{ "authors": [ "Various" ], "category": "actor", "description": "List of threat intelligence producer from security vendors to CERTs including any producer of intelligence at large.", "name": "Producer", "source": "MISP Project", "type": "producer", "uuid": "faab7b69-c850-491a-b36c-ba48c1c03279", "values": [ { "description": "Intel 471 provides adversary and malware intelligence for leading security teams. Our adversary intelligence is focused on infiltrating access to closed sources where threat actors collaborate, communicate and plan cyber attacks. Our malware intelligence leverages our adversary intelligence and underground capabilities to provide timely data and context on malicious infrastructure.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "US", "official-refs": [ "https://intel471.com/" ], "product-type": [ "intelligence-feed-provider" ], "products": [ "Malware Intelligence", "Vulnerability Intelligence" ], "refs": [ "https://www.applytosupply.digitalmarketplace.service.gov.uk/g-cloud/services/448869643798857" ], "synonyms": [ "Intel 471 Inc.", "Intel 471" ] }, "uuid": "306bc923-3200-47e3-ade9-50ffc41f668c", "value": "Intel471" }, { "description": "Sophos Ltd. is a British-based security software and hardware company. It was listed on the London Stock Exchange until it was acquired by Thoma Bravo in February 2020", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "UK", "official-refs": [ "https://www.sophos.com/" ], "product-type": [ "antivirus-vendor" ], "products": [ "Endpoint" ], "refs": [ "https://www.sophos.com/en-us/legal" ], "synonyms": [ "Sophos LTD" ] }, "uuid": "455b9e40-e8dd-443b-87b3-c70bd09b4231", "value": "Sophos" }, { "description": "Group-IB is a creator of cybersecurity technologies to investigate, prevent and fight digital crime", "meta": { "company-type": [ "Cyber Security Vendor" ], "official-refs": [ "https://www.group-ib.com/" ], "product-type": [ "Threat Intelligence", "Attack Surface Management", "Fraud Protection", "Digital Risk Protection", "Managed XDR", "Business Email Protection" ], "products": [ "Unified Risk Platform" ], "refs": [ "https://www.group-ib.com/about-us/" ] }, "uuid": "21afba9e-cd2a-45c9-b421-b1f14fd181e9", "value": "Group-IB" }, { "description": "Mandiant is an American cybersecurity firm and a subsidiary of Google.", "meta": { "company-type": [ "Information security" ], "country": "US", "official-refs": [ "https://www.mandiant.com/" ], "product-type": [ "Proactive Exposure Management", "Government", "Digital Risk Protection", " Ransomware Protection" ], "products": [ "OpenIOC" ], "refs": [ "https://en.wikipedia.org/wiki/Mandiant" ] }, "uuid": "da5cdcd1-7b15-4371-b7eb-ca32916d2052", "value": "Mandiant" }, { "description": "Thread intelligence provider focusing on data leaks", "meta": { "country": "US", "official-refs": [ "https://spycloud.com" ], "product-type": [ "Post-Infection Remediation", "Ransomware Prevention", "Automated ATO Prevention", "Session Hijacking Prevention", "Threat Actor Attribution", "Fraud Prevention" ] }, "uuid": "ad99da77-986b-45bc-a7b0-c1887dd55b59", "value": "Spycloud" }, { "description": "DomainTools is a leading provider of Whois and other DNS profile data for threat intelligence enrichment.", "meta": { "company-type": [ "Threat Intelligence" ], "country": "US", "official-refs": [ "https://www.domaintools.com/" ], "products": [ "Iris Intelligence Platform", "Farsight DNSDB", "Threat Intelligence Feeds" ], "refs": [ "https://icannwiki.org/DomainTools" ] }, "uuid": "993c6a36-b625-4a1f-8737-72ba5a197744", "value": "Domaintools" }, { "description": "Feedly is an AI-powered news aggregator application for various web browsers and mobile devices running iOS and Android. It is also available as a cloud-based service.", "meta": { "official-refs": [ "https://feedly.com/homepage" ], "product-type": [ "Threat Intelligence" ], "refs": [ "https://en.wikipedia.org/wiki/Feedly" ] }, "uuid": "4e7c737a-4912-488a-8571-1f9226ebad05", "value": "Feedly" }, { "description": "Database of public networks, IP addresses and domain names owned by companies and organisations worldwide.", "meta": { "official-refs": [ "https://networksdb.io/" ], "refs": [ "https://twitter.com/networksdbio" ] }, "uuid": "17fec4c4-3822-4198-9735-cee04aa51305", "value": "Networksdb.io" }, { "description": "Compagny providing comprehensive dataset of internet intelligence", "meta": { "country": "US", "official-refs": [ "https://censys.com/", "https://censys.io/" ], "products": [ "Censys Search", "Exposure Management", "The Censys Internet Map", "Integrations" ] }, "uuid": "101ca178-12c8-4488-b234-93f263e30b1a", "value": "Censys" }, { "description": "DomainIQ is an internet research tool providing information about a domain name, its owner, the server it's hosted on, its ownership history, similar domains and more.", "meta": { "country": "US", "official-refs": [ "https://www.domainiq.com" ] }, "uuid": "3f79697b-63d8-4c86-aabf-84df1f03c43d", "value": "DomainIQ" }, { "description": "Computer and Network Security", "meta": { "company-type": [ "Computer and Network Security" ], "country": "FI", "official-refs": [ "https://www.arcticsecurity.com/" ], "synonyms": [ "Arctic