Sold by: Recorded Future
Deployed on AWS
Recorded Future arms security teams with the only complete threat intelligence solution powered by patented machine learning to lower risk. Recorded Future can help you find threats 10 times faster, identify 22 percent more threats before impact, and resolve threats 63 percent quicker.
4.6
Overview
INTELLIGENCE-DRIVEN SECURITY
Threat intelligence can sit at the very center of your information security strategy, applied to add value across all functions and teams: -CISOs gain critical insights into the threat landscape to inform strategy. -Threat analysts proactively defend their companies against cyberattacks with alerts and insight. -Security operations can investigate indicators 10 times faster and more effectively prioritize vulnerabilities. -Incident responders can investigate incidents more confidently with a broader context.
THE SOLUTION
-SaaS Platform: Research, analyze, and collaborate on intelligence through our intuitive web interface. -Integrations: Layer our contextualized threat intelligence onto your existing security infrastructure.
For orders greater than 8 users, Please contact AWS-Marketplace@recordedfuture.com
Highlights
- Easy-to-use browser extension accessible from any web-based application
- Real-time threat intelligence integrated into any security solution - SIEM, SOAR, Incident Response, and more
- Portal access for research, real-time alerting and dashboard views of trending threats and relevant intelligence
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/36 months |
|---|---|---|
Brand Intelligence | Brand Intelligence and access for up to 4 users. | $243,750.00 |
Vulnerability Intel | Vulnerability Intelligence and access for up to 4 users. | $168,750.00 |
SecOps Intelligence | SecOps Intelligence and access for up to 10 users | $243,750.00 |
Identity Intel Workforce | Supports up to 25k workforce identities | $262,500.00 |
Third Party Intel | Third Party Intel Monitoring for up to 100 companies. | $318,750.00 |
Threat Intelligence | Threat Intelligence and access for up to 2 users | $281,250.00 |
Geopolitical Intel | Geopolitical Intelligence and access for up to 2 users | $281,250.00 |
ASI | Attack Surface Intelligence and up to 5 users and 1 project | $281,250.00 |
Identity Intel External | Supports up to 1M Identities | $393,750.00 |
Vendor refund policy
All orders and fees are non-cancellable and non-refundable once placed except as required by law.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Support is available 24/7 at +1(855) 476-9728 or via Support@recordedfuture.com Your success is important to us. Please refer to https://support.recordedfuture.com/hc/en-us for additional details or to submit a ticket.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Recorded Future
By IBM Security
By Trellix
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Machine Learning-Powered Threat Detection
Patented machine learning algorithms for identifying and analyzing security threats across multiple data sources
Real-Time Threat Intelligence Integration
Integration capabilities with security infrastructure including SIEM, SOAR, and incident response platforms for contextualized threat intelligence
Browser Extension for Threat Context
Browser extension accessible from web-based applications providing threat intelligence context during security operations
Threat Intelligence Portal and Dashboard
Web-based portal with research capabilities, real-time alerting functionality, and dashboard visualization of trending threats and relevant intelligence
Indicator Investigation and Analysis
Capability to investigate security indicators with contextual threat data for vulnerability prioritization and incident investigation
Security Information and Event Management
Real-time monitoring and visibility for threat detection including ransomware, insider threats, and cloud attacks with security analytics for rapid investigation and prioritization of critical threats.
Incident Response Automation and Orchestration
Automation and orchestration of incident response workflows with consistent, optimized, and measurable process execution.
Enterprise-Grade AI and Automation
Embedded artificial intelligence and automation capabilities designed to increase analyst productivity and accelerate incident lifecycle management.
Multi-Source Data Correlation
Correlation of data across users, networks, and cloud-native services to identify threats including cloud misconfigurations, policy changes, and suspicious user activity with alert deduplication.
Hybrid and Cloud Environment Integration
Centralized visibility across hybrid cloud and on-premises environments with deep integrations to AWS security services including Security Hub, CloudTrail, GuardDuty, Network Firewall, WAF, Detective, CloudWatch, and VPC Flow Logs.
Multi-Source Threat Data Integration
Correlates security events from Trellix Security Platform and over 500 third-party tools including 13 AWS integrations to create unified threat visibility across the security stack.
AI-Driven Alert Triage and Prioritization
Applies artificial intelligence-driven analytics to perform 100% alert triage, prioritize threats, and provide GenAI-powered insights for threat investigation and remediation guidance.
No-Code Automation for Investigation and Response
Provides UI-driven, point-and-click automation capabilities to offload repetitive security operations tasks and accelerate investigation and response workflows.
Pre-Built Analytics and Correlation Rules
Ingests data from multiple sources and correlates events using pre-built analytics and rules to reconstruct complete attack narratives and reduce manual investigation pivots.
Multi-Deployment Architecture Support
Supports cloud, hybrid, and air-gapped deployment models with an open integration ecosystem for flexible security infrastructure configurations.
