Recorded Future has some important strengths. It has a long history of success in the market and is known for excellent threat intelligence. Its team is skilled at using AI to search for and report on threats. For many years, it was seen as the best in the industry.
Recorded Future Intelligence Platform
Recorded FutureExternal reviews
215 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Has good threat intelligence and uses AI features
What is most valuable?
What needs improvement?
While I don't think the tool is weak, its position isn't as dominant as it once was. Other companies like CrowdStrike and Mandiant are now challenging them in many areas. One downside is that Recorded Future can be complex for customers to use and understand. This isn't easy for clients to navigate.
From my understanding, Mandiant has been offering lower prices on many large client cases over the past year. They've been challenging the pricing model and setup of companies like Recorded Future. This has been difficult for the tool , as they were used to being almost alone in the market. After being bought by Google, Mandiant has gained a lot of power and seems to have more flexibility in pricing.
My main criticism of Recorded Future has been the complexity of its licensing model and the difficulty clients have understanding the different modules. This complexity likely stems from Recorded Future's historical position as a dominant market player, which allowed them to create numerous add-on modules. The pricing for these systems and services is generally quite high.
Initially, these systems required significant manual work, justifying the high costs. However, today, the process is becoming increasingly automated. This puts price pressure on all providers, including Mandiant and others. Despite the challenging market with frequent cyberattacks, I think it will be difficult for these companies to maintain the high prices they've charged in the past.
How are customer service and support?
The solution has a good technical team. It's part of the package that customers buy into. Each client has an account manager and direct access to live customer support. The team responds fast.
How would you rate customer service and support?
Positive
What other advice do I have?
I'd still recommend Recorded Future for large organizations, but they must understand the business model and pricing. The quality of Recorded Future, Mandiant, and CrowdStrike seems quite similar, though I'm not a deep technical expert. The choice depends on the customer's needs - not all customers need every feature.
I can't definitively say which is better regarding AI technology as I haven't technically compared them myself. The solution might be advantageous due to their extensive experience in the area. However, with Google's resources behind Mandiant, they likely have significant capabilities, too. Google's resources are probably on par with Microsoft's, so they could easily ramp up their technology if needed.
When discussing AI in these threat intelligence setups, clarifying what we mean is important. Often, it's a system of rules analyzing abnormalities and triggering actions. I frequently ask what people mean by AI in different contexts because it often comes down to rules: if certain events occur or parameters are exceeded, what actions should be taken? These systems analyze data in real-time and feed it to the Security Operations Center to create a more efficient setup with fewer false positives.
False positives are a major challenge, especially for smaller companies. If they don't have well-trained IT staff, dealing with numerous false positives can be more trouble than it's worth. I've seen smaller organizations struggle with this - sometimes, it's almost better for them not to have these systems if they can't understand and manage them effectively.
I rate the overall product as nine out of ten.
Integrates well with other security solutions and can be customized easily
What is most valuable?
Recorded Future integrates well with other security solutions in a security stack. It is one of the best things you can spend your money on to obtain better results that are more tailored to your organization.
From the feedback I've received from my clients, the most valuable feature is the ability to personalize the solution. The ability to have a customized dashboard makes it easy for leadership and management to obtain details. Intelligence analysts or security engineers care about the actions and results, whereas the leadership care about graphs and reports. Recorded Future helps my clients create reports and also determine how the intelligence that is generated is consumed. They can easily show the benefits to the leadership without them having to invest 10 hours a week into transferring numbers into a graph or into creating reports.
What needs improvement?
At present, my clients need to be trained by me or another organization on how to use Recorded Future and how to get the best out of it as an analyst, engineer, and administrator. It would be better if clients could directly learn these things without having to go through me or other organizations.
For how long have I used the solution?
I've been using Recorded Future for three years. I have worked with it deployed both on-premises and on AWS cloud.
What do I think about the stability of the solution?
The uptime of the solution is great. I've encountered only a few situations in the past where I needed to use Recorded Future and it wasn't immediately accessible. However, I was able to access it after about three hours.
What do I think about the scalability of the solution?
It's definitely scalable.
How are customer service and support?
My experience with technical support has been okay.
How was the initial setup?
I found the initial setup to be easy. On-premises deployments take a few hours, and cloud deployments may take longer. Depending on the client and their level of expertise, the integration of the solution may taka a few months to two years.
What about the implementation team?
I usually deploy the solution myself for my clients.
What's my experience with pricing, setup cost, and licensing?
