Welcome to Threat Intelligence (Intelligence Hub)
Threat Intelligence (Intelligence Hub) Overview
The Threat Intelligence (Intelligence Hub) platform delivers high fidelity insights with significantly less noise by harvesting data from Rapid7 Labs’ community-driven tools, such as AttackerKB and proprietary threat and vulnerability research. These insights empower teams to focus on the most meaningful signals and take the highest priority actions, such as patching systems with vulnerabilities that are being actively exploited in the wild, to stay ahead of the critical vulnerabilities and threats most relevant to your organization.
Threat Intelligence (Intelligence Hub) will gradually be replacing TIP
The Threat Intelligence Platform (TIP) is gradually being phased out and replaced by the new and improved Threat Intelligence (Intelligence Hub) . To ensure a smooth changeover, the existing features of TIP have been absorbed into the Threat Intelligence (Intelligence Hub) and Digital Risk Protection (Threat Command) platforms.
The first phase of this transition includes the following changes:
- The IOCs, Investigation, and Sources modules are now in Threat Intelligence (Intelligence Hub).
- The Intellifind module has been moved to Digital Risk Protection (Threat Command).
- The Threat Library module is now a legacy feature that will eventually be replaced by the Threat Intelligence (Intelligence Hub) Campaigns and Threat Actors modules.
- The existing Integrations module has been added to Threat Intelligence (Intelligence Hub) from the Digital Risk Protection (Threat Command) Automation module.
- The TIP Dashboard is now called IOC Summary .
- The Digital Risk Protection (Threat Command) Dashboard is now called Threat Summary .
This transition will take place over time to ensure continuity and minimal disruption. Further details and timelines will be communicated in due course. We appreciate your continued support and look forward to introducing you to the improved platform.
Why use Threat Intelligence (Intelligence Hub)?
Threat Intelligence (Intelligence Hub) empowers security teams to:
- Proactively respond to real-world threats
- Threat Intelligence (Intelligence Hub) aggregates and correlates threat data from multiple sources, ensuring teams focus on high-confidence threat indicators, such as IOCs (indicators of compromise), CVEs (common vulnerabilities and exposures), and TTPs (tactics, techniques and procedures).
- Curated, high-fidelity IOC feeds are infused with proprietary Rapid7 Labs research, honeypot data, and active threat monitoring to deliver the most reliable indicators of compromise, reducing false positives and increasing analyst efficiency.
- Monitor the most active adversaries targeting your industry or region to stay ahead of attackers.
- Prioritize vulnerability remediation
- Bridge the gap between vulnerability management and threat intelligence by leveraging real-world threat data that highlights vulnerabilities actively being exploited in the wild, so you can focus remediation efforts where they’ll have the greatest impact on risk reduction.
- Enhance detection coverage and threat hunting
- Threat Intelligence (Intelligence Hub) feeds directly into Rapid7 SIEM (InsightIDR) , providing context-rich threat intelligence to enhance detection, threat hunting, and incident response.
- Security analysts investigating alerts can instantly see related threat campaigns and review curated profiles of threat actors.
- IOC decay modeling automatically retires outdated or inactive indicators, reducing false positives and increasing detection precision within SIEM (InsightIDR).
- Simplify threat reporting
- Convert complex security data into clear, actionable reports, making it easy to communicate risk trends and remediation progress.