Standard contract
No
No
No
Customer reviews
Computer & Network Security
Recorded Future: Practical Threat Intel for SOC
Reviewed on Feb 19, 2026
Review provided by G2
What do you like best about the product?
We use Recorded Future daily for risk scores, vulnerability intel and threat context.
Instead of checking multiple sources, the platform gives everything in one place, which saves a lot of time during investigations.
The alerts module provides targeted information on the subjects we've set up, allowing us to concentrate on actual risks instead of unnecessary noise.
One unexpected benefit is how much easier it made reporting to management, since the insights are already well explained and easy to share.
Instead of checking multiple sources, the platform gives everything in one place, which saves a lot of time during investigations.
The alerts module provides targeted information on the subjects we've set up, allowing us to concentrate on actual risks instead of unnecessary noise.
One unexpected benefit is how much easier it made reporting to management, since the insights are already well explained and easy to share.
What do you dislike about the product?
There are a few areas where Recorded Future could be improved to make day-to-day use smoother.
The UI and dashboards are powerful, but they can feel cluttered at times, especially when I’m trying to quickly spot the most relevant risks during active investigations.
Also, regarding the sandboxing experience, adding clipboard support would be a helpful improvement.
The UI and dashboards are powerful, but they can feel cluttered at times, especially when I’m trying to quickly spot the most relevant risks during active investigations.
Also, regarding the sandboxing experience, adding clipboard support would be a helpful improvement.
What problems is the product solving and how is that benefiting you?
Recorded Future addresses alert overload and the lack of context. It helps us quickly determine which threats and vulnerabilities actually matter by providing clear risk scores along with real-world context.
As a result, we’ve reduced investigation time, improved prioritization, and enabled our team to respond faster and with more confidence to genuine threats.
As a result, we’ve reduced investigation time, improved prioritization, and enabled our team to respond faster and with more confidence to genuine threats.
Furkan K.
Reliable intelligence platform with solid analytical depth
Reviewed on Feb 18, 2026
Review provided by G2
What do you like best about the product?
Best thing about RF is its ability to aggregate, enrich, and correlate intelligence data across multiple sources to support threat analysis and investigative workflows. The correlation logic and analytics support use cases such as threat actor tracking, campaign analysis, and pattern identification across incidents.
What do you dislike about the product?
The initial effort required for setup and tuning to achieve optimal results could be a little time consuming and required skilled resources. Alos, the browser extension could have more feature.
What problems is the product solving and how is that benefiting you?
Recorded Future is solving the challenge of fragmented and context‑poor threat intelligence by centralizing external intelligence and correlating it with security‑relevant data. It helps us move from raw indicators to risk‑based intelligence that is easier to consume during investigations.
The benefit is improved analyst efficiency and better prioritization during triage and response. By providing contextual intelligence around threats, vulnerabilities, and external risk factors, it reduces manual research and supports more informed, intelligence‑driven decisions.
The benefit is improved analyst efficiency and better prioritization during triage and response. By providing contextual intelligence around threats, vulnerabilities, and external risk factors, it reduces manual research and supports more informed, intelligence‑driven decisions.
Vivek A.
Comprehensive Threat Intel, Slightly Noisy for Brand Monitoring
Reviewed on Feb 09, 2026
Review provided by G2
What do you like best about the product?
I really like Recorded Future because of its API connectivity, which I use to automate some of my workflows. The breadth of sources is impressive, making it a valuable tool for gathering diverse threat intelligence. I also find it easy to use. The initial setup was smooth, and the Recorded Future team was helpful with the setup and handholding process.
What do you dislike about the product?
I think there's too much noise in the alerts, especially with logo mentions. As a financial institution, my logo shows up on many e-commerce sites and pages, which are flagged as alerts even though they're genuine and not abusive. This might be considered logo abuse for other industries, but it's not relevant to us.
What problems is the product solving and how is that benefiting you?
Recorded Future gives me intel on threat campaigns globally and monitors brand mentions in various web spaces. The API connectivity automates workflows, and the brand module helps with logo and domain monitoring, though it can generate noise. It's easy to use with a broad source range.
Electrical/Electronic Manufacturing
Comprehensive Coverage Across Modules
Reviewed on Jan 13, 2026
Review provided by G2
What do you like best about the product?
number of modules / areas of coverage, custom research (insikt)
What do you dislike about the product?
buggy, needs refinement, intelligence cards are incomplete and lack linking to osint resources that could fill in missing fields
What problems is the product solving and how is that benefiting you?
We receive daily brand, logo, domain abuse alerts. We also use the threat intel research capabilities.
Saurabh G.
World-Class Threat Intel with Actionable Insights
Reviewed on Jan 09, 2026
Review provided by G2
What do you like best about the product?
Their Threat Intel is really world-class and provides meaningful insights
What do you dislike about the product?
Sometimes the details on password breaches do not have much context and details.
What problems is the product solving and how is that benefiting you?
Recorded Future solves the problem of detecting and prioritizing cyber threats in real time, benefiting us by enabling faster, smarter security decisions and reducing risk exposure