I have been using Recorded Future for four months and am still exploring its features. As for improvements, I would suggest enhancing the alert system. For example, when investigating alerts related to my domain "abc.com," I noticed that the system sometimes detects false positives. It detects other words that contain the letters "abc" like "ablex" or "ableg" which can be misleading. It would be helpful if the system could improve its accuracy and only detect alerts that are truly relevant to my domain. I would recommend adding a feature that can specifically detect my domain name, "abc.com," and not just words containing "abc" or similar letters. It would further reduce false positives and improve the overall accuracy of the system.
The solution could improve in reducing the false positives. However, most of the other tools on the market have false positives. If they enhance their data algorithm, it could improve the accuracy of results and minimize false positives. Identifying patterns of false possibilities can aid in developing better reporting features that could potentially eliminate them in the future. This recording feature tool could benefit from adopting similar techniques utilized by other tools to enhance its functionality. By doing so, it could minimize the need for manual efforts in distinguishing true positives from false positives, ultimately reducing the workload. In a future release, it would be beneficial if the vendor would add more features to create one full solution that can meet the needs of the whole cybersecurity incident purpose.
Security Operations Lead at a tech vendor with 10,001+ employees
MSP
2021-04-01T09:42:53Z
Apr 1, 2021
The product is too big. The vast majority of data you have. You can run queries and you can get more data than you probably want, and you have to take a deep dive a lot of the time. The solution would benefit from introducing automation. When you are running a query just to get the data you're looking for, the result comes back so big, as it will be able to return a lot of results from different sources. Sometimes it could be a bit messy. Automation would help streamline and simplify. The tool can be pricey, especially for smaller companies.
Recorded Future is a powerful and effective cyber threat intelligence (CTI) platform that aims to empower administrators to protect their organizations from threats, both known and unknown. The machine learning engine that Recorded Future utilizes can process the same amount of data that 9,000 analysts working five days a week, eight hours a day for an entire year can process. It simplifies threat detection and remediation so that organizations can focus on other tasks.
Recorded Future...
Recorded Future is a very expensive solution, and its pricing could be improved.
I have been using Recorded Future for four months and am still exploring its features. As for improvements, I would suggest enhancing the alert system. For example, when investigating alerts related to my domain "abc.com," I noticed that the system sometimes detects false positives. It detects other words that contain the letters "abc" like "ablex" or "ableg" which can be misleading. It would be helpful if the system could improve its accuracy and only detect alerts that are truly relevant to my domain. I would recommend adding a feature that can specifically detect my domain name, "abc.com," and not just words containing "abc" or similar letters. It would further reduce false positives and improve the overall accuracy of the system.
The solution could improve in reducing the false positives. However, most of the other tools on the market have false positives. If they enhance their data algorithm, it could improve the accuracy of results and minimize false positives. Identifying patterns of false possibilities can aid in developing better reporting features that could potentially eliminate them in the future. This recording feature tool could benefit from adopting similar techniques utilized by other tools to enhance its functionality. By doing so, it could minimize the need for manual efforts in distinguishing true positives from false positives, ultimately reducing the workload. In a future release, it would be beneficial if the vendor would add more features to create one full solution that can meet the needs of the whole cybersecurity incident purpose.
When you add one website to Recorded Future, it should automatically call all other websites and social media platforms.
The product is too big. The vast majority of data you have. You can run queries and you can get more data than you probably want, and you have to take a deep dive a lot of the time. The solution would benefit from introducing automation. When you are running a query just to get the data you're looking for, the result comes back so big, as it will be able to return a lot of results from different sources. Sometimes it could be a bit messy. Automation would help streamline and simplify. The tool can be pricey, especially for smaller companies.