Some of the areas that need improvement in Recorded Future include email reports that can show unrelated content. Sometimes alerts pop up for articles that have been published years ago but were just recently discovered by Recorded Future. For the browser extension, since the main purpose is to present information regarding IPs, I think it would be best to provide us with an idea of where the IP originates or some additional information about the organization it belongs to. API capabilities in Recorded Future are improving, but there are still some features that are missing and some errors that are hard to handle and understand. The price of Recorded Future is a bit high, especially for smaller teams working on a tight budget, but it is very effective and relatively competitive for large organizations.
Head Of Cyber Threat Intelligence at Discount Bank
Real User
Top 5
Mar 18, 2025
Their research capabilities and the human aspect should be more effective. The Insikt Group covers a narrow range of areas, which doesn't reflect my needs. Their research should be wider and more in-depth.
Senior Pre-Sales for Information Security at a computer software company with 51-200 employees
Real User
Top 20
Aug 30, 2024
Recorded Future depends on or relies on just the deep and dark web analysis through their quantum computing and algorithms. Sometimes, the feed is not accurate or valuable. Other threat intelligence platforms or threat intelligence feeds get more accurate feeds because they do their own IR analysis, especially when it comes to tools such as Group-IB or Mandiant that rely on the feeds through the IR teams. Recorded Future is very expensive for Jordan's market. Many of our clients prefer to just see other platforms and choose the ones that can fit their budget. The tool should improve the email threat intelligence area. There are many compromised emails. The tool should improve its third-party supply chain risks because there is a lack of visibility.
Partner, Cyber Security at a financial services firm with 10,001+ employees
Real User
Top 5
Jul 31, 2024
While I don't think the tool is weak, its position isn't as dominant as it once was. Other companies like CrowdStrike and Mandiant are now challenging them in many areas. One downside is that Recorded Future can be complex for customers to use and understand. This isn't easy for clients to navigate. From my understanding, Mandiant has been offering lower prices on many large client cases over the past year. They've been challenging the pricing model and setup of companies like Recorded Future. This has been difficult for the tool , as they were used to being almost alone in the market. After being bought by Google, Mandiant has gained a lot of power and seems to have more flexibility in pricing. My main criticism of Recorded Future has been the complexity of its licensing model and the difficulty clients have understanding the different modules. This complexity likely stems from Recorded Future's historical position as a dominant market player, which allowed them to create numerous add-on modules. The pricing for these systems and services is generally quite high. Initially, these systems required significant manual work, justifying the high costs. However, today, the process is becoming increasingly automated. This puts price pressure on all providers, including Mandiant and others. Despite the challenging market with frequent cyberattacks, I think it will be difficult for these companies to maintain the high prices they've charged in the past.
I have been using Recorded Future for four months and am still exploring its features. As for improvements, I would suggest enhancing the alert system. For example, when investigating alerts related to my domain "abc.com," I noticed that the system sometimes detects false positives. It detects other words that contain the letters "abc" like "ablex" or "ableg" which can be misleading. It would be helpful if the system could improve its accuracy and only detect alerts that are truly relevant to my domain. I would recommend adding a feature that can specifically detect my domain name, "abc.com," and not just words containing "abc" or similar letters. It would further reduce false positives and improve the overall accuracy of the system.
Security Analyst at a consultancy with 10,001+ employees
Real User
Mar 9, 2023
The solution could improve in reducing the false positives. However, most of the other tools on the market have false positives. If they enhance their data algorithm, it could improve the accuracy of results and minimize false positives. Identifying patterns of false possibilities can aid in developing better reporting features that could potentially eliminate them in the future. This recording feature tool could benefit from adopting similar techniques utilized by other tools to enhance its functionality. By doing so, it could minimize the need for manual efforts in distinguishing true positives from false positives, ultimately reducing the workload. In a future release, it would be beneficial if the vendor would add more features to create one full solution that can meet the needs of the whole cybersecurity incident purpose.
Security Operations Lead at a tech vendor with 10,001+ employees
MSP
Apr 1, 2021
The product is too big. The vast majority of data you have. You can run queries and you can get more data than you probably want, and you have to take a deep dive a lot of the time. The solution would benefit from introducing automation. When you are running a query just to get the data you're looking for, the result comes back so big, as it will be able to return a lot of results from different sources. Sometimes it could be a bit messy. Automation would help streamline and simplify. The tool can be pricey, especially for smaller companies.
