Name: ThreatBook TDP NDR
Rating: 5 (121 reviews)

Overview

Product Information on ThreatBook TDP NDR

Updated 13th October 2025

What is ThreatBook TDP NDR?

ThreatBook TDP NDR is a software designed to identify, analyze, and respond to network-based threats within enterprise environments. The software uses network detection and response capabilities to monitor network traffic, detect anomalies, and provide insights into potential security incidents. It leverages threat intelligence and behavioral analysis to uncover hidden risks and deliver detailed threat context. The software supports the investigation of security events by providing automated alerts, forensic data, and visualization of attack paths. It aims to enhance threat visibility, streamline incident response, and support security teams in mitigating risks posed by advanced persistent threats and malware.

Overall experience with ThreatBook TDP NDR

IT Associate

<50M USD, Manufacturing

FAVORABLE

“Comprehensive Security Coverage and Efficient Response Noted With TDP Platform”

5.0

May 8, 2026

I think the TDP platform is overall very practical and easy to use,with no major shortcomings.It serves as an all-in-one security operations platform that covers the entire security workflow,including asset attack surface management,monitoring and detection,automated analysis,and response and remediation capabilities.In daily operations,I regularly verify and remediate exposed attack surfaces identified by TDP. Its detection capability is also quite strong. TDP has helped me identify emerging threats such as Sliver Fox malware and worm viruses,and by integrating with the firewall for automated blocking,it has greatly improved the speed of incident response and made further investigation and troubleshooting much more efficient.

There are no reviews in this category.

CRITICAL

About Company

Company Description

ThreatBook is a provider of cyber threat detection and response services. We developed new approaches to deliver high-fidelity, efficient, and actionable security intelligence. We integrated these capabilities with a full life cycle threat detection system and incident response mechanisms to enhance protection across cloud, network, and endpoints. This helps enterprises respond to threats efficiently, reduce complexity, and improve security operations.

Company Details

Company type

Private

Year Founded

2015

Head office location

Beijing, China

Number of employees

501 - 1000

Website

https://threatbook.cn/next/en

Do You Manage Peer Insights at ThreatBook?

Access Vendor Portal to update and manage your profile.

Key Insights

A Snapshot of What Matters - Based on Validated User Reviews

User Sentiment About ThreatBook TDP NDR

Reviewer Insights for: ThreatBook TDP NDR

Deciding Factors: ThreatBook TDP NDR Vs. Market Average

Performance of ThreatBook TDP NDR Across Market Features

ThreatBook TDP NDR Likes & Dislikes

First,I appreciate TDP's detection capability and high level of accuracy.In most cases,if TDP generates a detection alert,there is indeed a real issue,and false positives are very rare.In daily operations,I mainly focus on alerts related to successful attacks.Second,I value the response efficiency of ThreatBook. Whenvever I report an issue,the ThreaBook team responds very quickly and handles the problem thoroughly.They also regularly organize technical sharing sessions,which help me learn about new attack scenarios and security technologies.

TDP provides alert notification capabilities, allowing real-time detected alerts to be sent directly to enterprise bots for immediate notification.It also includes attack surface management features, such as identifying weak passwords and exposed external login portals, helping organizations verify and remediate risks in a timely manner.In addition, TDP Supports automated response capabilities by integrating with other security devices to block malicious IPs and domains, enabling a largely automated incident response and security operations workflow.

1) We have a large number of equipment units, after deploying in a cluster, we can conduct unified operation and maintenance monitoring,which saves a lot of operational time. 2) The TDP has a real-time monitoring interface, during our attack and defense phases, we can use this to achieve real-time refreshing of attack data.

I think the TDP API documentation is not comprehensive enough,as it does not include all the fields displayed on the web interface.In addition,some weak password detection results are not entirely accurate.

In terms of weak password detection, some normal authenticated login behaviors are occasionally identified as weak password events, resulting in inaccurate detection in certain scenarios. Second, the built-in agent used for investigation and tracing collects limited information, so its investigation capabilities are somewhat restricted. The overall product cost is relatively high compared to some other solutions.

1) The cascading deployment requires a relatively high amount of resources, so we are considering that the cost application process is rather cumbersome. 2) The equipment cannot connect to the internet, so the intelligence needs to be manually updated every day. However, there is nothing we can do about it.

Top ThreatBook TDP NDR Alternatives

Peer Discussions

ThreatBook TDP NDR Reviews and Ratings

Recommended Gartner Insights

Magic Quadrant for Network Detection and Response

<50M USD

Manufacturing

Review Source

Comprehensive Security Coverage and Efficient Response Noted With TDP Platform

50M-1B USD

Consumer Goods

An Integrated One-Stop Security Operations Platform

May 11, 2026

TDP is a network traffic monitoring platform that provides capabilities such as asset attack surface identification, helping organizations better understand and manage their internal attack surfaces.It also includes threat monitoring features that help detect internal security incidents in a timely manner.For incident response and closed-loop security operations, TDP can integrate with other security devices to automatically block malicious activities.Overall, it serves as a one-stop security operations platform that combines visibility,threat detection,investigation,and automated response capabilities to improve daily security operations efficiency and reduce manual workload for security teams.

Customer Service & Support Associate

10B+ USD

IT Services

Real-Time Attack Data Refreshing Enhances Detection, Yet Resource Requirements Remain High

The monitoring and detection capabilities are both excellent, they can significantly reduce the pressure on our daily operations and prevent many risks.

Marketing Manager

Hardware

TDP Offers Reliable Threat Detection and Streamlines Security Event Investigations

Dec 4, 2025

As an NDR product,TDP demonstrates excepionolly strong threat detection capabilities.We have validated this through multiple penetration tests and red-blue team exercises-it accurately identifies attack behaviors from massive volumes of logs and marks them as 'successful attacks',presenting the most critical security events intuitively to our security operations team. Additionally, it serves as a probe that provedes highly reliable data sources for our SIEM platform,significantly reducing our investigation efforts.

IT Security & Risk Management Associate

1B-10B USD

Travel and Hospitality

Cost-Effective Threat Detection Solution by the integration of TDP and honeypots

Apr 21, 2026

Easy to use, and it has discovered many valuable alerts, and the product functions meet the daily security operation needs.For our multi-warehouse scenarios, the TDP scheme interconnected with honeypot greatly reduces costs.

Overview

Product Information on ThreatBook TDP NDR

What is ThreatBook TDP NDR?

ThreatBook TDP NDR Pricing

Overall experience with ThreatBook TDP NDR

“Comprehensive Security Coverage and Efficient Response Noted With TDP Platform”