Threat Intelligence Platforms Tools
TIP for collecting, analyzing, and sharing cyber threat data, indicators of compromise (IOCs), and threat feeds.
Browse 413 threat intelligence platforms tools
FEATURED
USE CASES
Cybersecurity market intelligence platform for tracking competitors & funding.
Cybercrime intelligence tools for searching compromised credentials from infostealers
IP reputation & threat intel API backed by honeypot sensors and community reports.
Threat intel firm identifying human actors behind cyber threats.
Community-driven phishing URL archive operated by Cisco Talos.
Managed threat intel service using feeds, OSINT & sandboxing via 24/7 SOC.
Digital threat intel platform with 300TB+ of malware data, AI analytics & forecasting.
Network threat detection platform (product page unavailable)
API providing access to compromised identity data and threat signals
Cyber intelligence platform for threat detection and security posture mgmt
3D cyber threat visualization platform for external threat monitoring
A knowledge base of analytics developed by MITRE based on the MITRE ATT&CK adversary model.
A list of most queried domains based on passive DNS usage across the Umbrella global network.
Facilitating exchange of information and knowledge to collectively protect against cyberattacks.
A free threat intelligence feed and banlist feed of known malicious IP addresses for public use only.
Platform providing community-driven threat intelligence on cyber threats with a focus on malware and botnets.
A comprehensive list of IP addresses for cybersecurity purposes, including threat intelligence, incident response, and security research.
Freely available network IOCs for monitoring and incident response
A project focusing on understanding and combating threats to the Internet economy and net citizens.
Free cyber threat intelligence feeds for proactive threat detection
NECOMA focuses on data collection, threat analysis, and developing new cyberdefense mechanisms to protect infrastructure and endpoints.
List of publicly disclosed vulnerabilities with security filters and detailed advisories.
Threat intel platform detecting mass exploitation & recon via deception nets
Continuous threat intelligence and exposure management across dark, deep & clear web.
Threat Intelligence Platforms Tools FAQ
Common questions about Threat Intelligence Platforms tools, selection guides, pricing, and comparisons.
A threat intelligence feed provides raw indicators (IP addresses, domains, file hashes) in a data stream. A TIP aggregates multiple feeds, normalizes the data, deduplicates indicators, enriches them with context (attribution, confidence, relevance), enables analysis and correlation, and distributes actionable intelligence to security tools (SIEM, firewall, EDR). A TIP turns raw data into actionable intelligence.
