Sold by: Recorded Future
Deployed on AWS
Recorded Future arms security teams with the only complete threat intelligence solution powered by patented machine learning to lower risk. Recorded Future can help you find threats 10 times faster, identify 22 percent more threats before impact, and resolve threats 63 percent quicker.
4.6
Overview
INTELLIGENCE-DRIVEN SECURITY
Threat intelligence can sit at the very center of your information security strategy, applied to add value across all functions and teams: -CISOs gain critical insights into the threat landscape to inform strategy. -Threat analysts proactively defend their companies against cyberattacks with alerts and insight. -Security operations can investigate indicators 10 times faster and more effectively prioritize vulnerabilities. -Incident responders can investigate incidents more confidently with a broader context.
THE SOLUTION
-SaaS Platform: Research, analyze, and collaborate on intelligence through our intuitive web interface. -Integrations: Layer our contextualized threat intelligence onto your existing security infrastructure.
For orders greater than 8 users, Please contact AWS-Marketplace@recordedfuture.com
Highlights
- Easy-to-use browser extension accessible from any web-based application
- Real-time threat intelligence integrated into any security solution - SIEM, SOAR, Incident Response, and more
- Portal access for research, real-time alerting and dashboard views of trending threats and relevant intelligence
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/36 months |
|---|---|---|
Brand Intelligence | Brand Intelligence and access for up to 4 users. | $243,750.00 |
Vulnerability Intel | Vulnerability Intelligence and access for up to 4 users. | $168,750.00 |
SecOps Intelligence | SecOps Intelligence and access for up to 10 users | $243,750.00 |
Identity Intel Workforce | Supports up to 25k workforce identities | $262,500.00 |
Third Party Intel | Third Party Intel Monitoring for up to 100 companies. | $318,750.00 |
Threat Intelligence | Threat Intelligence and access for up to 2 users | $281,250.00 |
Geopolitical Intel | Geopolitical Intelligence and access for up to 2 users | $281,250.00 |
ASI | Attack Surface Intelligence and up to 5 users and 1 project | $281,250.00 |
Identity Intel External | Supports up to 1M Identities | $393,750.00 |
Vendor refund policy
All orders and fees are non-cancellable and non-refundable once placed except as required by law.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Support is available 24/7 at +1(855) 476-9728 or via Support@recordedfuture.com Your success is important to us. Please refer to https://support.recordedfuture.com/hc/en-us for additional details or to submit a ticket.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Recorded Future
By IBM Security
By Trellix
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Machine Learning-Powered Threat Detection
Patented machine learning algorithms for identifying and analyzing security threats across multiple data sources
Real-Time Threat Intelligence Integration
Integration capabilities with security infrastructure including SIEM, SOAR, and incident response platforms for contextualized threat intelligence
Browser Extension for Threat Context
Browser extension accessible from web-based applications providing threat intelligence context during security operations
Threat Intelligence Portal and Dashboard
Web-based portal with research capabilities, real-time alerting functionality, and dashboard visualization of trending threats and relevant intelligence
Indicator Investigation and Analysis
Capability to investigate security indicators with contextual threat data for vulnerability prioritization and incident investigation
Security Information and Event Management
Real-time monitoring and visibility for threat detection including ransomware, insider threats, and cloud attacks with security analytics for rapid investigation and prioritization of critical threats.
Incident Response Automation and Orchestration
Automation and orchestration of incident response workflows with consistent, optimized, and measurable process execution.
Enterprise-Grade AI and Automation
Embedded artificial intelligence and automation capabilities designed to increase analyst productivity and accelerate incident lifecycle management.
Multi-Source Data Correlation
Correlation of data across users, networks, and cloud-native services to identify threats including cloud misconfigurations, policy changes, and suspicious user activity with alert deduplication.
Hybrid and Cloud Environment Integration
Centralized visibility across hybrid cloud and on-premises environments with deep integrations to AWS security services including Security Hub, CloudTrail, GuardDuty, Network Firewall, WAF, Detective, CloudWatch, and VPC Flow Logs.
Multi-Source Threat Data Integration
Correlates security events from Trellix Security Platform and over 500 third-party tools including 13 AWS integrations to create unified threat visibility across the security stack.
AI-Driven Alert Triage and Prioritization
Applies artificial intelligence-driven analytics to perform 100% alert triage, prioritize threats, and provide GenAI-powered insights for threat investigation and remediation guidance.
No-Code Automation for Investigation and Response
Provides UI-driven, point-and-click automation capabilities to offload repetitive security operations tasks and accelerate investigation and response workflows.
