Sold by: Recorded Future
Deployed on AWS
Recorded Future arms security teams with the only complete threat intelligence solution powered by patented machine learning to lower risk. Recorded Future can help you find threats 10 times faster, identify 22 percent more threats before impact, and resolve threats 63 percent quicker.
4.6
Overview
INTELLIGENCE-DRIVEN SECURITY
Threat intelligence can sit at the very center of your information security strategy, applied to add value across all functions and teams: -CISOs gain critical insights into the threat landscape to inform strategy. -Threat analysts proactively defend their companies against cyberattacks with alerts and insight. -Security operations can investigate indicators 10 times faster and more effectively prioritize vulnerabilities. -Incident responders can investigate incidents more confidently with a broader context.
THE SOLUTION
-SaaS Platform: Research, analyze, and collaborate on intelligence through our intuitive web interface. -Integrations: Layer our contextualized threat intelligence onto your existing security infrastructure.
For orders greater than 8 users, Please contact AWS-Marketplace@recordedfuture.com
Highlights
- Easy-to-use browser extension accessible from any web-based application
- Real-time threat intelligence integrated into any security solution - SIEM, SOAR, Incident Response, and more
- Portal access for research, real-time alerting and dashboard views of trending threats and relevant intelligence
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Buyer guide
Gain valuable insights from real users who purchased this product, powered by PeerSpot.
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/36 months |
|---|---|---|
Brand Intelligence | Brand Intelligence and access for up to 4 users. | $243,750.00 |
Vulnerability Intel | Vulnerability Intelligence and access for up to 4 users. | $168,750.00 |
SecOps Intelligence | SecOps Intelligence and access for up to 10 users | $243,750.00 |
Identity Intel Workforce | Supports up to 25k workforce identities | $262,500.00 |
Third Party Intel | Third Party Intel Monitoring for up to 100 companies. | $318,750.00 |
Threat Intelligence | Threat Intelligence and access for up to 2 users | $281,250.00 |
Geopolitical Intel | Geopolitical Intelligence and access for up to 2 users | $281,250.00 |
ASI | Attack Surface Intelligence and up to 5 users and 1 project | $281,250.00 |
Identity Intel External | Supports up to 1M Identities | $393,750.00 |
Vendor refund policy
All orders and fees are non-cancellable and non-refundable once placed except as required by law.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Support is available 24/7 at +1(855) 476-9728 or via Support@recordedfuture.com Your success is important to us. Please refer to https://support.recordedfuture.com/hc/en-us for additional details or to submit a ticket.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Recorded Future
By IBM Security
By Trellix
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Machine Learning-Powered Threat Detection
Patented machine learning algorithms for identifying and analyzing security threats across multiple data sources
Real-Time Threat Intelligence Integration
Integration capabilities with security infrastructure including SIEM, SOAR, and incident response platforms for contextualized threat intelligence
Browser Extension for Threat Context
Browser extension accessible from web-based applications providing threat intelligence context during security operations
Threat Intelligence Portal and Dashboard
Web-based portal with research capabilities, real-time alerting functionality, and dashboard visualization of trending threats and relevant intelligence
Indicator Investigation and Analysis
Capability to investigate security indicators with contextual threat data for vulnerability prioritization and incident investigation
Security Information and Event Management
Real-time monitoring and visibility for threat detection including ransomware, insider threats, and cloud attacks with security analytics for rapid investigation and prioritization of critical threats.
Incident Response Automation and Orchestration
Automation and orchestration of incident response workflows with consistent, optimized, and measurable process execution.
Enterprise-Grade AI and Automation
Embedded artificial intelligence and automation capabilities designed to increase analyst productivity and accelerate incident lifecycle management.
Multi-Source Data Correlation
Correlation of data across users, networks, and cloud-native services to identify threats including cloud misconfigurations, policy changes, and suspicious user activity with alert deduplication.