Security" ] }, "uuid": "542f8890-128b-42ca-97f9-8fe2af7ab783", "value": "Arctic" }, { "description": "BitSight is a cybersecurity ratings company that analyzes companies, government agencies, and educational institutions.", "meta": { "country": "US", "official-refs": [ "https://www.bitsight.com" ] }, "uuid": "1e98d9ac-0ef1-4046-bf9f-7c905a56ba90", "value": "Bitsight" }, { "description": "RiskIQ, Inc. is a cyber security company that was based in San Francisco, California. It provided cloud-based software as a service (SaaS) for organizations to detect phishing, fraud, malware, and other online security threats. RiskIQ was acquired by Microsoft in July 2021.", "meta": { "company-type": [ "Cyber Security company" ], "country": "US", "official-refs": [ "https://community.riskiq.com/" ], "product-type": [ "Threat detection" ], "refs": [ "https://en.wikipedia.org/wiki/RiskIQ" ] }, "uuid": "9f279581-5514-42cd-8011-05af9787ee37", "value": "RiskIQ" }, { "description": "Sweepatic is a cybersecurity company", "meta": { "company-type": [ "Cyber Security vendor" ], "country": "BE", "official-refs": [ "https://www.sweepatic.com" ], "product-type": [ "EASM platform" ] }, "uuid": "c9bd796a-8b73-42ab-8abe-0016292f5528", "value": "Sweepatic" }, { "description": "Team Cymru is an internet security firm that offers research services making the internet a more secure place.", "meta": { "company-type": [ "Cyber Security vendor" ], "country": "US", "official-refs": [ "https://www.team-cymru.com/" ], "product-type": [ "Threat Intelligence Solutions", "Attack Surface Management Solution", "Threat Feeds" ], "products": [ "Pure Signal™ Recon", "Pure Signal™ Scout", "Pure Signal™ Orbit", "IP Reputation Feed", "Controller Feed", "Botnet Analysis & Reporting" ] }, "uuid": "8a22c0b2-d05f-4142-ab74-ffdf38fe4758", "value": "Team Cymru" }, { "description": "G Data CyberDefense AG (until September 2019 G Data Software AG) is a German software company that focuses on computer security.", "meta": { "company-type": [ "Computer software" ], "country": "DE", "official-refs": [ "https://www.gdata-software.com", "https://www.gdatasoftware.co.uk" ], "product-type": [ "Antivirus software", "Mobile Device Management" ], "products": [ "AntiVirus", "InternetSecurity", "TotalSecurity", "AntiVirus for Mac", "AntiVirus Business", "AntiVirus Enterprise", "ClientSecurity Business", "ClientSecurity Enterprise", "EndpointProtection Business", "EndpointProtection Enterprise", "MailSecurity", "PatchManagement", "Mobile Security", "VPN" ], "refs": [ "https://en.wikipedia.org/wiki/G_Data_CyberDefense" ], "synonyms": [ "GDATA", "G Data CyberDefense AG", "G Data Software AG" ] }, "uuid": "2b69f676-c875-4000-8350-5f162e69d908", "value": "G DATA" }, { "description": "Sekoia.io is a European cybersecurity SAAS company, whose mission is to develop the best protection capabilities against cyber attacks.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "FR", "official-refs": [ "https://www.sekoia.io" ], "product-type": [ "eXtended Detection and Response SaaS platform" ], "products": [ "SIEM RELOADED | Sekoia Defend", "CTI RELOADED" ] }, "uuid": "6c9ef130-7cf6-4eeb-9e65-46228fc5e30c", "value": "Sekoia" }, { "description": "Excellium Services Group is a cyber-security consulting and technology Integration Company established since 2012 in Luxemburg and Belgium, with activities and in France and Africa.", "meta": { "company-type": [ "Cyber-security consulting and technology Integration Company", "CSIRT" ], "country": "LU", "official-refs": [ "https://excellium-services.com" ], "product-type": [ "CERT-XLM", "SOC", "GDPR Services", "Information Security Governance", "Intrusion Tests – Red Team (Application Security Team)", "Network & Security Infrastructure", "Training" ], "products": [ "EyeGuard", "EyeTools", "EyeDeep", "EyeTLD", "EyeNotify" ] }, "uuid": "73ae2776-3700-4120-84ae-7e9785e6071b", "value": "Excellium" }, { "description": "Telindus is a brand of Proximus Luxembourg SA. Founded in 1979, Telindus Luxembourg accompanies all organizations in their digital transformation, by providing holistic ICT & Telecommunication solutions, as well as tailored support services. Our areas of expertise include Telecommunication Services, ICT Infrastructure, Multi-Cloud, Digital Trust Solutions, Cybersecurity, Business Applications, Managed Services and Training.", "meta": { "company-type": [ "Service Provider" ], "country": "LU", "official-refs": [ "https://www.telindus.lu/en" ], "product-type": [ "Ethical Hacking", "Infrastructure Security", "Managed Security Services", "Protection, Detection and Orchestration", "Security Operations Center", "Strategy, risk, management and advice", "ICT solutions", "Telecoms", "Cloud" ] }, "uuid": "4155eec3-fae2-4e80-a9a6-89b0f976851a", "value": "Telindus" }, { "description": "Bleeping Computer is a website covering technology news and offering free computer help via its forums that was created by Lawrence Abrams in 2004. It publishes news focusing heavily on cybersecurity, but also covers other topics including computer software, computer hardware, operating system and general technology.", "meta": { "company-type": [ "Technology news