Pre-Built Analytics and Correlation Rules
Ingests data from multiple sources and correlates events using pre-built analytics and rules to reconstruct complete attack narratives and reduce manual investigation pivots.
Multi-Deployment Architecture Support
Supports cloud, hybrid, and air-gapped deployment models with an open integration ecosystem for flexible security infrastructure configurations.
Standard contract
No
No
No
Customer reviews
Derek Lewis
Continuous threat intelligence has improved brand monitoring and protects against leaked credentials
Reviewed on Feb 24, 2026
Review from a verified AWS customer
What is our primary use case?
Our main use case for Recorded Future is brand monitoring, reputation, and risk assessment, as it is one of the best tools that combine all three functionalities. We mainly use Recorded Future for our brand monitoring, to maintain our reputation, and for monitoring partner companies. Recorded Future offers scanning of a wide range of the internet, including public sources like various pastebins, GitHub , social media, as well as forums on the dark web. This helps identify if any company assets have been leaked by employees unintentionally, as well as through potential fraudsters. Additionally, it helps us with identifying the severity of vulnerabilities by assessing how many POCs are available or how often certain vulnerabilities are mentioned in related channels.
I can give a specific example of how I have used Recorded Future for brand monitoring and risk assessment. We have been able to identify leaked credentials and close those accounts off. We have also been able to identify malware being distributed or spam being sent out by customers using our infrastructure, and we could shut off those accounts.
What is most valuable?
The best features of Recorded Future include providing the latest threat reports regarding artifacts, such as IPs, domains, or hashes.
Getting those latest threat reports about artifacts, IPs, domains, or hashes has been advantageous to us in processing artifacts and identifying possible threats in a short period of time. Therefore, we are able to identify threats before they affect our systems and our application. Recorded Future also has the best browser extension that provides real-time information about an artifact and is accurate in identifying malicious domains and APIs.
Some of the best features include searching across multiple sources at the same time, indexing information in real time, and providing dashboards, statistics, and heat maps about certain topics.
Recorded Future has positively impacted our organization as we are able to cover a lot of sources with only this intelligence provider, not having to have specific tools for clear web or social media monitoring. Since the Recorded Future staff is doing the on-demand integration of new sources, we are saving a couple of positions as we do not have to develop our own crawlers. It is possible to integrate the solution with tools such as Splunk, which is really useful in order to obtain KPIs, metrics, and other useful insights for executive members of our company.
What needs improvement?
Some of the areas that need improvement in Recorded Future include email reports that can show unrelated content. Sometimes alerts pop up for articles that have been published years ago but were just recently discovered by Recorded Future.
For the browser extension, since the main purpose is to present information regarding IPs, I think it would be best to provide us with an idea of where the IP originates or some additional information about the organization it belongs to.
API capabilities in Recorded Future are improving, but there are still some features that are missing and some errors that are hard to handle and understand.
The price of Recorded Future is a bit high, especially for smaller teams working on a tight budget, but it is very effective and relatively competitive for large organizations.
For how long have I used the solution?
I have been using Recorded Future for the past five years and six months.
What do I think about the stability of the solution?
According to my experience, Recorded Future is very stable because I have not seen slow performance.
What do I think about the scalability of the solution?
Recorded Future is highly scalable and can be used by any size of organization.
How are customer service and support?
The customer support for Recorded Future is very responsive and proactive.
Which solution did I use previously and why did I switch?
Previously, we were using VirusTotal , and I use Recorded Future together with VirusTotal to fully understand the possible threats on our network. However, Recorded Future has a better threat intelligence feed that I prefer to use in finalizing my investigations.
Before choosing Recorded Future, I evaluated other options, specifically VirusTotal.
How was the initial setup?
Recorded Future is deployed in our organization using a hybrid cloud.
What about the implementation team?
I purchased Recorded Future through the AWS Marketplace .
What was our ROI?
We have seen a return on investment as we have been able to identify leaked credentials and close those accounts off easily, thereby improving our security. We have also been able to identify malware being distributed or spam being sent out by customers using our infrastructure, and we are able to shut those accounts off.
What's my experience with pricing, setup cost, and licensing?
The price of Recorded Future is a bit high, especially for smaller teams working on a tight budget, but it is very effective and relatively competitive for large organizations.
Which other solutions did I evaluate?
Previously, we were using VirusTotal, and I use Recorded Future together with VirusTotal to fully understand the possible threats on our network. However, Recorded Future has a better threat intelligence feed that I prefer to use in finalizing my investigations.
Before choosing Recorded Future, I evaluated other options, specifically VirusTotal.
