Threat Research & Intelligence

Keep pace with the ever-changing threat landscape. Fortra’s multi-vector approach to threat research works tirelessly, so you don’t have to. Uncover the power of technology, expertise, and shared information with Fortra Threat Brain, a multi-vector hub of verified threat intelligence.


At Fortra, we’re always on the hunt for the latest tactics, techniques, and procedures employed by today’s cybercriminals. We believe that decisions are only as good as the information behind them, and we’ve made it our mission to produce world-class threat intelligence and research as a result.

That’s why we created Fortra Threat Brain, the culmination of our investigative efforts and the synthesis of combined Fortra technologies — and we’re just getting started. Fortra Threat Brain is an all-in-one information hub fed by telemetry of our expansive portfolio of products. Augmenting that already sizeable set are additional insights gleaned from across the dark web, social media, law enforcement, and of course, a select pool of partners.

We leave nothing to chance when it comes to uncovering the exploits that could upend our customer base and its associates. With a proven track record and an arsenal of research resources, Fortra’s team of world-class threat intelligence experts can get you the information you need to gain the upper hand in today’s threat landscape.

Threat intelligence allows your enterprise to prioritize the areas of highest impact. Armed with critical data, you will be empowered to:

Rapidly Respond

Make the best decision in the moment, expedited by a comprehensive view of the threat landscape as it relates to you

Manage Alerts

Reduce analyst fatigue and false positives; without automation, sheer volume can cause missed indicators

Prevent Fraud

Aggregate data from disparate communities and sources to identify patterns of fraud and abused information

Improve Security Posture

Construct accurate risk models that facilitate security choices based on your organization’s vulnerabilities

World-Class Threat Intelligence: Fortra Threat Brain

The Fortra Threat Brain is made up of three parts: people, technology, and a data sharing exchange of quickly corroborated information.

The People
The Technology
The Data Sharing Exchange
Fortra Platform diagram

Machine Learning Technology Use Cases

Fortra mobilizes machine learning to find threats faster and evaluate risks. Here are some examples of how we use ML to increase protected outcomes for our customers:

  • Anomaly detection through unsupervised learning and clustering across operating systems; web applications; and cloud, network, and SaaS applications
  • Malicious email and brand abuse detection using natural language processing (NLP), random forest classifier, and other techniques
  • Dynamic vulnerability ranking via supervised learning to add multiple dimensions to the CVSS score

Fortra's Team of Threat Intelligence Experts

Here at Fortra, we leave nothing to chance. Our team of dedicated threat intelligence experts are skilled professionals in their fields who share a common goal of dismantling emerging exploits. The diverse skillsets of our team members add credibility and a 360-degree perspective to our analysis, investigation, and threat vetting techniques. Team members include:

Vulnerability researchers

Malware analysts

Data scientists

Security architects

Automation engineers

Security developers

Reverse engineers

Red and blue team experts

Fortra's Threat Intelligence Research

Agari Cyber Intelligence Division (ACID)

Agari’s counterintelligence team, ACID, is dedicated to worldwide business email compromise (BEC), spear phishing investigation, and cybercrime abatement.

View Research

Alert Logic

The Alert Logic blog goes deep on the latest threat activity and recommendations for enhancing security.

View Research

Beyond Security

Beyond Security’s repository of instructions for finding and fixing vulnerabilities addresses threats to widely used technology and applications.

View Research


These Clearswift resources review hot data security topics including the latest compliance requirements and how to protect sensitive assets.

View Research

Cobalt Strike Red Team Testing Tool

The Cobalt Strike blog keeps the red teaming community updated on the latest advancements in this powerful offensive security tool.

View Research

CoreLabs Research

CoreLabs, the research center of Core Security, is charged with researching and understanding security trends as well as anticipating the future requirements of information security technologies.  

View Research

Digital Defense Vulnerability Research Team (VRT)

Discover the latest news and helpful information from the Digital Defense Vulnerability Research Team (VRT).

View Research

Digital Guardian

Digital Guardian’s blog, Data Insider, looks at the latest malware and ransomware threat research. 

View Research


The Outflank blog discusses red teaming, attack simulation, and other IT security stories from the trenches.

View Research


PhishLabs blogs and webinars discuss the latest best practices for keeping emails, brands, and data safe from sophisticated phishing attacks, insider threats, and accidental data loss.

View Research
Browse Webinars


Tripwire's award winning State of Security blog keeps cybersecurity professionals informed about the latest vulnerabilities, misconfigurations, and cybersecurity news.

View Research

Fortra Partners with Microsoft to Stop Cybercriminals

Stopping the Attack that Hijacked Ireland's Public Health System


A cracked Cobalt Strike hack evaded capture for years, endangering human lives

When Fortra and Microsoft teamed up, cybercriminals had been wreaking havoc with the abused red teaming software for years. A weaponized Cobalt Strike was unleashed by adversaries on Ireland’s public health system, infiltrating more than 80% of IT and forcing the entire organization — over 100,000 people strong — offline. With lives at risk, Fortra joined Microsoft in unprecedented measures to remove instances of the cracked software.

Read More

A Court Order to Go After Cracked Cobalt Strike


"Instead of disrupting a malware family, we’re trying to pull all illegal instances of Cobalt Strike offline”

The ransomware families associated with or deployed by cracked copies of Cobalt Strike have been linked to more than 68 ransomware attacks impacting healthcare organizations in more than 19 countries around the world. However, strategy shifted when a newly issued court order gave Fortra, Microsoft, Health-ISAC and others the green light for more aggressive measures to take the compromised tool offline.

Read More

Fortra products and services

Fuel your strategy with Fortra Threat Intelligence

Too many threats, too little time? Backed by insights from Fortra’s powerful portfolio and the public threat scape, you can make critical decisions with confidence.