and computer help" ], "country": "US", "official-refs": [ "https://www.bleepingcomputer.com/" ], "product-type": [ "Security and Technology Blog Posts" ], "refs": [ "https://en.wikipedia.org/wiki/Bleeping_Computer" ] }, "uuid": "ec3fb9b0-4f24-4099-ad48-3e8f68e88275", "value": "BleepingComputer" }, { "description": "Cisco Talos, or Cisco Talos Intelligence Group, is a cybersecurity technology and information security company based in Fulton, Maryland. It is a part of Cisco Systems Inc. Talos' threat intelligence powers Cisco Secure products and services, including malware detection and prevention systems. Talos provides Cisco customers and internet users with customizable defensive technologies and techniques through several of their own open-source products, including the Snort intrusion prevention system and ClamAV[3] anti-virus engine", "meta": { "country": "US", "refs": [ "https://talosintelligence.com/", "https://blog.talosintelligence.com/" ], "synonyms": [ "Cisco Talos" ] }, "uuid": "0adf6f0f-3795-4de1-9763-1bdd1c31a5d7", "value": "Cisco Talos Intelligence Group" }, { "description": "Headquartered in The Hague, the Netherlands, Europol’s mission is to support its Member States in preventing and combating all forms of serious international and organised crime, cybercrime and terrorism. Europol also works with many non-EU partner states and international organisations.", "meta": { "country": "NL", "official-refs": [ "https://www.europol.europa.eu/" ] }, "uuid": "f6eae887-7ee4-4999-a909-5eef291c40cc", "value": "Europol" }, { "description": "ESET, s.r.o., is a software company specializing in cybersecurity. ESET's security products are made in Europe and provide security software in over 200 countries and territories worldwide. Its software is localized into more than 30 languages. The company was founded in 1992 in Bratislava, Slovakia.", "meta": { "country": "SK", "official-refs": [ "https://www.eset.com", "https://www.welivesecurity.com" ] }, "uuid": "3a43aca5-6366-4168-b182-a8afec4550b5", "value": "ESET" }, { "description": "Tencent is a world-leading internet and technology company that develops innovative products and services to improve the quality of life of people around the world. Founded in 1998 with its headquarters in Shenzhen, China, Tencent's guiding principle is to use technology for good. Our communication and social services connect more than one billion people around the world, helping them to keep in touch with friends and family, access transportation, pay for daily necessities, and even be entertained. Tencent also publishes some of the world's most popular video games and other high-quality digital content, enriching interactive entertainment experiences for people around the globe. Tencent also offers a range of services such as cloud computing, advertising, FinTech, and other enterprise services to support our clients' digital transformation and business growth. Tencent has been listed on the Stock Exchange of Hong Kong since 2004.", "meta": { "country": "CN", "official-refs": [ "https://www.tencent.com", "https://mp.weixin.qq.com" ] }, "uuid": "62e24285-103e-404e-b070-8b7fe59f5767", "value": "Tencent" }, { "description": "Kaspersky Lab (/kæˈspɜːrski/; Russian: Лаборатория Касперского, romanized: Laboratoriya Kasperskogo) is a Russian multinational cybersecurity and anti-virus provider headquartered in Moscow, Russia, and operated by a holding company in the United Kingdom. It was founded in 1997 by Eugene Kaspersky, Natalya Kaspersky and Alexey De-Monderik. Kaspersky Lab develops and sells antivirus, internet security, password management, endpoint security, and other cybersecurity products and services.", "meta": { "country": "RU", "official-refs": [ "https://www.kaspersky.com", "https://securelist.com" ], "synonyms": [ "Kaspersky Lab", "Лаборатория Касперского" ] }, "uuid": "0d4886f9-97e1-4cb2-8822-580fd09540e5", "value": "Kaspersky" }, { "description": "Palo Alto Networks, Inc. is an American multinational cybersecurity company with headquarters in Santa Clara, California. The core product is a platform that includes advanced firewalls and cloud-based offerings that extend those firewalls to cover other aspects of security. The company serves over 70,000 organizations in over 150 countries, including 85 of the Fortune 100. It is home to the Unit 42 threat research team and hosts the Ignite cybersecurity conference.", "meta": { "country": "US", "official-refs": [ "https://www.paloaltonetworks.com", "https://unit42.paloaltonetworks.com" ], "synonyms": [ "Palo Alto Networks", "Palo Alto Unit 42" ] }, "uuid": "e9491d3b-2174-47d6-8a15-ecec552d16ae", "value": "Palo Alto" }, { "description": "Trend Micro Inc. (トレンドマイクロ株式会社, Torendo Maikuro Kabushiki-Gaisha) is an American-Japanese cyber security software company. The company has globally dispersed R&D in 16 locations across every continent excluding Antarctica. The company develops enterprise security software for servers, containers, & cloud computing environments, networks, and end points.", "meta": { "country": "JP", "official-refs": [ "https://www.trendmicro.com" ], "synonyms": [ "トレンドマイクロ株式会社" ] }, "uuid": "3ac8f6fc-9c04-4ebd-bda2-788cc02fe4ed", "value": "Trend