• HOME
  • CATEGORIES

    • CATEGORIES

    • Browse All Categories
  • FOR VENDORS

    • FOR VENDORS

    • Log In to Vendor Portal
    • Get Started
  • REVIEWS

    • REVIEWS

    • Write a Review
    • Product Reviews
    • Vendor Directory
    • Product Comparisons
  • GARTNER PEER COMMUNITY™
  • GARTNER.COM
  • Community GuidelinesListing GuidelinesBrowse VendorsRules of EngagementFAQPrivacyTerms of Service
    ©2026 Gartner, Inc. and/or its affiliates.
    All rights reserved.
  • Categories

    • No categories available

      Browse All Categories

      Select a category to view markets

  • For Vendors

    • Log In to Vendor Portal 

    • Get Started 

  • Write a Review

Join / Sign In
  1. Home
  2. /
  3. ThreatBook Advanced Threat Intelligence
Logo of ThreatBook Advanced Threat Intelligence

ThreatBook Advanced Threat Intelligence

byThreatBook
in Security Threat Intelligence Products and Services (Transitioning to Cyber Threat Intelligence Technologies)
5.0

Overview

Service Information on ThreatBook Advanced Threat Intelligence

Updated 13th October 2025

What is ThreatBook Advanced Threat Intelligence?

ThreatBook Threat Intelligence Platform - NGTIP is a software designed to provide organizations with insights and analysis on cyber threats by aggregating, correlating, and contextualizing threat intelligence data from multiple sources. The software offers automated threat detection, situational awareness, and risk assessment capabilities to help users identify and respond to security incidents. It integrates with security infrastructure, delivers timely intelligence feeds, and supports investigation processes by providing threat indicators, contextual data, and analysis tools. The software aims to enhance cybersecurity operations by enabling proactive threat identification and supporting decision-making for security teams in complex digital environments.

ThreatBook Advanced Threat Intelligence Pricing

The ThreatBook Threat Intelligence Platform NGTIP software uses a subscription-based pricing model, typically structured around different service tiers that offer varying levels of features and data volume. Pricing may be influenced by the number of users, the scope of threat intelligence feeds accessed, and integration capabilities with other systems. Custom pricing options may be available for enterprises with specific requirements.

Overall experience with ThreatBook Advanced Threat Intelligence

Engineering Manager
50M - 250M USD, IT Services
FAVORABLE

“Significant reduction in triage time thanks to advanced IOC enrichment”

5.0
Jun 10, 2026
This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions. This text serves as a placeholder and does not reflect the user’s review responses or opinions.
There are no reviews in this category.
CRITICAL

About Company

Company Description

Updated 5th July 2024

ThreatBook is a provider of cyber threat detection and response services. We developed new approaches to deliver high-fidelity, efficient, and actionable security intelligence. We integrated these capabilities with a full life cycle threat detection system and incident response mechanisms to enhance protection across cloud, network, and endpoints. This helps enterprises respond to threats efficiently, reduce complexity, and improve security operations.

Company Details

Updated 26th February 2025
Company type
Private
Year Founded
2015
Head office location
Beijing, China
Number of employees
501 - 1000
Website
https://threatbook.cn/next/en

Do You Manage Peer Insights at ThreatBook?

Access Vendor Portal to update and manage your profile.

Key Insights

Top ThreatBook Advanced Threat Intelligence Alternatives

Logo of CloudSEK XVigil
1. CloudSEK XVigil
4.8
(366 Ratings)
Logo of Cyble Vision
2. Cyble Vision
4.8
(330 Ratings)
Logo of Recorded Future Intelligence Platform
3. Recorded Future Intelligence Platform
4.6
(278 Ratings)
View All Alternatives

Peer Discussions

ThreatBook Advanced Threat Intelligence Reviews and Ratings

5.0

(95 Ratings)

Rating Distribution

5 Star
99%
4 Star
1%
3 Star
0%
2 Star
0%
1 Star
0%
Why ratings and reviews count differ?
  • Engineering Manager
    50M-1B USD
    IT Services
    Review Source

