The CF List: 2023's 20 Top Threat Intelligence Providers You Should Know

The bar continues to rise for threat intelligence providers as their customers become overwhelmed with the volume of raw threat information.

Threat intelligence platforms consolidate and deduplicate intelligence information, and help analysts act on findings. Services may integrate threat intelligence with other aspects of security services. Those include managed security services or managed IT infrastructure.

Our latest CF List for the second time focuses on threat intelligence providers. Analysts with Omdia, Forrester and Frost & Sullivan weighed in on threat intelligence market trends and what it takes to be a successful threat intelligence provider.

What Threat Intelligence Providers Must Offer

Frost & Sullivan’s Martin Naydenov

Martin Naydenov is senior industry analyst of cybersecurity at Frost & Sullivan. He said the pandemic accelerated the shift to remote work environments. In addition, it caused many organizations to rush their digital transformation initiatives. That led to increased risk and exposure of their digital assets.

“The increasing complexity of cyber threats and the number of attack vectors have significantly increased data points to be analyzed, leading to lots of false-positive alerts and noise from conventional cyber threat intelligence (CTI) solutions,” he said.

To reduce the noise and move beyond just indicators of compromises (IoCs), CTI providers have to offer contextualized alerts with the help of sophisticated artificial intelligence (AI) and analysis tools, Naydenov said.

More CTI vendors are increasingly adopting more digital risk protection (DRP) and external attack surface management (EASM) use cases. They’re doing so to provide more relevant data and empower organizations to act on the insights they receive.

Changing Consumption Patterns

Brian Wrozek is principal analyst of security and risk at Forrester. He said the way threat intelligence is consumed has progressed beyond simple text searches to interactive visual user interfaces. Customers can retrieve additional information, pivot to other intelligence sources, and initiative automatic actions from a single view.

Forrester’s Brian Wrozek

“An organization’s customers are influencing the threat intelligence space as well,” he said. “Customers understand that successful cyberattacks are going to happen. But they expect organizations to effectively respond and take proactive steps to protect their personally identifiable information (PII) and continuity of services. For example, if information about a pending attack or a known vulnerability is publicly available, customers expect organizations to be monitoring for this insight and to take necessary actions to reduce the risk.”

Threat intelligence provides early indication of potential attacks, Wrozek said. It also provides information regarding the tactics, techniques and procedures (TTP) used by threat actors. Organizations can then improve their incident response efforts.

Threat Intelligence Vital in Remote Work Environments

Elvia Finalle is senior analyst of security operations at Omdia, which shares a parent company with Channel Futures (Informa).

Omdia’s Elvia Finalle

“The definition of a successful security solution will continue to evolve as the work environment progresses and changes,” she said. “The abrupt move to remote work many industries experienced during the pandemic has shown that not only were companies not ready for many new cyber threats, but that they also needed to acquire a threat intelligence solution to facilitate understanding of their situation.”

Even with some portion of workers returning to work, a large portion of the workforce prefers to keep working remotely, Finalle said.

“This implies that companies will need to continue to mature their tactics and strategies to ensure the remote work environment is maintained in a healthy position,” she said.

Threat Intelligence is vital to making this process less painful for IT and security departments, Finalle said.

We’ve compiled a list above of 20 top threat intelligence providers based on analysts’ feedback and recent news reports. It’s in no particular order. The list, by no means complete, includes well-known providers. It also features lesser-known suppliers making strides in threat intelligence.