What other advice do I have?
Recorded Future is mainly beneficial to the SOC. As part of the monitoring team, Recorded Future makes the investigation of alarms much easier for me. It can show the reputation of APIs from domains or even hashes, which helps me redirect my focus to potential malicious network activity easily.
Recorded Future is deployed in our organization using a hybrid cloud, and we use AWS as our cloud provider.
My advice for others looking into using Recorded Future is that it makes the investigation of alarms significantly easier and helps redirect focus to potential malicious network activity. I would rate Recorded Future an 8 out of 10.
Computer & Network Security
Recorded Future: Practical Threat Intel for SOC
Reviewed on Feb 19, 2026
Review provided by G2
What do you like best about the product?
We use Recorded Future daily for risk scores, vulnerability intel and threat context.
Instead of checking multiple sources, the platform gives everything in one place, which saves a lot of time during investigations.
The alerts module provides targeted information on the subjects we've set up, allowing us to concentrate on actual risks instead of unnecessary noise.
One unexpected benefit is how much easier it made reporting to management, since the insights are already well explained and easy to share.
Instead of checking multiple sources, the platform gives everything in one place, which saves a lot of time during investigations.
The alerts module provides targeted information on the subjects we've set up, allowing us to concentrate on actual risks instead of unnecessary noise.
One unexpected benefit is how much easier it made reporting to management, since the insights are already well explained and easy to share.
What do you dislike about the product?
There are a few areas where Recorded Future could be improved to make day-to-day use smoother.
The UI and dashboards are powerful, but they can feel cluttered at times, especially when I’m trying to quickly spot the most relevant risks during active investigations.
Also, regarding the sandboxing experience, adding clipboard support would be a helpful improvement.
The UI and dashboards are powerful, but they can feel cluttered at times, especially when I’m trying to quickly spot the most relevant risks during active investigations.
Also, regarding the sandboxing experience, adding clipboard support would be a helpful improvement.
What problems is the product solving and how is that benefiting you?
Recorded Future addresses alert overload and the lack of context. It helps us quickly determine which threats and vulnerabilities actually matter by providing clear risk scores along with real-world context.
As a result, we’ve reduced investigation time, improved prioritization, and enabled our team to respond faster and with more confidence to genuine threats.
As a result, we’ve reduced investigation time, improved prioritization, and enabled our team to respond faster and with more confidence to genuine threats.
Furkan K.
Reliable intelligence platform with solid analytical depth
Reviewed on Feb 18, 2026
Review provided by G2
What do you like best about the product?
Best thing about RF is its ability to aggregate, enrich, and correlate intelligence data across multiple sources to support threat analysis and investigative workflows. The correlation logic and analytics support use cases such as threat actor tracking, campaign analysis, and pattern identification across incidents.
What do you dislike about the product?
The initial effort required for setup and tuning to achieve optimal results could be a little time consuming and required skilled resources. Alos, the browser extension could have more feature.
What problems is the product solving and how is that benefiting you?
Recorded Future is solving the challenge of fragmented and context‑poor threat intelligence by centralizing external intelligence and correlating it with security‑relevant data. It helps us move from raw indicators to risk‑based intelligence that is easier to consume during investigations.
The benefit is improved analyst efficiency and better prioritization during triage and response. By providing contextual intelligence around threats, vulnerabilities, and external risk factors, it reduces manual research and supports more informed, intelligence‑driven decisions.
The benefit is improved analyst efficiency and better prioritization during triage and response. By providing contextual intelligence around threats, vulnerabilities, and external risk factors, it reduces manual research and supports more informed, intelligence‑driven decisions.
Electrical/Electronic Manufacturing
Comprehensive Coverage Across Modules
Reviewed on Jan 13, 2026
Review provided by G2
What do you like best about the product?
number of modules / areas of coverage, custom research (insikt)
What do you dislike about the product?
buggy, needs refinement, intelligence cards are incomplete and lack linking to osint resources that could fill in missing fields
What problems is the product solving and how is that benefiting you?
We receive daily brand, logo, domain abuse alerts. We also use the threat intel research capabilities.
Saurabh G.
World-Class Threat Intel with Actionable Insights
Reviewed on Jan 09, 2026
Review provided by G2
What do you like best about the product?
Their Threat Intel is really world-class and provides meaningful insights
What do you dislike about the product?
Sometimes the details on password breaches do not have much context and details.
What problems is the product solving and how is that benefiting you?
Recorded Future solves the problem of detecting and prioritizing cyber threats in real time, benefiting us by enabling faster, smarter security decisions and reducing risk exposure