integrated into the Falcon platform, leveraging data from millions of endpoints.', strengths: ['Endpoint telemetry correlation', 'Actor-centric reporting (e.g., Bears, Pandas)', 'Highly actionable IOCs', 'Integrated into EDR'], focusAreas: ['eCrime & Ransomware', 'Nation-State Actors', 'Malware Analysis', 'Vulnerability Intelligence'], dataSources: ['Global Endpoint Telemetry', 'Incident Response', 'HUMINT', 'Dark Web'], integrations: ['CrowdStrike Falcon Platform', 'SIEM', 'SOAR'], pricingModel: 'Subscription', website: 'https://www.crowdstrike.com/products/threat-intelligence/' }, { id: 26, name: 'CrowdSec', logoUrl: 'https://logo.clearbit.com/crowdsec.net', description: 'A collaborative, open-source and community-driven threat intelligence solution that creates a global CTI network.', strengths: ['Crowd-sourced IP reputation', 'Open-source & free tier', 'Real-time blocklists', 'Lightweight agent'], focusAreas: ['Community-driven IP Reputation', 'Attack Prevention', 'Open Source Intelligence'], dataSources: ['Global network of users (community signals)'], integrations: ['Firewalls', 'Proxies', 'Cloudflare', 'Linux services'], pricingModel: 'Free Tier', website: 'https://crowdsec.net/' }, { id: 27, name: 'Cyber Intelligence House', logoUrl: 'https://logo.clearbit.com/cyberintelligencehouse.com', description: 'Provides managed threat intelligence and monitoring services, focusing on dark web, cyber exposure, and brand protection.', strengths: ['Dark web monitoring', 'Managed services', 'Cyber exposure validation', 'Brand protection'], focusAreas: ['Dark Web Monitoring', 'Cyber Exposure', 'Brand Protection', 'Threat Hunting'], dataSources: ['Dark Web', 'OSINT', 'Technical Sources'], integrations: ['SIEM', 'SOAR'], pricingModel: 'Subscription', website: 'https://cyberintelligencehouse.com/' }, { id: 7, name: 'Cybersixgill', logoUrl: 'https://logo.clearbit.com/cybersixgill.com', description: 'Automated collection of threat intelligence from the deep, dark, and clear web to help organizations pre-empt attacks.', strengths: ['Broad automated collection', 'Real-time alerting on mentions/leaks', 'Investigative portal', 'Contextual analysis'], focusAreas: ['Dark Web Monitoring', 'Brand Protection', 'Data Leak Detection', 'Threat Hunting'], dataSources: ['Dark Web Forums/Markets', 'Telegram/Discord', 'Paste Sites', 'Code Repositories'], integrations: ['SIEM', 'SOAR', 'TIP', 'GRC'], pricingModel: 'Subscription', website: 'https://www.cybersixgill.com/' }, { id: 8, name: 'Digital Shadows (ReliaQuest)', logoUrl: 'https://logo.clearbit.com/digitalshadows.com', description: 'Focuses on Digital Risk Protection, monitoring the open, deep, and dark web for risks to a client\'s business and brand.', strengths: ['Digital Risk Protection focus', 'Attack Surface Management', 'Brand Protection', 'Data Leakage detection'], focusAreas: ['Brand Exposure', 'VIP Protection', 'Data Leakage', 'Third-Party Risk'], dataSources: ['OSINT', 'Social Media', 'Dark Web', 'Mobile App Stores'], integrations: ['ReliaQuest GreyMatter', 'SIEM', 'SOAR'], pricingModel: 'Subscription', website: 'https://www.digitalshadows.com/' }, { id: 25, name: 'DomainTools', logoUrl: 'https://logo.clearbit.com/domaintools.com', description: 'Specializes in domain and DNS intelligence, crucial for mapping adversary infrastructure and proactive threat hunting.', strengths: ['Historical DNS/WHOIS data', 'Infrastructure mapping (Iris)', 'Risk scoring', 'Phishing detection'], focusAreas: ['Domain Investigations', 'Infrastructure Analysis', 'Threat Attribution'], dataSources: ['Passive DNS', 'WHOIS records', 'SSL certificates', 'Internet scanning'], integrations: ['SIEM', 'SOAR', 'TIPs (Maltego, etc.)'], pricingModel: 'Subscription', website: 'https://www.domaintools.com/' }, { id: 15, name: 'EclecticIQ', logoUrl: 