Micro" }, { "description": "AhnLab, Inc. offers industry-leading cyber security solutions and services for consumers, enterprises, and small and medium-sized businesses worldwide. Founded in 1995, AhnLab provides comprehensive protection for endpoint, cloud, network, and other services. With its headquarters in South Korea, the most wired country in the world, AhnLab has become a leading innovator of dynamic security solutions that counter cyber threats.", "meta": { "country": "KR", "official-refs": [ "https://www.ahnlab.com" ] }, "uuid": "38847e35-166f-4025-a4bb-3e543058e353", "value": "AhnLab" }, { "description": "Check Point Software Technologies Ltd. is an American-Israeli multinational provider of software and combined hardware and software products for IT security, including network security, endpoint security, cloud security, mobile security, data security and security management.", "meta": { "country": "IL", "official-refs": [ "https://www.checkpoint.com" ], "synomyms": [ "Check Point Software Technologies Ltd.", "Check Point Software" ] }, "uuid": "adb3369a-5683-46b2-bceb-4dafa6526b21", "value": "Check Point" }, { "description": "The Computer Emergency Response Team of Ukraine (CERT-UA) is a specialized structural unit of the State Center for Cyber Defense of the State Service for Special Communications and Information Protection of Ukraine.", "meta": { "country": "UA", "official-refs": [ "https://cert.gov.ua" ] }, "uuid": "b06fe596-eaa5-434a-88b8-5b21b1c8b60f", "value": "CERT-UA" }, { "description": "Avast Software s.r.o. is a Czech multinational cybersecurity software company headquartered in Prague, Czech Republic, that researches and develops computer security software, machine learning, and artificial intelligence.", "meta": { "country": "CZ", "official-refs": [ "https://www.avast.com" ] }, "uuid": "0a93886e-a0e8-4972-991d-9935bf6c1565", "value": "Avast" }, { "description": "The Cybersecurity and Infrastructure Security Agency (CISA) is a component of the United States Department of Homeland Security (DHS) responsible for cybersecurity and infrastructure protection across all levels of government, coordinating cybersecurity programs with U.S. states, and improving the government's cybersecurity protections against private and nation-state hackers.", "meta": { "country": "US", "official-refs": [ "https://www.cisa.gov", "https://www.us-cert.gov" ], "synonyms": [ "Cybersecurity and Infrastructure Security Agency" ] }, "uuid": "7aa10919-06fd-46ec-88b8-e1cbf60f955c", "value": "CISA" }, { "description": "JPCERT/CC is the first CSIRT (Computer Security Incident Response Team) established in Japan. The organization coordinates with network service providers, security vendors, government agencies, as well as the industry associations. As such, it acts as a 'CSIRT of CSIRTs' in the Japanese community. In the Asia Pacific region, JPCERT/CC helped form APCERT (Asia Pacific Computer Emergency Response Team) and provides a secretariat function for APCERT. Globally, as a member of the Forum of Incident Response and Security Teams (FIRST), JPCERT/CC cooperates with the trusted CSIRTs worldwide.", "meta": { "country": "JP", "official-refs": [ "https://www.jpcert.or.jp" ], "synonyms": [ "JPCERT/CC" ] }, "uuid": "3caca164-4600-42a2-b2f0-7a552a66e7b6", "value": "JPCERT" }, { "description": "Proofpoint, Inc. is an American enterprise cybersecurity company based in Sunnyvale, California that provides software as a service and products for email security, identity threat defense, data loss prevention, electronic discovery, and email archiving.", "meta": { "country": "US", "official-refs": [ "https://www.proofpoint.com/" ] }, "uuid": "cae79680-67a6-4411-903c-f824dbcc813f", "value": "Proofpoint" }, { "description": "Qihoo 360 (Chinese: 奇虎 360; pinyin: Qíhǔ Sānliùlíng; approximate pronunciation CHEE-hoo), full name 360 Security Technology Inc., is a Chinese internet security company that has developed the antivirus software programs 360 Safeguard and 360 Mobile Safe, the Web browser 360 Secure Browser, and the mobile application store 360 Mobile Assistant.", "meta": { "country": "CN", "official-refs": [ "https://www.360.cn/" ] }, "uuid": "28bceaef-f6ab-418b-ac5b-7e4089a808b5", "value": "Qihoo 360" }, { "description": "Bitdefender provides cybersecurity solutions with leading security efficacy, performance and ease of use to small and medium businesses, mid-market enterprises and consumers.", "meta": { "country": "RO", "official-refs": [ "https://www.bitdefender.com/" ] }, "uuid": "1c141c9b-ec78-4f86-a8ea-b02944fa5492", "value": "Bitdefender" }, { "description": "Avira Operations GmbH & Co. KG is a German multinational computer security software company mainly known for its Avira Free Security antivirus software. Since 2021, Avira has been owned by American software company NortonLifeLock (now Gen Digital), which also operates Norton, Avast and AVG. It was previously owned by investment firm Investcorp.", "meta": { "country": "DE", "official-refs": [ "https://www.avira.com" ] }, "uuid": "e5964f36-7644-4f73-bdfd-f24d9e006656", "value": "Avira" }, { "description": "Cloudflare, Inc. is