Hybrid and Cloud Environment Integration
Centralized visibility across hybrid cloud and on-premises environments with deep integrations to AWS security services including Security Hub, CloudTrail, GuardDuty, Network Firewall, WAF, Detective, CloudWatch, and VPC Flow Logs.
Multi-Source Threat Data Integration
Correlates security events from Trellix Security Platform and over 500 third-party tools including 13 AWS integrations to create unified threat visibility across the security stack.
AI-Driven Alert Triage and Prioritization
Applies artificial intelligence-driven analytics to perform 100% alert triage, prioritize threats, and provide GenAI-powered insights for threat investigation and remediation guidance.
No-Code Automation for Investigation and Response
Provides UI-driven, point-and-click automation capabilities to offload repetitive security operations tasks and accelerate investigation and response workflows.
Pre-Built Analytics and Correlation Rules
Ingests data from multiple sources and correlates events using pre-built analytics and rules to reconstruct complete attack narratives and reduce manual investigation pivots.
Multi-Deployment Architecture Support
Supports cloud, hybrid, and air-gapped deployment models with an open integration ecosystem for flexible security infrastructure configurations.
Standard contract
No
No
No
Customer reviews
Manuel Carrillo
Centralized threat intelligence has transformed our investigations and now saves days of research time
Reviewed on May 12, 2026
Review provided by PeerSpot
What is our primary use case?
My main use case for Recorded Future is as a threat and vulnerability feed. In relation to my use case with Recorded Future , it is the go-to tool when it comes to checking for third-party issues, and it is a great place to have news and updates.
What is most valuable?
The best features Recorded Future offers is the feed; the actual feed has loads of news, and that is the strongest point as they have a lot of information in there that I use daily.
The feed helps me in my daily work by providing information around product vulnerabilities, and for example, I didn't find any vulnerability in the product but actually discovered that the provider had a breach, which didn't show up in any CVE or anything else because it was not a vulnerability, it was literally they got breached, so that was the most useful case that I have found.
Recorded Future has positively impacted my organization by providing the news, and it has actually made a huge impact; instead of having to rely on open source intelligence, I have a place to go where all the information is, so it saves a ton of time.
What needs improvement?
I cannot think of a way that Recorded Future can be improved. I don't have anything to add about the needed improvements, even small things such as interface tweaks or integrations.
For how long have I used the solution?
I have been using Recorded Future for a couple of years.
What do I think about the stability of the solution?
Recorded Future is absolutely stable.
What do I think about the scalability of the solution?
I don't think Recorded Future needs to be scaled; it works perfectly well the way it is.
How are customer service and support?
Recorded Future's customer support is excellent. Personally, I cannot tell you how I would rate the customer support on a scale of one to ten, but from what I've heard, it is well above average, an eight or nine, I would say, and really helpful, especially with the setup, but that is not first-hand information.
Which solution did I use previously and why did I switch?
I didn't previously use a different solution; I basically started using Recorded Future a couple of years ago and I am really happy with it.
How was the initial setup?
I wasn't involved in that part regarding pricing, setup cost, and licensing. I wasn't involved in the RFP process before choosing Recorded Future.
What was our ROI?
I have seen a return on investment as I explained earlier, it reduces the investigation time from days to minutes, and that is the biggest ROI; on a team of ten people that use it, one request can take you from three days to minutes.
Estimating how much time Recorded Future saves my team would be hard, but it basically reduces the investigation time for anything from days to less than an hour; on a team of ten people, you do the math—say you get fifty requests in a week, out of those fifty, you will be able to spend basically one person dedicated to that for one week, and the job will be done, rather than having a ton of people doing research independently.
What other advice do I have?
My advice to others looking into using Recorded Future is that if you can spend the money, go for it. I have rated this review as a nine out of ten.
Dario S.
Informative Threat Intelligence with Seamless API Integration
Reviewed on May 12, 2026
Review provided by G2
What do you like best about the product?
I use Recorded Future for threat hunting and threat intelligence, and I like that it provides detailed IOC contextualization and an API for bulk IOC checks. Its integration with SIEM resolves a lot of manual work and decreases repetitive tasks. I find the threat intelligence very informative and actionable, with the ability to show real-time awareness about security issues.