    Significant reduction in triage time thanks to advanced IOC enrichment

    5.0
    Jun 10, 2026
    We adopted ThreatBook. TIPabout ten months. ago tostrengthen threat intelligence enrichment for our IoT connectivity platform. As. a provider managingconnectivity. for hundred. ofenterprise clients,we process thousands of security. events daily,and TIP has become the backbone of our automated IOC enrichment pipeline. The API integration was smooth; we. hadit connected to our SIEM. andSOAR within two weeks. What stood out most is the context depth on high-fidelity indicators: attribution data, MITRE ATT&CK mapping, and geopolitical background come bundled with every IOC, which helps our small team make faster, more informed decisions without being intelligence analysts ourselves. The threat research portal. has als. provenvaluablefor proactive hunting; we have identified several Mirai and Mozi variant campaigns targeting IoT infrastructure weeks before they hit mainstream news. The vendor's support. teamis responsive, typically answering technical questions within. hours.Overall, TIP has cut our. meantime to triage from around. 45minutes to under. 15for most alerts.
  • Engineering Manager
    50M-1B USD
    IT Services
    Review Source

    Significant reduction in triage time thanks to advanced IOC enrichment

    5.0
    Jun 10, 2026
    We adopted ThreatBook. TIPabout ten months. ago tostrengthen threat intelligence enrichment for our IoT connectivity platform. As. a provider managingconnectivity. for hundred. ofenterprise clients,we process thousands of security. events daily,and TIP has become the backbone of our automated IOC enrichment pipeline. The API integration was smooth; we. hadit connected to our SIEM. andSOAR within two weeks. What stood out most is the context depth on high-fidelity indicators: attribution data, MITRE ATT&CK mapping, and geopolitical background come bundled with every IOC, which helps our small team make faster, more informed decisions without being intelligence analysts ourselves. The threat research portal. has als. provenvaluablefor proactive hunting; we have identified several Mirai and Mozi variant campaigns targeting IoT infrastructure weeks before they hit mainstream news. The vendor's support. teamis responsive, typically answering technical questions within. hours.Overall, TIP has cut our. meantime to triage from around. 45minutes to under. 15for most alerts.
  • Read All 99 Reviews

    Get unlimited access to verified peer reviews and insights

    Read unlimited Gartner-vetted product reviews
    View and share valuable product insights
    Download full product profiles
    Review products you use today

Recommended Gartner Insights

  • Magic Quadrant for Security Threat Intelligence Products and Services (Transitioning to Cyber Threat Intelligence Technologies)
Powered by Google TranslateThis service may contain translations provided by Google. Google disclaims all warranties related to the translations, express or implied, including any warranties of accuracy, reliability, and any implied warranties of merchantability, fitness for a particular purpose and noninfringement. Gartner's use of this provider is for operational purposes and does not constitute an endorsement of its products or services.

Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.

This site is protected by hCaptcha and its Privacy Policy and Terms of Use apply.


Software reviews and ratings for EMMS, BI, CRM, MDM, analytics, security and other platforms - Peer Insights by Gartner
Community GuidelinesListing GuidelinesBrowse VendorsRules of EngagementFAQsPrivacyTerms of Use

©2026 Gartner, Inc. and/or its affiliates.

All rights reserved.

