TrustRadius: an HG Insights company
Back to Overview

Recorded Future Intelligence Cloud Reviews and Ratings

Rating: 9.6 out of 10
Score
9.6 out of 10

Reviews

3 Reviews

Nice to have - good coverage of thousands of sources

Rating: 6 out of 10
Incentivized

Use Cases and Deployment Scope

Recorded Future is being used in a daily basis for research purposes. The tool is indexing a lot of different feeds and information that is published on the Internet in real-time. It is allowing us to search across thousand of sources at the same time and saving us a lot of time when researching about a certain topic. It is also possible to configure alerts, so as soon as a certain query is having any match, you receive an alert (email notification, push notification, slack message...).

Pros

  • Searching across multiple sources at the same time
  • Indexing information in real time
  • Dashboards, statistics and heatmaps about a certain topic

Cons

  • The learning curve for using the platform is high. It is not easy to use, and you have to invest time in order to know how to search appropriately.
  • Depending on your subscription and role, there are some information that is not available. Sometimes the information can be a little bit limited unless you have all the modules included in your subscription
  • API capabilities are improving but there are still some features that are missing and some errors that are hard to handle / understand

Likelihood to Recommend

If you want a platform that is covering thousands of sources, and that includes deep, dark web, clear web forums, blogs, newspapers, social media networks, etc. Recorded Future is the most complete solution that I have seen.

On the other hand, if you are looking for a really advanced platform with lot of human added value, research papers, advanced investigations, etc. Recorded Future might not be the ideal solution.

VU
Verified User
Analyst in Information Technology (10,001+ employees)
Vetted Review
Recorded Future Intelligence Cloud
5 years of experience

A tool every SOC should have

Rating: 10 out of 10
Incentivized

Use Cases and Deployment Scope

Recorded Future is being utilized by SOC analysts as a threat intel. Since our company offers SOC services among our clients, Recorded Future has been advantageous to us in processing artifacts and identifying possible threats in a short period of time.

Pros

  • Gives latest threat reports regarding an artifact (IP, domain or hash).
  • Browser extension provides a real-time information about an artifact.
  • Accurate in identifying malicious domains and IPs.

Cons

  • For the Browser extension, since the main purpose is to present information with regards to the IP, I think it's best to give us an idea of where the IP originated/some additional information about the organization it belongs to.

Likelihood to Recommend

Recorded Future is mainly beneficial to the SOC. As part of the Monitoring team, Recorded Future makes the investigation of the alarms a lot easier for me. It can show the reputation of the IP/domain or even hashes which helps me redirect my focus to potentially malicious network activities.

VU
Verified User
Professional in Information Technology (51-200 employees)
Vetted Review
Recorded Future Intelligence Cloud
1 year of experience

Brand-monitoring, reputation and risk-assessment in one tool.

Rating: 9 out of 10
Incentivized

Use Cases and Deployment Scope

We mainly use RF for our brand-monitoring, to maintain our reputation and for monitoring partner companies. They offer scanning of a wide range of the internet, be it public sources like various pastebins, github, or social media, as well as forums on the darknet. This helps identifying if any company assets have been leaked (by employees unintentionally as well as through potential fraudsters). Additionally it helps us with identifying the severity of vulnerabilities by assessing how many POCs are available or how often certain vulnerabilities are mentioned in related channels.

Pros

  • Everything they find is also available in their own cache. So for example if a pastebin expired, you can still view it later on.
  • The risk score of vulnerabilities shows actual malicious activity. Image the CVS-Score is medium, but there is a lot of exploit chatter, you want to prioritize fixing this vulnerability.
  • Their watchlists are easy to set up and offer monitoring your tech-stack, peers, persons of special interest, etc.

Cons

  • E-Mail reports can show unrelated content, especially sometimes you'll see alerts popping up for articles which have been published years ago but for some reason were just recently discovered by RF.
  • Yara rules from their insikt blog sometimes are not syntactically correct and need to be manually edited to actually work. There's some proper QA missing.
  • Their global and 3rd party risk reports could be more tailored towards the industries of their client. There is entries for totally unrelated security incidents. Of course a global list aims to find incidents on a global view, but it doesn't add much value at that point.

Likelihood to Recommend

<div>If you need to know who talks about your company, if it maybe even is a target you should consider using RF. As my company is providing services for resellers, we are also concerned about which customers these resellers attract as they can impact other customers using our shared infrastructure. Evaluating risk of partners or of products is another feature I'm using here.</div><div>So far it didn't help much identifying the reputation of IP-addresses, that's probably also due to the nature of my requests which are not necessarily covered by RF.

</div>

VU
Verified User
Engineer in Information Technology (501-1000 employees)
Vetted Review
Recorded Future Intelligence Cloud
1 year of experience