'https://logo.clearbit.com/eclecticiq.com', description: 'Provides a threat intelligence platform (TIP) and curated intelligence feeds, often integrating with various sources.', strengths: ['Threat Intelligence Platform (TIP)', 'Analyst-centric workflow', 'STIX/TAXII support', 'Open source integration'], focusAreas: ['Threat Intelligence Platform', 'Custom Intelligence Feeds', 'Analyst Workflow'], dataSources: ['OSINT', 'Commercial Feeds', 'ISACs/ISAOs', 'Internal Intel'], integrations: ['SIEM', 'SOAR', 'EDR', 'Firewalls'], pricingModel: 'Subscription', website: 'https://www.eclecticiq.com/' }, { id: 4, name: 'Flashpoint', logoUrl: 'https://logo.clearbit.com/flashpoint-intel.com', description: 'Specializes in Deep & Dark Web intelligence, providing access to closed forums and illicit communities.', strengths: ['Deep & Dark Web Access', 'Card Fraud & Financial Crime Intel', 'Physical Security', 'Insider Threat'], focusAreas: ['Fraud Prevention', 'Dark Web Monitoring', 'Vulnerability Management', 'Physical Threat Intelligence'], dataSources: ['Illicit Online Communities', 'Chat Services', 'Marketplaces', 'Pastesites'], integrations: ['SIEM', 'SOAR', 'TIP'], pricingModel: 'Subscription', website: 'https://www.flashpoint-intel.com/' }, { id: 23, name: 'FortiGuard Labs (Fortinet)', logoUrl: 'https://logo.clearbit.com/fortinet.com', description: 'The threat intelligence arm of Fortinet, leveraging data from their extensive network security products to provide proactive protection.', strengths: ['Massive telemetry from Fortinet devices', 'AI-driven analysis', 'Rapid signature development', 'Zero-day research'], focusAreas: ['Malware', 'Vulnerabilities', 'Network Attacks', 'IoT Security'], dataSources: ['Global Fortinet device telemetry', 'Honeypots', 'Threat research alliances'], integrations: ['Fortinet Security Fabric'], pricingModel: 'Subscription', website: 'https://www.fortinet.com/fortiguard/labs' }, { id: 13, name: 'Group-IB', logoUrl: 'https://logo.clearbit.com/group-ib.com', description: 'Specializes in high-tech cybercrime investigations, proactive protection against digital risks, and fraud prevention.', strengths: ['High-tech crime investigation', 'Threat hunting', 'Fraud prevention', 'Digital risk protection'], focusAreas: ['High-Tech Cybercrime Investigations', 'Fraud Prevention', 'Digital Risk Protection', 'APT Tracking'], dataSources: ['Incident Response', 'HUMINT', 'Dark Web', 'Malware analysis'], integrations: ['SIEM', 'SOAR', 'TIP'], pricingModel: 'Subscription', website: 'https://www.group-ib.com/' }, { id: 12, name: 'IBM X-Force', logoUrl: 'https://logo.clearbit.com/ibm.com', description: 'IBM\'s threat intelligence sharing platform and research team, providing insights from a vast security services portfolio.', strengths: ['Extensive security services data', 'Vulnerability research', 'Long-standing research history', 'Threat sharing platform'], focusAreas: ['Strategic Intelligence', 'Vulnerability Management', 'Incident Response', 'Threat Sharing'], dataSources: ['IBM Security Services', 'Managed Security Services (MSSP) data', 'Global Sensor Network'], integrations: ['IBM QRadar', 'IBM Resilient', 'STIX/TAXII'], pricingModel: 'Subscription', website: 'https://exchange.xforce.ibmcloud.com/' }, { id: 5, name: 'Intel 471', logoUrl: 'https://logo.clearbit.com/intel471.com', description: 'Provides adversary and malware intelligence with a focus on infiltrating and observing cybercriminals in their native environments.', strengths: ['Human-driven, field-based intel', 'Cybercrime focus (malware, carding)', 'High-fidelity, near-real-time data', 'Actor-centric tracking'], focusAreas: ['Adversary Tracking', 'Malware Intelligence', 'Fraud & Financial Crime', 'Vulnerability Prioritization'], dataSources: ['Underground Forums', 'HUMINT', 'Closed Sources', 'Malware Infrastructure'], integrations: ['SIEM', 'SOAR', 'TIP'], pricingModel: 'Subscription', website: 'https://intel471.com/' }, { id: 11, name: 'Kaspersky Threat Intelligence', logoUrl: 'https://logo.clearbit.com/kaspersky.com', description: 'Deep technical research and intelligence from a globally recognized team of cybersecurity experts.', strengths: ['APT research and reporting', 'Industrial Control Systems (ICS) security', 'Reverse engineering expertise', 'Global research team'], focusAreas: ['APT Tracking', 'ICS/SCADA Security', 'Financial Threats', 'Malware Analysis'], dataSources: ['Global Research Team (GReAT)', 'Kaspersky Security Network', 'Incident Response'], integrations: ['SIEM', 'TIP', 'Kaspersky Products'], pricingModel: 'Subscription', website: 'https://www.kaspersky.com/enterprise-security/threat-intelligence' }, { id: 18, name: 'LookingGlass Cyber Solutions', logoUrl: 'https://logo.clearbit.com/lookingglasscyber.com', description: 'Provides threat intelligence-driven security, including attack surface management and threat mitigation.', strengths: ['External attack surface visibility', 'Threat actor modeling', 'Automated response', 'Global internet topology mapping'], focusAreas: ['Threat Intelligence Management', 'Attack Surface Management', 'Global Threat Landscape'], dataSources: ['Internet scans', 'OSINT', 'Proprietary sensors', 'Dark Web'], integrations: ['SIEM', 'SOAR', 'Firewalls'], pricingModel: 'Subscription', website: 'https://lookingglasscyber.com/' }, { id: 2, name: 'Mandiant (Google Cloud)', logoUrl: 'https://logo.clearbit.com/mandiant.com', description: 'Elite, consultant-led threat intelligence derived from extensive incident response engagements and research.', strengths: ['Incident response-driven intel', 'Nation-state actor tracking', 'In-depth research reports', 'Attacker methodology insights'], focusAreas: ['Incident Response', 'Threat Hunting', 'Actor Profiling', 'Strategic Intelligence'], dataSources: ['Incident Response Engagements', 'Human Intelligence (HUMINT)', 'Malware Analysis'], integrations: ['SIEM', 'SOAR', 'Google Cloud Security'], pricingModel: 'Subscription', website: 'https://www.mandiant.com/' }, { id: 10, name: 'Microsoft Defender TI', logoUrl: 'https://logo.clearbit.com/riskiq.com', description: 'Leverages Microsoft\'s massive global signal to provide threat intelligence for security teams, formerly RiskIQ.', strengths: ['Global internet visibility (Passive DNS, WHOIS)', 'Attack Surface Management', 'Vast data graph', 'Integration with Microsoft ecosystem'], focusAreas: ['Attack Surface Management', 'Threat Infrastructure Tracking', 'Brand Protection', 'Threat Hunting'], dataSources: ['Microsoft Global Telemetry', 'Internet Crawlers', 'Passive DNS', 'Certificate Transparency'], integrations: ['Microsoft Sentinel', 'Microsoft Defender', 'SIEM', 'SOAR'], pricingModel: 'Subscription', website: 'https://www.microsoft.com/en-us/security/business/threat-intelligence' }, { id: 6, name: 'Palo Alto Networks Unit 42', logoUrl: 'https://logo.clearbit.com/paloaltonetworks.com', description: 'Threat intelligence arm of Palo Alto Networks, combining data from their global network footprint with expert analysis.', strengths: ['Vast network/endpoint telemetry', 'SaaS security research', 'Cloud threat intelligence', 'Incident Response findings'], focusAreas: ['Cloud Security', 'Ransomware', 'Threat Research', 'Incident Response'], dataSources: ['Palo Alto Networks Products', 'Incident Response', 'OSINT'], integrations: ['Palo Alto Networks Ecosystem', 'SIEM', 'SOAR'], pricingModel: 'Subscription', website: 'https://www.paloaltonetworks.com/unit42' }, { id: 22, name: 'Proofpoint TAP', logoUrl: 'https://logo.clearbit.com/proofpoint.com', description: 'Leverages intelligence from email, social, and mobile vectors to protect against advanced threats and compliance