ThreatBook Advanced Threat Intelligence Likes & Dislikes

Like

1. The IOC context depth and enrichment quality for IoT-specific threats have exceeded our expectations. Unlike generic threat feeds that just return a binary malicious or benign verdict, TIP provides rich contextual information: threat actor attribution, campaign association, targeted industry verticals, and MITRE ATT and CK technique mapping, all in a single API response. For our IoT-heavy environment, the ability to filter by attack surface relevance has been particularly useful, for example whether a C2 domain is associated with known IoT botnet infrastructure. Over the past six months, TIP enrichment has helped us catch three targeted credential-stuffing campaigns against our customer device management. portalsthat our previous basic threat feed completely missed. 2. The API performance and integration flexibility have enabled us to build automated enrichment workflows with minimal engineering effort. The REST API consistently responds in under 200 milliseconds, which means we. canenrich IOCs inline during real-time. eventprocessing without introducing noticeable latency into our detection pipeline. We have integrated TIP with. ourSplunk SIEM for automated lookup, with our SOAR playbook for conditional escalation, and with a custom Slack bot. thatpushes high-severity threat notifications to our engineering channel. The webhook callback mechanism for bulk. IOCsubmissions is also well-designed: we submit batches of 500 to. 1000indicators nightly from our honeypot network, and the asynchronous processing handles. themreliably. 3. The proactive. threathunting and campaign intelligence capabilities have become an unexpected force multiplier for our team. The threat research portal provides curated analyst notes, campaign timelines, and. IoCpackages for active threat

Like

1. The IOC context depth and enrichment quality for IoT-specific threats have exceeded our expectations. Unlike generic threat feeds that just return a binary malicious or benign verdict, TIP provides rich contextual information: threat actor attribution, campaign association, targeted industry verticals, and MITRE ATT and CK technique mapping, all in a single API response. For our IoT-heavy environment, the ability to filter by attack surface relevance has been particularly useful, for example whether a C2 domain is associated with known IoT botnet infrastructure. Over the past six months, TIP enrichment has helped us catch three targeted credential-stuffing campaigns against our customer device management. portalsthat our previous basic threat feed completely missed. 2. The API performance and integration flexibility have enabled us to build automated enrichment workflows with minimal engineering effort. The REST API consistently responds in under 200 milliseconds, which means we. canenrich IOCs inline during real-time. eventprocessing without introducing noticeable latency into our detection pipeline. We have integrated TIP with. ourSplunk SIEM for automated lookup, with our SOAR playbook for conditional escalation, and with a custom Slack bot. thatpushes high-severity threat notifications to our engineering channel. The webhook callback mechanism for bulk. IOCsubmissions is also well-designed: we submit batches of 500 to. 1000indicators nightly from our honeypot network, and the asynchronous processing handles. themreliably. 3. The proactive. threathunting and campaign intelligence capabilities have become an unexpected force multiplier for our team. The threat research portal provides curated analyst notes, campaign timelines, and. IoCpackages for active threat

Like

1. The IOC context depth and enrichment quality for IoT-specific threats have exceeded our expectations. Unlike generic threat feeds that just return a binary malicious or benign verdict, TIP provides rich contextual information: threat actor attribution, campaign association, targeted industry verticals, and MITRE ATT and CK technique mapping, all in a single API response. For our IoT-heavy environment, the ability to filter by attack surface relevance has been particularly useful, for example whether a C2 domain is associated with known IoT botnet infrastructure. Over the past six months, TIP enrichment has helped us catch three targeted credential-stuffing campaigns against our customer device management. portalsthat our previous basic threat feed completely missed. 2. The API performance and integration flexibility have enabled us to build automated enrichment workflows with minimal engineering effort. The REST API consistently responds in under 200 milliseconds, which means we. canenrich IOCs inline during real-time. eventprocessing without introducing noticeable latency into our detection pipeline. We have integrated TIP with. ourSplunk SIEM for automated lookup, with our SOAR playbook for conditional escalation, and with a custom Slack bot. thatpushes high-severity threat notifications to our engineering channel. The webhook callback mechanism for bulk. IOCsubmissions is also well-designed: we submit batches of 500 to. 1000indicators nightly from our honeypot network, and the asynchronous processing handles. themreliably. 3. The proactive. threathunting and campaign intelligence capabilities have become an unexpected force multiplier for our team. The threat research portal provides curated analyst notes, campaign timelines, and. IoCpackages for active threat

A Snapshot of What Matters - Based on Validated User Reviews

User Sentiment About ThreatBook Advanced Threat Intelligence
Reviewer Insights for: ThreatBook Advanced Threat Intelligence
Performance of ThreatBook Advanced Threat Intelligence Across Market Features
Deciding Factors: ThreatBook Advanced Threat Intelligence Vs. Market Average