an American company that provides content delivery network services, cloud cybersecurity, DDoS mitigation, wide area network services, reverse proxies, Domain Name Service, and ICANN-accredited domain registration services. Cloudflare's headquarters are in San Francisco, California.", "uuid": "a0a87034-b8ff-4991-9ae1-e650a43292ef", "value": "Cloudflare" }, { "description": "Recorded Future, Inc. is an American privately held cybersecurity company founded in 2009, with headquarters in Somerville, Massachusetts.", "meta": { "company-type": "Cyber Security Vendor", "country": "US", "official-refs": [ "https://www.recordedfuture.com/" ], "product-type": [ "Digital Risk Protection", "Threat Intelligence", "Exposure Management", "Threat Intelligence Feeds" ], "products": [ "Threat Intelligence", "Brand Intelligence", "SecOps Intelligence", "Vulnerability Intelligence", "Third-Party Intelligence", "Geopolitical Intelligence", "Attack Surface Intelligence", "Identity Intelligence", "Payment Fraud Intelligence", "Analyst On Demand" ], "refs": [ "https://en.wikipedia.org/wiki/Recorded_Future", "https://www.recordedfuture.com/resources" ], "synonyms": [ "Recorded Future, Inc", "Insikt Group" ] }, "uuid": "ad7032df-0e9a-4ea9-b35c-c68ff854be80", "value": "Recorded Future" }, { "description": "Cyble empowers organizations to take control of their cyber risks with AI-driven, cybersecurity platforms.", "meta": { "company-type": "Cyber Security Vendor", "country": "US", "official-refs": [ "https://cyble.com/" ], "product-type": [ "Digital Risk Protection", "Threat Intelligence", "Exposure Management" ], "products": [ "Cyble Vision", "Cyble Hawk", "AmIBreached", "Odin", "The Cyber Express" ], "refs": [ "https://cyble.com/resources/", "https://thecyberexpress.com/" ], "synonyms": [ "The Cyber Express" ] }, "uuid": "43e3e0a8-a12d-450a-8f2d-94915123549c", "value": "Cyble" }, { "description": "CYFIRMA is a threat discovery and cyber-intelligence company with the world’s first platform that can deliver predictive cyber-intelligence", "meta": { "company-type": "Cyber Intelligence Provider", "country": "SG", "official-refs": [ "https://www.cyfirma.com/" ], "product-type": [ "Threat Intelligence", "Digital Risk Protection", "Mobile App" ], "products": [ "DeCYFIR", "DeTCT", "DeFNCE" ], "refs": [ "https://www.cyfirma.com/research/", "https://golden.com/wiki/CYFIRMA-K46ZYP8" ] }, "uuid": "9d804c53-f307-421c-9f4d-41061c7eee62", "value": "Cyfirma" }, { "description": "SentinelOne, Inc. is an American cybersecurity company listed on NYSE based in Mountain View, California.", "meta": { "company-type": "Cyber Security Vendor", "country": "US", "official-refs": [ "https://www.sentinelone.com/" ], "product-type": [ "Endpoint Protection", "Endpoint Detection Response", "Deception Technology" ], "products": [ "Singularity Platform", "Singularity Identity", "Singularity Hologram" ], "refs": [ "https://www.sentinelone.com/labs/" ], "synonyms": [ "Sentinel One" ] }, "uuid": "996c48de-7bb8-414d-b6fe-ec94abb5f461", "value": "SentinelOne" }, { "description": "Fortinet, Inc. is a cybersecurity company with headquarters in Sunnyvale, California. The company develops and sells security solutions like firewalls, endpoint security and intrusion detection systems.", "meta": { "company-type": "Cyber Security Vendor", "country": "US", "official-refs": [ "https://www.fortinet.com/" ], "product-type": [ "Firewall", "Application delivery controller", "SOAR", "Web application firewall / API security", "Network security platform" ], "products": [ "FortiADC", "FortiAnalyzer", "FortiAuthenticator", "FortiCASB", "FortiClient", "FortiEDR", "FortiCNP", "FortiDDos", "FortiDeceptor", "FortiExtender", "FortiGate", "FortiIsolator", "FortiMail", "FortiManager", "FortiNAC", "FortiPAM", "FortiSandbox", "FortiSIEM", "FortiSASE", "FortiSOAR", "FortiSwitch", "FortiTester", "FortiToken", "FortiVoice", "FortiWeb" ], "refs": [ "https://en.wikipedia.org/wiki/Fortinet", "https://www.fortinet.com/blog/threat-research" ] }, "uuid": "bfafdca5-3171-4953-86ab-c74f44822fd3", "value": "Fortinet" }, { "description": "Zscaler, Inc. (/ˈziːˌskeɪlər/) is an American cloud security company based in San Jose, California. The company offers cloud-based services to protect enterprise networks and data.", "meta": { "company-type": "Cyber Security Vendor", "country": "US", "official-refs": [ "https://www.zscaler.com/" ], "product-type": [ "Secure Web Gateway", "SASE", "VPN", "CASB", "DLP" ], "products": [ "Zscaler Internet Access", "Zscaler Private Access", "Zscaler Digital Experience", "Zscaler Zero Trust Exchange" ], "refs": [ "https://www.zscaler.com/blogs?type=security-research", "https://en.wikipedia.org/wiki/Zscaler" ] }, "uuid": "1427d7df-a9b8-4809-afe0-1180cfdd930d", "value": "Zscaler" }, { "description": "Splunk Inc. is an American software company based in San Francisco, California, that produces software for searching, monitoring, and analyzing machine-generated data via a web-style interface.", "meta": { "company-type": "Cyber Security Vendor", "country": "US", "product-type": [ "SIEM", "Observability", "SOAR", "UEBA" ], "products": [ "Splunk Enterprise Security", "Splunk