Threat Management
Tools for identifying, assessing, and mitigating cyber threats across organizations.Explore 240 curated tools and resources
Search by name, description, or purpose... (⌘+K)
RELATED TASKS
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
BotScout.com provides proactive bot detection, screening, and banning through a powerful API.
BotScout.com provides proactive bot detection, screening, and banning through a powerful API.
The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.
The Trystero Project is a threat intelligence platform that measures email security efficacy and provides various tools and resources, while VMware Carbon Black offers endpoint protection and workload security solutions.
API for querying domain security information, categorization, and related data.
API for querying domain security information, categorization, and related data.
Amazon GuardDuty is a threat detection service for AWS accounts.
Amazon GuardDuty is a threat detection service for AWS accounts.
C# wrapper around Yara pattern matching library with Loki and Yara signature support.
C# wrapper around Yara pattern matching library with Loki and Yara signature support.
A container of PCAP captures mapped to the relevant attack tactic
A set of configuration files to use with EclecticIQ's OpenTAXII implementation for MISP integration.
A set of configuration files to use with EclecticIQ's OpenTAXII implementation for MISP integration.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
TIH is an intelligence tool that helps you search for IOCs across multiple security feeds and APIs.
SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.
SecurityTrails API provides access to a vast repository of historical DNS lookups, WHOIS records, hostnames, and domains for cyber forensics and investigations.
A simple, self-contained modular host-based IOC scanner for incident responders.
Create deceptive webpages to deceive and redirect attackers away from real websites by cloning them.
Create deceptive webpages to deceive and redirect attackers away from real websites by cloning them.
A comprehensive list of APT groups and operations for tracking and mapping different names and naming schemes used by cybersecurity companies and antivirus vendors.
A comprehensive list of APT groups and operations for tracking and mapping different names and naming schemes used by cybersecurity companies and antivirus vendors.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
Container of 200 Windows EVTX samples for testing detection scripts and training on DFIR.
The Cybersecurity and Infrastructure Security Agency (CISA) is a government agency that provides alerts, advisories, and resources to help protect the United States' critical infrastructure from cyber threats.
The Cybersecurity and Infrastructure Security Agency (CISA) is a government agency that provides alerts, advisories, and resources to help protect the United States' critical infrastructure from cyber threats.
CLI tool for ThreatCrowd.org with multiple query functions.
ActorTrackr is an open source web application for storing, searching, and linking threat actor intelligence data from public repositories and user contributions.
ActorTrackr is an open source web application for storing, searching, and linking threat actor intelligence data from public repositories and user contributions.
AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.
AbuseHelper is an open-source framework for receiving and redistributing abuse feeds and threat intel.
A tool for tracking, scanning, and filtering yara files with distributed scanning capabilities.
A tool for tracking, scanning, and filtering yara files with distributed scanning capabilities.
Bearded Avenger is a cybersecurity tool with various integrations and deployment instructions available.
Bearded Avenger is a cybersecurity tool with various integrations and deployment instructions available.
DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.
DNSDumpster is a domain research tool for discovering and analyzing DNS records to map an organization's attack surface.
Pulsedive is a threat intelligence platform that provides frictionless threat intelligence for growing teams, offering features such as indicator enrichment, threat research, and API integration.
Pulsedive is a threat intelligence platform that provides frictionless threat intelligence for growing teams, offering features such as indicator enrichment, threat research, and API integration.
Tools to export data from MISP MySQL database for post-incident analysis and correlation.
Tools to export data from MISP MySQL database for post-incident analysis and correlation.
Open Source Intelligence solution for threat intelligence data enrichment and quick analysis of suspicious files or malware.
Open Source Intelligence solution for threat intelligence data enrichment and quick analysis of suspicious files or malware.
Get insights into the latest cybersecurity trends and expert advice on enhancing organizational security.
Get insights into the latest cybersecurity trends and expert advice on enhancing organizational security.