What do you dislike about the product?
I don't like the deduplication of IOCs and the lack of a possibility to mark reviewed and assessed intelligence.
What problems is the product solving and how is that benefiting you?
I use Recorded Future for threat hunting and intelligence. It provides detailed IOC contextualization, API for bulk IOC checks, and SIEM integration, reducing manual work and repetitive tasks.
Fenil S.
Efficient Risk Management, but Pricey
Reviewed on May 11, 2026
Review provided by G2
What do you like best about the product?
I like Recorded Future's training modules for the customer base. It's very user-friendly and easy to understand, which reduces manual dependency to a great extent. This helps in improving productivity for both the employees and the organization as a whole. The initial setup was also very smooth with easy instructions.
What do you dislike about the product?
I think the pricing is a little on the higher side which can be looked upon. The pricing for the elite package is on a very high side when compared to competitors in market.
What problems is the product solving and how is that benefiting you?
Recorded Future prevents virus attacks, monitors risks, and eliminates manual tasks. It's user-friendly, improves productivity, and reduces manual dependency significantly.
mahitha h.
Real-Time Threat Intelligence with Intuitive UI
Reviewed on May 07, 2026
Review provided by G2
What do you like best about the product?
I rely on Recorded Future for its real-time threat intelligence integration that reduces noise and provides analysts with the context needed for faster, more confident response decisions. It cuts through alert noise and automatically enriches IOCs, focusing SOC time on true threats rather than manual research. I like how it reduces false positives, speeds up investigation and response, and offers real-time visibility into emerging threats and vulnerabilities. The deep, real-time threat intelligence in a single, easy-to-use platform with great integrations and automation dramatically speeds up investigations and reduces alert noise. I also really like the intuitive UI and how easy it is to pivot from a single IOC to full threat context. The out-of-the-box dashboards and risk scores make it fast to see what truly matters. I appreciate using Recorded Future integrated with our SIEM/SOAR stack, which enhances alerts and powers automated response playbooks.
What do you dislike about the product?
The main downside for me is that Recorded Future can feel overwhelming at first - there is so much rich data that new users really need time and training to use it effectively. It's also a premium product, so the licensing and add-on modules can be expensive, which makes it harder for smaller teams to justify.
What problems is the product solving and how is that benefiting you?
Recorded Future integrates real-time threat intelligence into our systems, reducing alert noise, enriching IOCs automatically, and allowing us to focus on true threats. It decreases false positives, speeds up investigations, and provides real-time visibility into risks that impact our organization.
Nijat I.
Real-Time, Actionable Threat Intelligence with Seamless Security Tool Compatibility
Reviewed on May 03, 2026
Review provided by G2
What do you like best about the product?
The utility of Recorded Future can be seen in its ability to provide real-time awareness about possible security threats. It collects information from diverse sources and displays it in a comprehensible format, making it easy to assess and take necessary action. It provides threat intelligence that is highly informative and actionable, helping users to address issues before they become serious problems. It also has excellent compatibility with other security software.
What do you dislike about the product?
One issue is the volume of data, which can be overwhelming without any experience. It requires time to learn to distinguish between the noise and only those elements that need attention. The user interface is quite strong; however, it may not be straightforward for beginners, and there are certain things that need to be configured first before they become functional. There are also instances when alerts can be a bit wide and need validation manually, which creates an extra task. Another disadvantage is that it can be quite costly, particularly for small groups who cannot take advantage of all the offered features.
What problems is the product solving and how is that benefiting you?
Staying abreast of ever-changing cyber threats becomes a challenge with the absence of data in one place. The use of Recorded Future makes such task easier as it consolidates all necessary intelligence and brings contextual insight. This helps eliminate manual work and enables fast detection of any possible danger. Thus, time frames are reduced, and emphasis shifts from reaction to prevention. Furthermore, it allows prioritization, which improves risk management.