Integrates well with other security solutions and can be customized easily
What is most valuable?
Recorded Future integrates well with other security solutions in a security stack. It is one of the best things you can spend your money on to obtain better results that are more tailored to your organization.
From the feedback I've received from my clients, the most valuable feature is the ability to personalize the solution. The ability to have a customized dashboard makes it easy for leadership and management to obtain details. Intelligence analysts or security engineers care about the actions and results, whereas the leadership care about graphs and reports. Recorded Future helps my clients create reports and also determine how the intelligence that is generated is consumed. They can easily show the benefits to the leadership without them having to invest 10 hours a week into transferring numbers into a graph or into creating reports.
What needs improvement?
At present, my clients need to be trained by me or another organization on how to use Recorded Future and how to get the best out of it as an analyst, engineer, and administrator. It would be better if clients could directly learn these things without having to go through me or other organizations.
For how long have I used the solution?
I've been using Recorded Future for three years. I have worked with it deployed both on-premises and on AWS cloud.
What do I think about the stability of the solution?
The uptime of the solution is great. I've encountered only a few situations in the past where I needed to use Recorded Future and it wasn't immediately accessible. However, I was able to access it after about three hours.
What do I think about the scalability of the solution?
It's definitely scalable.
How are customer service and support?
My experience with technical support has been okay.
How was the initial setup?
I found the initial setup to be easy. On-premises deployments take a few hours, and cloud deployments may take longer. Depending on the client and their level of expertise, the integration of the solution may taka a few months to two years.
What about the implementation team?
I usually deploy the solution myself for my clients.
What's my experience with pricing, setup cost, and licensing?
The biggest disadvantage of Recorded Future is the cost here in Eastern Europe. The solution is correctly priced for big companies who have the money to invest in such solutions. Also, the solution is useless on its own, which means that you have to invest in other solutions with which Recorded Future can be integrated.
At present, Recorded Future can cost 60,000 euros per year. I am able to offer my clients a 5% to 10% discount, but in this region, the cost is still prohibitive even with the discount.
If Recorded Future were more flexible in terms of price, there would be better sales opportunities in Europe and Eastern Europe, in particular, because we have more small- and medium-sized companies here.
What other advice do I have?
Recorded Future is a great tool overall for threat intelligence. I think it's one of the best to add to an organization's security stack. However, the licensing costs are extremely high for small- to medium-sized companies. As such, I would rate it at nine on a scale from one to ten, with one being the worst and ten being the best.
Recorded Future Review
What do you like best about the product?
Auto Yara automatic generation of YARA rules for new malware — a big time saver compared to manual rule writing
What do you dislike about the product?
More trainings for new users. For a new user or a small team without prior experience, RF can feel overwhelming.
What problems is the product solving and how is that benefiting you?
Our team proposes solution to clients, being tower lead for ECS, I look into cyber security areas, and I have used this product to propose to clients interested in threat intelligence products, This looks beneficial for reducing MTTD and MTTR
Recommendations to others considering the product:
One of best products for threat intelligence
Excellent platform and outstanding support team
What do you like best about the product?
The amount of information present on the platform
What do you dislike about the product?
Nothing so far. The platform works great and the support too.
What problems is the product solving and how is that benefiting you?
Mainly Threat Intelligence and brand/campaings monitoring
Incredible data
What do you like best about the product?
Recorded Future stores the best data and organizes it in a digestible and interesting way
What do you dislike about the product?
It can be overwhelming at times to sift through tons of search results, though they are prioritized by the system in a helpful way
What problems is the product solving and how is that benefiting you?
I can get data on nearly anything that could be a threat to a business or people in general
Good and organized by modules
What do you like best about the product?
Recorded Future returns very useful and actionable information about CTI
Easy to use and good training path
What do you dislike about the product?
There is no weakness point to notify to the end user
What problems is the product solving and how is that benefiting you?
We use it as a cyber threat intelligence solution, able to detect for example non mainstream mentions of the domain name, brand abuse, fake app detection and so on, to finally remediate the event
Recommendations to others considering the product:
We made a PoC of several CTI products, I recomend to do the same and choose the solution that best fits the customer needs
Detecting Threats Before They Reach Your Organization
What do you like best about the product?
The ability to detect threats in an easy to navigate you UI. The tool allows users to configure and use the platform with a very short learning curve.
What do you dislike about the product?
The cost associated with the tool sometimes is not cheap in terms of small businesses to begin using the platform. The UX design could always get a little bit better as well.
What problems is the product solving and how is that benefiting you?
The ability to use keywords on searches in chat rooms on the deep web is fundamental to any business who wants to protect themselves against looming threats. This allows users to better manage patches to a system and protect against threats
Recommendations to others considering the product:
Not too many better solutions out there to prevent threats and identify those threats that exist in the dark web
Great threat intel enrichment and works with exisiting security data
What do you like best about the product?
I like how it integrates with multiple security products and it's a separate product. Talks to our SIEM, our EDR, etc. Very digestable and intuitive.
What do you dislike about the product?
I didn't have any major concerns about it.
What problems is the product solving and how is that benefiting you?
Correlating and enriching our vulnerability and threat intel data all into one place.
Recommendations to others considering the product:
None
value insight
What do you like best about the product?
The ability to customize and generate data for our specific industry and concerns
What do you dislike about the product?
sometime the volume of alerts can be overwhelming, tuning the tool takes time.
What problems is the product solving and how is that benefiting you?
Understanding what threats and threat actors are targeting our organization and our industry as a whole
"Threat Intelligence" Recorded Future
What do you like best about the product?
Recorded future is awesome threat intelligence tool which can give all the information of the emerging threats, vulnerabilities, attackers, APT groups and everything that security professionals wants. Dashboard is very good and easy to understand. Threat feeds are regularly updated. All the information collected by recorded future is organised properly that we can do analysis easily. It's a very helpful tool for threat advisories as well as brand monitoring purpose. We can add watchlists we want for the monitoring. For brand monitoring it helps to scan information on public sources on internet and to identify the data leak.
What do you dislike about the product?
When we have to do deep analysis we need good knowledge of the search queries to get exact information. Email alerts sometimes very noisy and unwanted. RF is costly as compared with other tools.
What problems is the product solving and how is that benefiting you?
Benefits are we can use recorded future for advisory writings, brand monitoring and it gives a best performance. In brand monitoring it is very useful it gives alerts for every public source mentions, dark web mentions according to our watchlists. Dashboard helps effectively for analysis.
Recommendations to others considering the product:
It's a very effective threat intelligence tool which will definitely helps security professionals in work. It's a must have tool for brand monitoring and for threat intelligence.
Excellent product you don't realize you need.
What do you like best about the product?
Awareness of my company on the dark web.
What do you dislike about the product?
Very little. It has a wealth of knowledge that I can search through.
What problems is the product solving and how is that benefiting you?
I utilize this tool to do research on phishing emails. I also use this dashboard daily to keep up with the latest threats