The biggest disadvantage of Recorded Future is the cost here in Eastern Europe. The solution is correctly priced for big companies who have the money to invest in such solutions. Also, the solution is useless on its own, which means that you have to invest in other solutions with which Recorded Future can be integrated.
At present, Recorded Future can cost 60,000 euros per year. I am able to offer my clients a 5% to 10% discount, but in this region, the cost is still prohibitive even with the discount.
If Recorded Future were more flexible in terms of price, there would be better sales opportunities in Europe and Eastern Europe, in particular, because we have more small- and medium-sized companies here.
What other advice do I have?
Recorded Future is a great tool overall for threat intelligence. I think it's one of the best to add to an organization's security stack. However, the licensing costs are extremely high for small- to medium-sized companies. As such, I would rate it at nine on a scale from one to ten, with one being the worst and ten being the best.
Good and organized by modules
What do you like best about the product?
Recorded Future returns very useful and actionable information about CTI
Easy to use and good training path
Easy to use and good training path
What do you dislike about the product?
There is no weakness point to notify to the end user
What problems is the product solving and how is that benefiting you?
We use it as a cyber threat intelligence solution, able to detect for example non mainstream mentions of the domain name, brand abuse, fake app detection and so on, to finally remediate the event
Recommendations to others considering the product:
We made a PoC of several CTI products, I recomend to do the same and choose the solution that best fits the customer needs
Detecting Threats Before They Reach Your Organization
What do you like best about the product?
The ability to detect threats in an easy to navigate you UI. The tool allows users to configure and use the platform with a very short learning curve.
What do you dislike about the product?
The cost associated with the tool sometimes is not cheap in terms of small businesses to begin using the platform. The UX design could always get a little bit better as well.
What problems is the product solving and how is that benefiting you?
The ability to use keywords on searches in chat rooms on the deep web is fundamental to any business who wants to protect themselves against looming threats. This allows users to better manage patches to a system and protect against threats
Recommendations to others considering the product:
Not too many better solutions out there to prevent threats and identify those threats that exist in the dark web
Great threat intel enrichment and works with exisiting security data
What do you like best about the product?
I like how it integrates with multiple security products and it's a separate product. Talks to our SIEM, our EDR, etc. Very digestable and intuitive.
What do you dislike about the product?
I didn't have any major concerns about it.
What problems is the product solving and how is that benefiting you?
Correlating and enriching our vulnerability and threat intel data all into one place.
Recommendations to others considering the product:
None
value insight
What do you like best about the product?
The ability to customize and generate data for our specific industry and concerns
What do you dislike about the product?
sometime the volume of alerts can be overwhelming, tuning the tool takes time.
What problems is the product solving and how is that benefiting you?
Understanding what threats and threat actors are targeting our organization and our industry as a whole
"Threat Intelligence" Recorded Future
What do you like best about the product?
Recorded future is awesome threat intelligence tool which can give all the information of the emerging threats, vulnerabilities, attackers, APT groups and everything that security professionals wants. Dashboard is very good and easy to understand. Threat feeds are regularly updated. All the information collected by recorded future is organised properly that we can do analysis easily. It's a very helpful tool for threat advisories as well as brand monitoring purpose. We can add watchlists we want for the monitoring. For brand monitoring it helps to scan information on public sources on internet and to identify the data leak.
What do you dislike about the product?
When we have to do deep analysis we need good knowledge of the search queries to get exact information. Email alerts sometimes very noisy and unwanted. RF is costly as compared with other tools.
What problems is the product solving and how is that benefiting you?
Benefits are we can use recorded future for advisory writings, brand monitoring and it gives a best performance. In brand monitoring it is very useful it gives alerts for every public source mentions, dark web mentions according to our watchlists. Dashboard helps effectively for analysis.
Recommendations to others considering the product:
It's a very effective threat intelligence tool which will definitely helps security professionals in work. It's a must have tool for brand monitoring and for threat intelligence.
Excellent product you don't realize you need.
What do you like best about the product?
Awareness of my company on the dark web.
What do you dislike about the product?
Very little. It has a wealth of knowledge that I can search through.
What problems is the product solving and how is that benefiting you?
I utilize this tool to do research on phishing emails. I also use this dashboard daily to keep up with the latest threats
Awesome real time Solution
What do you like best about the product?
That it allows you put in any type of threat intelligence where you need it to be
What do you dislike about the product?
Customer service was a little slow to respond and froze up several times
What problems is the product solving and how is that benefiting you?
problems we are solving are the updates incident response time is fast and amazing, that it provides security leadership and operations I did not know they provided
Recommendations to others considering the product:
NA
showing 91 - 99