As the landscape evolves, they could provide a little more detail or specificity to map it to the MITRE ATT&CK framework. Even though it is done in the report, it could be done better.
The lack of appliance-based or on-premise options for this solution is its biggest downfall. Clients request them often. We cannot use the service on its own. Instead, we have to integrate it with another Threat Intelligence platform for on-premise deployment. Customers also often have questions relating to the expandability of the application when integrated to SOC platforms such as SIEM. We are still looking for more comprehensive turnkey integrations for this.
Find out what your peers are saying about Group-IB, Recorded Future, CrowdStrike and others in Threat Intelligence Platforms (TIP). Updated: August 2025.
Threat Intelligence Platforms provide comprehensive solutions for collecting, analyzing, and managing threat data. They enhance security teams' understanding and response capabilities, ensuring proactive defense against emerging threats.These platforms aggregate vast amounts of threat data from multiple sources, offering a centralized interface for organizations to manage and analyze security threats efficiently. By automating threat data collection and enhancing threat analysis, they enable...
As the landscape evolves, they could provide a little more detail or specificity to map it to the MITRE ATT&CK framework. Even though it is done in the report, it could be done better.
The dark web intelligence could be improved. It is not as good as the intelligence from other solutions.
Group-IB Threat Intelligence should improve integration for SIEM and SOAR solutions.
Threat Intelligence's OT security could be improved.
The lack of appliance-based or on-premise options for this solution is its biggest downfall. Clients request them often. We cannot use the service on its own. Instead, we have to integrate it with another Threat Intelligence platform for on-premise deployment. Customers also often have questions relating to the expandability of the application when integrated to SOC platforms such as SIEM. We are still looking for more comprehensive turnkey integrations for this.