ITSI", "Splunk SOAR", "Splunk Observability Cloud", "Splunk UEBA" ], "refs": [ "https://www.splunk.com/", "https://www.splunk.com/en_us/blog/security.html", "https://en.wikipedia.org/wiki/Splunk" ] }, "uuid": "7acb73f9-83c8-4a1d-88e5-873bad8659fa", "value": "Splunk" }, { "description": "Huntress Labs Incorporated operates as a security software solution provider. The Company provides managed threat detection and response services to uncover, address persistent footholds that prevent defenses. Huntress Labs serves customers in the United States.", "meta": { "company-type": "Cyber Security Vendor", "country": "US", "official-refs": [ "https://www.huntress.com/" ], "product-type": [ "Managed Security", "Endpoint Detection Response", "Security Awareness Training" ], "products": [ "Managed EDR", "MDR for Microsoft 365", "Security Awareness Training", "Managed SIEM" ], "refs": [ "https://www.huntress.com/", "https://www.huntress.com/blog" ] }, "uuid": "9bfc59a7-ab20-4ef0-8034-871956d4a9cc", "value": "Huntress" }, { "description": "A brand of enterprise security software purchased by Broadcom Inc. in August 2019", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "US", "official-refs": [ "https://www.broadcom.com/products/cybersecurity" ], "product-type": [ "Endpoint Protection Platform" ], "products": [ "Symantec Enterprise Cloud" ], "refs": [ "https://en.wikipedia.org/wiki/Symantec", "https://symantec-enterprise-blogs.security.com/threat-intelligence" ] }, "uuid": "e583434b-7fb8-42c8-90ce-89aa8ed35f0c", "value": "Symantec" }, { "description": "Microsoft Corporation is an American multinational corporation and technology company headquartered in Redmond, Washington.", "meta": { "company-type": [ "Information Technology" ], "country": "US", "official-refs": [ "https://www.microsoft.com/" ], "product-type": [ "Software", "Cybersecurity", "Services", "Cloud" ], "products": [ "Microsoft 365", "Azure", "Microsoft Defender" ], "refs": [ "https://www.microsoft.com/", "https://en.wikipedia.org/wiki/Microsoft", "https://www.microsoft.com/en-us/security/blog/topic/threat-intelligence/" ] }, "uuid": "d0c33595-b684-45ef-91c3-e2f5ce1a8191", "value": "Microsoft" }, { "description": "Part of the SANS Technology Institute, the Internet Storm Center (ISC) stands as a beacon of vigilance and resilience in the ever-evolving landscape of cybersecurity.", "meta": { "official-refs": [ "https://isc.sans.edu/about.html" ], "product-type": [ "Honeypot", "Blogs" ], "products": [ "DShield Honeypot", "Diaries" ], "refs": [ "https://isc.sans.edu/about.html", "https://isc.sans.edu/diary/" ] }, "uuid": "487d8f34-37fa-42de-8afe-45fb771d2e77", "value": "SANS Internet Storm Center (ISC)" }, { "description": "CloudSEK is a contextual AI company that predicts Cyber Threats. Combining the power of Cyber,Brand & Attack Surface monitoring to give context to Digital Risk.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "IN", "official-refs": [ "https://www.cloudsek.com/" ], "product-type": [ "Digital Risk Protection", "Exposure Management", "Threat Intelligence" ], "products": [ "XVigil", "BeVigil Enterprise", "SVigil", "BeVigil Community", "Exposure" ], "refs": [ "https://www.cloudsek.com/", "https://www.cloudsek.com/blog" ] }, "uuid": "641ee81f-4899-412c-b54a-9152c1bed6ac", "value": "CloudSEK" }, { "description": "Netskope, a global SASE leader, helps organizations apply zero trust principles and AI/ML innovations to protect data and defend against cyber threats.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "US", "official-refs": [ "https://www.netskope.com/" ], "product-type": [ "Secure Access Service Edge (SASE)" ], "products": [ "Security Service Edge (SSE)", "Next Gen Secure Web Gateway (SWG)", "Cloud Access Security Broker (CASB)", "ZTNA Next", "SkopeAI" ], "refs": [ "https://www.netskope.com/blog/category/netskope-threat-labs", "https://www.linkedin.com/company/netskope/" ] }, "uuid": "f760cfbc-c124-4348-8e68-28cef2fbc4a5", "value": "Netskope" }, { "description": "Real Intrusions by Real Attackers, The Truth Behind the Intrusion", "meta": { "company-type": [ "Cyber Security Vendor" ], "official-refs": [ "https://thedfirreport.com/" ], "product-type": [ "Threat Intelligence", "Mentoring & Coaching Program" ], "products": [ "Threat Intelligence" ], "refs": [ "https://thedfirreport.com/" ], "synonyms": [ "thedfirreport", "The DFIR Report" ] }, "uuid": "d0ccd0d7-c30b-4e02-ac31-980cfecef085", "value": "The DFIR Report" }, { "description": "American cybersecurity technology company founded in 2012.