Recorded Future offers a comprehensive platform for threat intelligence and brand monitoring, supporting real-time alerts and data mining to protect against cyber threats and enhance security insights.Recorded Future integrates advanced threat intelligence, allowing for seamless data comparison, comprehensive monitoring of cyber threats, and the detection of dark web activities. Users receive real-time alerts, access to an expansive database, and customizable dashboards for enhanced SIEM...
Some of the areas that need improvement in Recorded Future include email reports that can show unrelated content. Sometimes alerts pop up for articles that have been published years ago but were just recently discovered by Recorded Future. For the browser extension, since the main purpose is to present information regarding IPs, I think it would be best to provide us with an idea of where the IP originates or some additional information about the organization it belongs to. API capabilities in Recorded Future are improving, but there are still some features that are missing and some errors that are hard to handle and understand. The price of Recorded Future is a bit high, especially for smaller teams working on a tight budget, but it is very effective and relatively competitive for large organizations.
Their research capabilities and the human aspect should be more effective. The Insikt Group covers a narrow range of areas, which doesn't reflect my needs. Their research should be wider and more in-depth.
Recorded Future depends on or relies on just the deep and dark web analysis through their quantum computing and algorithms. Sometimes, the feed is not accurate or valuable. Other threat intelligence platforms or threat intelligence feeds get more accurate feeds because they do their own IR analysis, especially when it comes to tools such as Group-IB or Mandiant that rely on the feeds through the IR teams. Recorded Future is very expensive for Jordan's market. Many of our clients prefer to just see other platforms and choose the ones that can fit their budget. The tool should improve the email threat intelligence area. There are many compromised emails. The tool should improve its third-party supply chain risks because there is a lack of visibility.
While I don't think the tool is weak, its position isn't as dominant as it once was. Other companies like CrowdStrike and Mandiant are now challenging them in many areas. One downside is that Recorded Future can be complex for customers to use and understand. This isn't easy for clients to navigate. From my understanding, Mandiant has been offering lower prices on many large client cases over the past year. They've been challenging the pricing model and setup of companies like Recorded Future. This has been difficult for the tool , as they were used to being almost alone in the market. After being bought by Google, Mandiant has gained a lot of power and seems to have more flexibility in pricing. My main criticism of Recorded Future has been the complexity of its licensing model and the difficulty clients have understanding the different modules. This complexity likely stems from Recorded Future's historical position as a dominant market player, which allowed them to create numerous add-on modules. The pricing for these systems and services is generally quite high. Initially, these systems required significant manual work, justifying the high costs. However, today, the process is becoming increasingly automated. This puts price pressure on all providers, including Mandiant and others. Despite the challenging market with frequent cyberattacks, I think it will be difficult for these companies to maintain the high prices they've charged in the past.
Recorded Future is a very expensive solution, and its pricing could be improved.
I have been using Recorded Future for four months and am still exploring its features. As for improvements, I would suggest enhancing the alert system. For example, when investigating alerts related to my domain "abc.com," I noticed that the system sometimes detects false positives. It detects other words that contain the letters "abc" like "ablex" or "ableg" which can be misleading. It would be helpful if the system could improve its accuracy and only detect alerts that are truly relevant to my domain. I would recommend adding a feature that can specifically detect my domain name, "abc.com," and not just words containing "abc" or similar letters. It would further reduce false positives and improve the overall accuracy of the system.
The solution could improve in reducing the false positives. However, most of the other tools on the market have false positives. If they enhance their data algorithm, it could improve the accuracy of results and minimize false positives. Identifying patterns of false possibilities can aid in developing better reporting features that could potentially eliminate them in the future. This recording feature tool could benefit from adopting similar techniques utilized by other tools to enhance its functionality. By doing so, it could minimize the need for manual efforts in distinguishing true positives from false positives, ultimately reducing the workload. In a future release, it would be beneficial if the vendor would add more features to create one full solution that can meet the needs of the whole cybersecurity incident purpose.
When you add one website to Recorded Future, it should automatically call all other websites and social media platforms.
The product is too big. The vast majority of data you have. You can run queries and you can get more data than you probably want, and you have to take a deep dive a lot of the time. The solution would benefit from introducing automation. When you are running a query just to get the data you're looking for, the result comes back so big, as it will be able to return a lot of results from different sources. Sometimes it could be a bit messy. Automation would help streamline and simplify. The tool can be pricey, especially for smaller companies.