Threat Intelligence Platforms
Own feed providers / feed prep analytics centers
AvaliableN/AN/AAvaliableAvaliable
Normalization, feed deduplication
AvaliableAvaliableAvaliableAvaliableAvaliable
Number of feed suppliers out of the box
100+20-10020-100100+100+
CSV files
AvaliableAvaliableAvaliableAvaliableAvaliable
JSON files
AvaliableAvaliableAvaliableAvaliableAvaliable
HTTP-feed
AvaliableAvaliableAvaliableAvaliableN/A
Email
AvaliableAvaliableN/AAvaliableAvaliable
STIX / TAXII Standards Support
AvaliableAvaliableAvaliableAvaliableAvaliable
Unstructured text data
AvaliableN/AN/AAvaliableAvaliable
The ability to enrich data from external sources (for example, WHOis, PassiveDNS, VirusTotal, etc.)
AvaliableAvaliableAvaliableAvaliableAvaliable
Connecting additional feed providers
AvaliableAvaliableAvaliableAvaliableAvaliable
Search for matches in SIEM events
AvaliableAvaliableAvaliableAvaliableAvaliable
Direct incident response through integration with third-party information security systems
AvaliableAvaliableAvaliableAvaliableAvaliable
Responding to incidents using complex algorithms (playbooks)
N/AN/AN/AAvaliableAvaliable
REST API Integration Capability
AvaliableAvaliableAvaliableAvaliableAvaliable
Manual adjustment of “weight” parameters for feed’s
AvaliableN/AN/AN/AAvaliable
Ability to build a graph of links between feed’s objects and internal artifacts
AvaliableAvaliableN/AN/AAvaliable
Threat Intelligence Platforms
Own feed providers / feed prep analytics centers
Normalization, feed deduplication
Number of feed suppliers out of the box
CSV files
JSON files
HTTP-feed
Email
STIX / TAXII Standards Support
Unstructured text data
The ability to enrich data from external sources (for example, WHOis, PassiveDNS, VirusTotal, etc.)
Connecting additional feed providers
Search for matches in SIEM events
Direct incident response through integration with third-party information security systems
Responding to incidents using complex algorithms (playbooks)
REST API Integration Capability
Manual adjustment of “weight” parameters for feed’s
Ability to build a graph of links between feed’s objects and internal artifacts