eWEEK has started a new IT products and services section that encompasses most of the categories that we cover on our site. In it, we will spotlight the leaders in each sector, which include enterprise software, hardware, security, on-premises-based systems and cloud services. We also will add promising new companies as they come into the market.
Company: Recorded Future (threat intelligence and detection)
Company description: Recorded Future delivers threat intelligence that reveals unknown threats, such as exploit kits, before they impact customers’ businesses. Using machine learning and natural language processing (NLP), Recorded Future automatically transforms data into threat intelligence, making it easier for security teams and businesses to act quickly to protect themselves. The company’s patented technology structures and collects intelligence from a broad range of data from the open, deep and dark web. Today, it would take nearly 9,000 analysts, working 8-hour shifts, 5-days a week for 52 weeks per year, to process the same amount of security event data that Recorded Future’s machine analytics can process.
Recorded Future delivers more context than threat feeds alone – and updates in real-time so intelligence stays current – and packages information ready for human analysis or instant integration with existing security solutions. In order to maximize Recorded Future’s value, customers can also partner with its team of world-class analysts, including software engineers, data scientists, designers, linguists, and technical business people with deep expertise in information security, intelligence, analysis, and visualization.
Recorded Future also has a wide-ranging technology partner ecosystem, working to apply intelligence to every facet of security in order to help organizations to make informed, faster, and more confident decisions. The company’s robust API makes it easy to integrate Recorded Future’s machine-readable threat intelligence with a host of other security organizations, including the industry’s most adopted vulnerability management, SIEM, incident response, and SOAR solutions.
Co-founded in 2009 by Chief Executive Officer Christopher Ahlberg and Chief Technology Officer Staffan Truvé, Recorded Future is a privately held company headquartered in Somerville, Mass., with offices in McLean, Virginia; London; and Gothenburg, Sweden. Recorded Future works with businesses in 22 different industry verticals, from government and financial services to retail and airlines.
Markets: Cybersecurity, threat Intelligence; available globally
International Operations: Recorded Future has international offices in Gothenburg, Sweden, and London.
Threat Intelligence Machine: Recorded Future is the only unified threat intelligence solution that combines technical, open and Dark Web sources to automatically serve up relevant insights in real time. With 20 billion indexed facts, and more added every day, Recorded Future’s Threat Intelligence Machine makes use of machine learning and natural language processing (NLP), to continuously analyze threat data from a massive range of sources. Key features are:
- Intelligence Cards: View and interact with structured and consumable real-time threat intelligence. There are Recorded Future Intelligence Cards for indicators such as IP addresses, vulnerabilities, and malware to drive faster analysis and more confident decisions.
- Threat Views: Customize views of the threat landscape to reveal emerging attackers, methods, and indicators.
- Alerts: Alerts from Recorded Future are hugely customizable. Building from queries inside personalized workspace enables customers to be sure that when they are alerted, it’s to relevant and actionable intelligence.
- Visualization: Create visualizations that simplifies communication with relevant threat intelligence with ease. These timelines and graphs exist in real time to map how threats are trending.
- Customization: Seamlessly combine intelligence gathered from the widest breadth of available sources with other threat feeds, notes from your own threat analysts for collaboration, and finished intelligence from Recorded Future’s research team in a single solution.
Intelligence Services: Recorded Future’s threat research arm, Insikt Group, partners with customers to maximize the organization’s value from its products. This elite team is comprised of analysts, linguists, and security researchers with deep government experience—including work with the U.S. Secret Service, Federal Bureau of Investigation and National Security Agency. The combination with Recorded Future’s threat intelligence product creates an unparalleled solution for mitigating cyber risk. Key offerings are:
- Threat Landscape Summaries: Curated, weekly threat digests that include news and intelligence assessments related to customers’ organization, industry, and emerging security topics.
- On-Demand Threat Analysis: On-call threat reporting or deeper insight into a specific incident that include an executive summary, detailed analysis, technical findings, and product configurations shared to your workspace.
- Unique Research: Context on emerging or established threats, enhancing the already industry-leading breadth of sources contained in Recorded Future.
- Intelligence Card Extension: Published analyst notes that capture validated intel assessments on current events, analyses of specific malware and attack procedures, and even threat hunting leads.
Insight and Analysis: Recorded Future arms security teams with threat intelligence powered by patented machine learning to lower risk. The technology automatically collects and analyzes information from a breadth of sources and provides invaluable context that’s delivered in real time and packaged for human analysis or instant integration with existing security technology.
Pros: “One of the things we [at reviewer SC Media] really enjoy about emerging products is that from time to time we encounter something really cool that we’ve never used before. Under our tree this year we found a most interesting and, it turns out, most useful threat intelligence product, Recorded Future. We have been receiving the free Recorded Future Cyber Daily Plus reports for some time and they frame our day’s reading each morning. But for this set of reviews we got to exercise the full product and we were impressed.
“The thing that is most impressive about Recorded Future is the breadth and depth of its coverage. The landing page at first blush is way too busy but at second blush it magically organizes itself and makes perfect sense. What starts out looking like a big, disorganized table really is a set of five very well-organized columns that let you drill down into attackers, methods, targets, operations and indicators. You can scroll down each of these columns, pick something of interest and drill further to get a lot of underlying information.
“No wonder that there is so much information available. Recorded Future claims to have the world’s largest threat intelligence SaaS platform, targeting more than 750,000 sources, including forums, paste sites, blogs and social media; over 30 threat feeds; a TOR collection with hundreds of new pages added daily; code repositories and technical collections. It is a prodigious resource. All of this comes from more than seven years of collecting. That also gives a solid historical picture as well. That’s the good news.
“In addition to seeing the data, there are myriad ways to manipulate it, save it, correlate it and build full reports from it. As an experiment we downloaded a CSV file for all of the entities involved in Miniduke. By itself the report was useful. However, when we downloaded a CSV for all of Grizzly Steppe, we got a full and very complete picture of all of the indicators included in the system.”
Cons: “The not quite so good news is that to really make this tool sing, you need to spend some time with it. To make that painless, Recorded Future sends daily emails after you sign on for the first time telling you what to do next. In less than a week you’re an expert.”
Summary: “Overall, we see this tool as a “must have” for any serious threat analyst. Pricing is variable depending on configuration. In addition to the basic system, Recorded Future can integrate with a variety of third-party devices, such as SIEMs, and services such as Maltego. It has a dedicated service for addressing the Dark Web.” –– Peter Stephenson, Technology Editor, SC Media
List of current customers: Ninety-one percent of Fortune 100 companies and more than 10,000 security professionals rely on Recorded Future for threat intelligence. Customers include:
- Morgan Stanley
- Bank of America
Delivery: Recorded Future’s offerings are offered as a SaaS solution or via API.
Pricing: For this information, contact: [email protected].
Other key players in this market: McAfee, AlienVault, Flashpoint, Symantec
Contact information for potential customers:
Email: [email protected]
Phone number: 617-553-6400