Senior Pre-Sales for Information Security at a computer software company with 51-200 employees
Real User
Top 20
2024-08-30T12:38:05Z
Aug 30, 2024
Recorded Future depends on or relies on just the deep and dark web analysis through their quantum computing and algorithms. Sometimes, the feed is not accurate or valuable. Other threat intelligence platforms or threat intelligence feeds get more accurate feeds because they do their own IR analysis, especially when it comes to tools such as Group-IB or Mandiant that rely on the feeds through the IR teams. Recorded Future is very expensive for Jordan's market. Many of our clients prefer to just see other platforms and choose the ones that can fit their budget. The tool should improve the email threat intelligence area. There are many compromised emails. The tool should improve its third-party supply chain risks because there is a lack of visibility.
While I don't think the tool is weak, its position isn't as dominant as it once was. Other companies like CrowdStrike and Mandiant are now challenging them in many areas. One downside is that Recorded Future can be complex for customers to use and understand. This isn't easy for clients to navigate. From my understanding, Mandiant has been offering lower prices on many large client cases over the past year. They've been challenging the pricing model and setup of companies like Recorded Future. This has been difficult for the tool , as they were used to being almost alone in the market. After being bought by Google, Mandiant has gained a lot of power and seems to have more flexibility in pricing. My main criticism of Recorded Future has been the complexity of its licensing model and the difficulty clients have understanding the different modules. This complexity likely stems from Recorded Future's historical position as a dominant market player, which allowed them to create numerous add-on modules. The pricing for these systems and services is generally quite high. Initially, these systems required significant manual work, justifying the high costs. However, today, the process is becoming increasingly automated. This puts price pressure on all providers, including Mandiant and others. Despite the challenging market with frequent cyberattacks, I think it will be difficult for these companies to maintain the high prices they've charged in the past.
I have been using Recorded Future for four months and am still exploring its features. As for improvements, I would suggest enhancing the alert system. For example, when investigating alerts related to my domain "abc.com," I noticed that the system sometimes detects false positives. It detects other words that contain the letters "abc" like "ablex" or "ableg" which can be misleading. It would be helpful if the system could improve its accuracy and only detect alerts that are truly relevant to my domain. I would recommend adding a feature that can specifically detect my domain name, "abc.com," and not just words containing "abc" or similar letters. It would further reduce false positives and improve the overall accuracy of the system.
The solution could improve in reducing the false positives. However, most of the other tools on the market have false positives. If they enhance their data algorithm, it could improve the accuracy of results and minimize false positives. Identifying patterns of false possibilities can aid in developing better reporting features that could potentially eliminate them in the future. This recording feature tool could benefit from adopting similar techniques utilized by other tools to enhance its functionality. By doing so, it could minimize the need for manual efforts in distinguishing true positives from false positives, ultimately reducing the workload. In a future release, it would be beneficial if the vendor would add more features to create one full solution that can meet the needs of the whole cybersecurity incident purpose.
Security Operations Lead at a tech vendor with 10,001+ employees
MSP
2021-04-01T09:42:53Z
Apr 1, 2021
The product is too big. The vast majority of data you have. You can run queries and you can get more data than you probably want, and you have to take a deep dive a lot of the time. The solution would benefit from introducing automation. When you are running a query just to get the data you're looking for, the result comes back so big, as it will be able to return a lot of results from different sources. Sometimes it could be a bit messy. Automation would help streamline and simplify. The tool can be pricey, especially for smaller companies.
Recorded Future is a powerful and effective cyber threat intelligence (CTI) platform that aims to empower administrators to protect their organizations from threats, both known and unknown. The machine learning engine that Recorded Future utilizes can process the same amount of data that 9,000 analysts working five days a week, eight hours a day for an entire year can process. It simplifies threat detection and remediation so that organizations can focus on other tasks.
Recorded Future...
Recorded Future depends on or relies on just the deep and dark web analysis through their quantum computing and algorithms. Sometimes, the feed is not accurate or valuable. Other threat intelligence platforms or threat intelligence feeds get more accurate feeds because they do their own IR analysis, especially when it comes to tools such as Group-IB or Mandiant that rely on the feeds through the IR teams. Recorded Future is very expensive for Jordan's market. Many of our clients prefer to just see other platforms and choose the ones that can fit their budget. The tool should improve the email threat intelligence area. There are many compromised emails. The tool should improve its third-party supply chain risks because there is a lack of visibility.
While I don't think the tool is weak, its position isn't as dominant as it once was. Other companies like CrowdStrike and Mandiant are now challenging them in many areas. One downside is that Recorded Future can be complex for customers to use and understand. This isn't easy for clients to navigate. From my understanding, Mandiant has been offering lower prices on many large client cases over the past year. They've been challenging the pricing model and setup of companies like Recorded Future. This has been difficult for the tool , as they were used to being almost alone in the market. After being bought by Google, Mandiant has gained a lot of power and seems to have more flexibility in pricing. My main criticism of Recorded Future has been the complexity of its licensing model and the difficulty clients have understanding the different modules. This complexity likely stems from Recorded Future's historical position as a dominant market player, which allowed them to create numerous add-on modules. The pricing for these systems and services is generally quite high. Initially, these systems required significant manual work, justifying the high costs. However, today, the process is becoming increasingly automated. This puts price pressure on all providers, including Mandiant and others. Despite the challenging market with frequent cyberattacks, I think it will be difficult for these companies to maintain the high prices they've charged in the past.
Recorded Future is a very expensive solution, and its pricing could be improved.
I have been using Recorded Future for four months and am still exploring its features. As for improvements, I would suggest enhancing the alert system. For example, when investigating alerts related to my domain "abc.com," I noticed that the system sometimes detects false positives. It detects other words that contain the letters "abc" like "ablex" or "ableg" which can be misleading. It would be helpful if the system could improve its accuracy and only detect alerts that are truly relevant to my domain. I would recommend adding a feature that can specifically detect my domain name, "abc.com," and not just words containing "abc" or similar letters. It would further reduce false positives and improve the overall accuracy of the system.
The solution could improve in reducing the false positives. However, most of the other tools on the market have false positives. If they enhance their data algorithm, it could improve the accuracy of results and minimize false positives. Identifying patterns of false possibilities can aid in developing better reporting features that could potentially eliminate them in the future. This recording feature tool could benefit from adopting similar techniques utilized by other tools to enhance its functionality. By doing so, it could minimize the need for manual efforts in distinguishing true positives from false positives, ultimately reducing the workload. In a future release, it would be beneficial if the vendor would add more features to create one full solution that can meet the needs of the whole cybersecurity incident purpose.
When you add one website to Recorded Future, it should automatically call all other websites and social media platforms.
The product is too big. The vast majority of data you have. You can run queries and you can get more data than you probably want, and you have to take a deep dive a lot of the time. The solution would benefit from introducing automation. When you are running a query just to get the data you're looking for, the result comes back so big, as it will be able to return a lot of results from different sources. Sometimes it could be a bit messy. Automation would help streamline and simplify. The tool can be pricey, especially for smaller companies.