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "US", "official-refs": [ "https://www.cybereason.com/" ], "product-type": [ "Anti Virus", "EDR", "Managed Services", "Professional Services" ], "products": [ "Cybereason Enterprise", "Cybereason Enterprise Advanced", "Cybereason Enterprise Complete", "The MALOP", "SIEM Detection and Response" ], "refs": [ "https://www.cybereason.com/blog" ] }, "uuid": "9ceb85a0-8218-43a2-8067-02cd1136e826", "value": "Cybereason" }, { "description": "Silent Push was founded to transform the way organizations across the world track, monitor and counteract global threat activity.", "meta": { "company-type": [ "Cyber Security Vendor" ], "official-refs": [ "https://www.silentpush.com/" ], "product-type": [ "Threat Hunting", "Brand Protection" ], "products": [ "Threat Hunting", "Brand Protection" ], "refs": [ "https://www.silentpush.com/blog/" ] }, "uuid": "af60a8d8-3bee-47cc-9d6e-3d57bfc8153e", "value": "Silent Push" }, { "description": "Any.run provides a sandbox environment where users can monitor, analyze, and detect cybersecurity threats.", "meta": { "company-type": [ "Cyber Security Vendor" ], "official-refs": [ "https://any.run/" ], "product-type": [ "Malware Analysis Platform" ], "products": [ "Sandbox", "Threat Intelligence" ], "refs": [ "https://any.run/cybersecurity-blog/" ], "synonyms": [ "ANYRUN FZCO", "Any Run" ] }, "uuid": "a3cce817-44df-4f61-bcfe-a2b52a86afd7", "value": "ANY.RUN" }, { "description": "Aqua Security is the pioneer in securing containerized cloud native applications from development to production. Aqua's full lifecycle solution prevents attacks by enforcing pre-deployment hygiene and mitigates attacks in real time in production, reducing mean time to repair and overall business risk", "meta": { "company-type": [ "Cyber Security Vendor" ], "official-refs": [ "https://www.aquasec.com/" ], "product-type": [ "CNAPP", "Code Security", "Runtime Security", "Posture Management" ], "products": [ "Aqua CNAPP" ], "refs": [ "https://www.aquasec.com/blog/" ] }, "uuid": "f077b758-84b5-45c6-95c6-9f05de4de993", "value": "Aquasec" }, { "description": "Qualys, Inc. is an American technology firm based in Foster City, California, specializing in cloud security, compliance and related services.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "US", "official-refs": [ "https://www.qualys.com/" ], "product-type": [ "Attack Surface Management", "Vulnerability Management", "Compliance", "Threat Detection & Response" ], "products": [ "CSAM", "EASM", "Enterprise TruRisk Management", "TotalAI", "VMDR", "WAS", "TruRisk Eliminate" ], "refs": [ "https://blog.qualys.com/" ] }, "uuid": "679214bc-88d3-4c1d-a6bd-41f98ee97be3", "value": "Qualys" }, { "description": "Zimperium, Inc. is a privately owned mobile security company based in the United States and headquartered in Dallas, Texas.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "US", "official-refs": [ "https://www.zimperium.com/" ], "product-type": [ "Mobile Endpoint Security", "Threat Intelligence", "Mobile Application Security" ], "products": [ "Zimperium MTD", "Mobile App Protection Suite (MAPS)", "Advanced Threat Insights" ], "refs": [ "https://www.zimperium.com/blog/" ] }, "uuid": "a9691984-44bf-46e9-98bb-dd9e94afc7e2", "value": "Zimperium" }, { "description": "Intezer's Genetic Malware Analysis technology enables security teams to automate memory and file analysis", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "IL", "official-refs": [ "https://intezer.com/" ], "product-type": [ "Malware Analysis Platform", "Integration" ], "refs": [ "https://intezer.com/blog/" ] }, "uuid": "ac46bac7-e7b5-4efe-8f32-b79e9015ab86", "value": "Intezer" }, { "description": "Forcepoint is an American multinational corporation software company headquartered in Austin, Texas, that develops computer security software and data protection, cloud access security broker, firewall and cross-domain solutions.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "US", "official-refs": [ "https://en.wikipedia.org/wiki/Forcepoint" ], "product-type": [ "Security Service Edge (SSE)", "DLP" ], "products": [ "Forcepoint ONE", "DPSM" ], "refs": [ "https://www.forcepoint.com/blog/x-labs" ] }, "uuid": "2aeec940-ae33-430f-837d-167a5a63e448", "value": "Forcepoint" }, { "description": "Elastic NV is an American-Dutch software company that provides self-managed and software as a service (SaaS) offerings for search, logging, security, observability, and analytics use cases.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "US", "official-refs": [ "https://www.elastic.co/" ], "product-type": [ "SIEM", "Observability", "Generative AI" ], "products": [ "Elasticsearch", "Logstash", "Kibana", "Search AI Lake" ], "refs": [ "https://www.elastic.co/security-labs" ], "synonyms": [ "Elasticsearch", "elasticseclabs" ] }, "uuid": "58d7efca-402a-4b36-9178-dc14e52f12e5", "value": "Elastic" }, { "description": "Infoblox, is a privately held IT automation and security company based in California's Silicon Valley.", "meta": { "company-type": [ "Computer networking and Cyber Security Vendor" ], "country": "US", "official-refs": [ "https://www.infoblox.com/" ], "product-type": [ "Networking", "Security" ], "products": [ "Universal DDI", "Infoblox Threat Defense", "DNS Security" ], "refs": [ "https://blogs.infoblox.com/threat-intelligence/" ] }, "uuid": "4ace5901-f3d2-434e-bb4f-6892d9c3f765", "value": "Infoblox" }, { "description": "Akamai Technologies, Inc. is an American delivery company that provides content delivery network(CDN), cybersecurity, DDoS mitigation, and cloud services.", "meta": { "company-type": [ "IT Company (CDN, Cybersecurity)" ], "country": "US", "official-refs": [ "https://www.akamai.com/" ], "product-type": [ "Content Delivery Network", "Security", "Cloud Computing" ], "products": [ "Ion", "API Acceleration", "Akamai Guardicore Platform" ], "refs": [ "https://www.akamai.com/blog/security/" ] }, "uuid": "be3d8ada-45a2-43e7-83f3-2b49d6921826", "value": "Akamai" }, { "description": "Sucuri is a content distribution network service (CDN) provider that helps websites to load faster while increasing their resilience to intrusions from malware, DDoS attacks, and hacker activity. Users can easily monitor the performance and safety of their websites using the Sucuri WordPress plugin and the company offers multiple caching options to suit numerous different types of websites.", "meta": { "official-refs": [ "https://sucuri.net/" ], "product-type": [ "CDN", "WAF" ], "refs": [ "https://blog.sucuri.net/" ] }, "uuid": "59774d9f-8578-48d5-9c7a-2fc79b7217e4", "value": "Sucuri" }, { "description": "Volexity is a Washington, D.C.-based cyber security firm with a global reach.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "US", "official-refs": [ "https://www.volexity.com/" ], "product-type": [ "Memory analysis solution", "Memory acquisition solution", "Incident Response", "Threat Intelligence" ], "products": [ "Volcano", "Surge" ], "refs": [ "https://www.volexity.com/blog/" ] }, "uuid": "c2f76813-f24c-450e-abfd-0db4495ab68e", "value": "Volexity" }, { "description": "Rapid7 Inc (Rapid7) offers data security and analytics solutions. It offers products such as insightVM, nexpose, metasploit, appspider, insightAppSec, insightIDR and insightOps. The company offers services including advisory services, penetration testing services, IoT security testing services, vulnerability management services, incident detection, and response services. Rapid7 also provides various solutions including vulnerability management, penetration testing solutions, web application security testing, IT operations, user behavior analytics (UBA), Siem, consulting services, and managed security services.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "US", "official-refs": [ "https://www.rapid7.com/" ], "product-type": [ "Vulnerability Management", "SIEM", "Threat Intelligence", "Application Security Testing", "Attack Surface Management", "Exposure Management" ], "products": [ "InsightVM", "InsightIDR", "Threat Command", "InsightAppSec", "Surface Command", "Exposure Command", "InsightCloudSec" ], "refs": [ "https://www.rapid7.com/blog/" ] }, "uuid": "adc57f66-9910-4500-a16b-311cd4f08409", "value": "Rapid7" }, { "description": "Outpost24 empowers organizations to achieve cyber resilience with a complete range of continuous threat exposure management (CTEM) solutions.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "SE", "official-refs": [ "https://outpost24.com/" ], "product-type": [ "Exposure Management", "Attack Surface Management", "Web Application Security Testing", "Threat Intelligence", "Vulnerability Management", "AD Security" ], "products": [ "Exposure Management", "Sweepatic", "SWAT", "Threat Compass", "Outscan NX", "Specops Software" ], "refs": [ "https://outpost24.com/blog/category/research-and-threat-intel/" ] }, "uuid": "7c5ef04a-8077-4f62-aa35-b03e67f1816d", "value": "Outpost24" }, { "description": "IT security blog focusing on malware forensics, dynamic and static analysis, as well as automated malware analysis techniques.", "meta": { "country": "DE", "product-type": [ "Sandbox" ], "products": [ "Falcon Sandbox" ], "refs": [ "https://hybrid-analysis.blogspot.com/" ], "synonyms": [ "hybrid-analysis", "HYBRID ANALYSIS GMBH" ] }, "uuid": "aefbf8b0-b66f-4ddc-9803-60ac3f69b276", "value": "Hybrid Analysis" }, { "description": "Morphisec provides a proactive security solution for workstations, virtual desktops, and server workloads to prevent cyberattacks.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "IL", "official-refs": [ "https://www.morphisec.com/" ], "product-type": [ "Exposure Management", "EDR", "Incident Response" ], "products": "Morphisec Anti-Ransomware Assurance Suite", "refs": [ "https://blog.morphisec.com/" ] }, "uuid": "7730e25a-1626-4858-bd1f-1f19fbd89b4a", "value": "Morphisec" }, { "description": "HarfangLab, as part of its business as a supplier EDR (Endpoint Detection and Response)", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "FR", "official-refs": [ "https://harfanglab.io/" ], "product-type": [ "EDR", "EPP" ], "products": [ "HarfangLab EDR", "HarfangLab EPP" ], "refs": [ "https://harfanglab.io/insidethelab/" ] }, "uuid": "68ece781-df17-40f2-ad47-24383df71d73", "value": "HarfangLab" }, { "description": "Hunt.io is a service that provides threat intelligence data about observed network scanning and cyberattacks. This data is collected by a worldwide distributed network of sensors. All interactions with sensors are registered, analyzed, and used to create network host profiles.", "meta": { "company-type": [ "Cyber Security Vendor" ], "country": "US", "official-refs": [ "https://hunt.io/" ], "product-type": [ "Threat Intelligence", "Threat Intelligence Feeds" ], "products": [ "Web Interface", "Feeds", "Enrichment API" ], "refs": [ "https://hunt.io/blog" ], "synonyms": [ "Hunt Intelligence" ] }, "uuid": "960a2fb8-96c5-4675-b8bc-d8bdad3c73be", "value": "Hunt.io" } ], "version": 16 }