risks.', strengths: ['Deep email threat visibility', 'Very Attacked People (VAP) reports', 'Threat actor profiling', 'Nexus Threat Graph'], focusAreas: ['Email Threats', 'Phishing', 'Malware', 'Threat Actor Tracking'], dataSources: ['Global email/cloud traffic', 'Social media', 'Malware sandbox analysis'], integrations: ['Proofpoint ecosystem', 'SIEM', 'SOAR'], pricingModel: 'Subscription', website: 'https://www.proofpoint.com/us/products/advanced-threat-protection/targeted-attack-protection' }, { id: 1, name: 'Recorded Future', logoUrl: 'https://logo.clearbit.com/recordedfuture.com', description: 'One of the largest commercial intelligence collections, providing real-time threat intelligence powered by machine learning.', strengths: ['Vast automated data collection', 'Real-time alerts', 'Brand intelligence', 'SecOps integration'], focusAreas: ['Vulnerability Management', 'Third-Party Risk', 'Geopolitical Risk', 'Dark Web Monitoring'], dataSources: ['OSINT', 'Dark Web', 'Technical sources', 'Forums', 'Social Media'], integrations: ['SIEM', 'SOAR', 'TIP', 'EDR'], pricingModel: 'Subscription', website: 'https://www.recordedfuture.com/' }, { id: 19, name: 'RiskRecon (Mastercard)', logoUrl: 'https://logo.clearbit.com/riskrecon.com', description: 'Primarily focused on third-party risk management and security ratings, which leverages threat intelligence.', strengths: ['Third-party risk assessment', 'Automated security ratings', 'Actionable remediation plans', 'Continuous monitoring'], focusAreas: ['Third-Party Risk Management', 'Security Ratings', 'Vendor Risk Assessment'], dataSources: ['Passive scanning', 'OSINT', 'Public data sources'], integrations: ['GRC platforms', 'Procurement systems'], pricingModel: 'Subscription', website: 'https://www.riskrecon.com/' }, { id: 20, name: 'SecurityScorecard', logoUrl: 'https://logo.clearbit.com/securityscorecard.com', description: 'Offers security ratings and continuous monitoring of an organization\'s and its vendors\' security posture.', strengths: ['Easy-to-understand A-F ratings', 'Broad coverage', 'Vendor risk management', 'Cyber insurance underwriting'], focusAreas: ['Security Ratings', 'Third-Party Risk Management', 'Cyber Risk Quantification'], dataSources: ['Global sensor network', 'Publicly available data', 'Sinkholes', 'Honeypots'], integrations: ['GRC', 'VRM', 'SIEM platforms'], pricingModel: 'Subscription', website: 'https://securityscorecard.com/' }, { id: 24, name: 'SophosLabs (Sophos)', logoUrl: 'https://logo.clearbit.com/sophos.com', description: 'Provides threat research and intelligence that underpins Sophos\'s security products, focusing on real-world attack chains.', strengths: ['Cross-product telemetry (endpoint, network, cloud)', 'Deep learning models', 'Ransomware expertise', 'Managed Threat Response (MTR) insights'], focusAreas: ['Malware Analysis', 'Ransomware', 'Endpoint Protection', 'AI in Security'], dataSources: ['Global network of Sophos products', 'Honeypots', 'Spam traps', 'Dark web'], integrations: ['Sophos ecosystem'], pricingModel: 'Subscription', website: 'https://www.sophos.com/en-us/labs' }, { id: 17, name: 'ThreatConnect', logoUrl: 'https://logo.clearbit.com/threatconnect.com', description: 'Combines threat intelligence with risk quantification and security orchestration (TIP, SOAR, RQ).', strengths: ['Combined TIP/SOAR/RQ platform', 'Risk quantification', 'Collaborative environment', 'Playbook automation'], focusAreas: ['Threat Intelligence Platform', 'Security Orchestration', 'Risk Management', 'Analyst Collaboration'], dataSources: ['OSINT', 'Commercial Feeds', 'Internal Sources', 'Malware Analysis'], integrations: ['SIEM', 'EDR', 'Vulnerability Scanners'], pricingModel: 'Subscription', website: 'https://threatconnect.com/' }, { id: 14, name: 'ZeroFox', logoUrl: 'https://logo.clearbit.com
