Intezer - Pricing Plans for Autonomous Security Operations

Pricing

Pricing

Eliminate false positives, improve response time, and make threat hunting easier with automation powered by Intezer’s innovative threat analysis technologies.
Free
Try automating triage and analysis with Intezer
$0
*No credit card required
This plan includes:
  • Two-week trial of advanced analysis and automation features

  • Up to 500 automated scans during trial for analysis, triage, and response

  • 10 free public, on-demand file scans every month after the trial ends

Malware Analysis​
An advanced toolset for on-demand investigations
$200/month
billed at $2,400/year
100 monthly scans
This plan includes:
  • Starting from 100 private, on-demand file scans per month
  • IOC extraction of hashes, IPs, and domains
  • Automatic clustering of threats for faster remediation
  • Download samples
  • IDA / Ghidra plugins for reverse engineering
Autonomous SOC
Automate analysis, triage, and response processes for every alert
Priced by endpoints
Keep your budget consistent even if the alert volume increases
All Malware Analysis features, plus:
  • Automated triage & analysis for endpoint and email alerts
  • Escalation of serious, confirmed incidents
  • Auto-remediation of most alerts
  • Unlimited private scans of files, endpoints, memory, and URLs from alerts
  • 1,000 on-demand scans for files, endpoints, memory, and URLs per month
  • Weekly report with tuning recommendations
Jesse Stoltz
SOC Manager at Legato Security

quotation mark There is a large volume of alerts produced every day and manually performing analysis on all of these files is not scalable. Intezer has given us the ability to provide in-depth reporting in a timely manner.

Check out the case study

Malware Analysis
From $200/month
Autonomous SOC
Priced by endpoints

Triage Features

Automated triage of endpoint alerts
Available for alerts from SentinelOne, CrowdStrike, and Microsoft Defender
Up to 500 alerts during trial
Automated triage of email alerts, attachments and URLs
Available through SOAR or API
Automated evidence collection and forensics for alerts
Escalation for serious incidents
Notifications to email, Slack, and case management systems for high-risk, confirmed threats
Auto-resolution of false positive alerts
Available for alerts from SentinelOne, CrowdStrike, and Microsoft Defender
Auto-remediation of true positive alerts
Available for alerts from SentinelOne, CrowdStrike, and Microsoft Defender
Automated alert enrichment
Includes threat classification and recommended next steps. Available for alerts from SentinelOne, CrowdStrike, and Microsoft Defender
Weekly executive report with tuning recommendations
Automated clustering of scanned threats
Extract IOCs
Including indicators of compromise such as hashes, IPs, and domains

Response Features

Free
Malware Analysis
Autonomous SOC
Auto-remediation for alerts
Available for alerts from SentinelOne, CrowdStrike, and Microsoft Defender

Analysis Features

Privacy for scanned files and analyses
Public
Private
Private
On-demand file analysis
File types you can upload: Windows executable files, Linux executable files (ELF), macOS executable files and applications, compressed files, Android applications (APK), installers, Microsoft Office files, PDFs and scripts
10 scans per month
100 scans per month
1000 scans per month
On-demand analysis of URLs
On-demand analysis of memory images
On-demand analysis of live endpoints

Hunting Features

Threat feed
Subscribe to threat groups/families of interest
Extract advanced IOCs and detection opportunities
Related samples, reused strings, Detect & Hunt, code-based vaccines
Extract behavioral rules/queries
IDA / Ghidra plugins for reverse engineering

Knowledge & Intelligence Features

Global corpus of APTs & cyber crime
Organizational knowledge retention

Other Features

Integrations for out-of-the-box automation
Alert triage API access
Malware analysis API access
Download samples
Single sign-on authentication and MFA

Support & Services

Support
Community
Standard (Premium available)
Standard (Premium available)
Access to expert security analysts
Use "Contact an Expert" feature for on-demand assistance when you need additional expertise
Custom contract/license
For additional cost
Security review
For additional cost
Stuck in contract with an outsourced SOC?
We will buy it out.

Frequently asked questions

Have more questions? Want to know the technical details?
Check out Intezer’s Docs.

You can watch a 5 minute recorded demo here.
If you have more questions or want to talk about an extended Autonomous SOC trial with support from our Solution Engineers, you can book a demo with us.

You can watch a 5 minute recorded demo here or go here to sign up for a free Intezer account. A free account gives you access to try Intezer’s full AutonomousDR capabilities for two weeks, then downgrades to a Malware Analysis plan with 10 free scans per month.

If you have more questions or want to talk about an extended trial with support from our Solution Engineers, you can book a demo here.

Some of our most popular integrations are for CrowdStrike and SentinelOne, for automating endpoint security alert triage, response, and hunting. Intezer also integrates with multiple SOAR tools (such as Cortex XSOAR) to automate phishing alert triage and incident response. Intezer can also be interacted with and perform automated security operation tasks through our REST API and Python SDK. You can check out our full Integration List here.

Getting setup with Intezer usually takes two hours or less – the primary onboarding tasks are connecting your alert sources (adding an API key with the required permissions) and then adding members of your team as new users to Intezer. If you want to know more about getting started with Intezer, you can book a demo to talk with us about integrating Intezer into your tech stack and processes.

Top brands like Pepsico, Adobe, Equifax, Anheuser-Busch InBev, and other Fortune 500 enterprise security teams use Intezer to triage the high volume of alerts (and all the associated artifacts) from their endpoint and email security systems. Enterprise organizations also use Intezer’s Autonomous SecOps capabilities across their SOC, incident response, and cyber threat intelligence teams (as well as top security research teams, which frequently use Intezer’s best-in-class Malware Analysis toolset to analyze evolving and novel threats).
Intezer is primarily a cloud-based solution – we take pride in our online user interface. However, we also offer on-premise solutions for organizations that require it.

    Request access to free trial

    Please leave your contact details to request access to our free 2-week trial

    First Name

    Last Name

    Job Title

    Company

    Business email

    Country

    Phone (optional)

    We’re using (optional)

    New: Connect Microsoft Defender with Intezer's Autonomous SOC solutionNew: Connect Microsoft Defender with Intezer's Autonomous SOC solution Learn more
    Generic filters
    Exact matches only
    Search in title
    Search in content
    Search in excerpt