ThreatWatch — Real-Time Threat Intelligence

Threat Intel

Threat Aggregation

All your intelligence in one place

CISA KEV Catalog

Real-time tracking of CISA's Known Exploited Vulnerabilities — the threats actively being used in the wild.

NVD / CVE Database

Continuous monitoring of the National Vulnerability Database for newly published CVEs with CVSS scoring.

CISA Advisories

Critical cybersecurity alerts, advisories, and ICS-CERT notifications from CISA.

GitHub Advisory Database

Reviewed security advisories from GitHub covering open-source package vulnerabilities across all ecosystems.

URLhaus Malicious URLs

Active malicious URL tracking from abuse.ch — detect malware distribution and phishing sites in real time.

Feodo Tracker Botnets

Botnet command & control server intelligence from abuse.ch — track Emotet, TrickBot, QakBot and more.

Customization

Smart Filtering & Customization

Only see what matters to you

Environment Filters

Filter by cloud, on-premises, hybrid, or containerized environments to focus on relevant threats.

System & Platform Targeting

Choose specific platforms — Windows, Linux, macOS, network devices, web applications, and more.

Severity Thresholds

Set your minimum severity level. Get alerted for critical and high only, or include medium and below.

Custom Rules (Enterprise)

Define custom matching rules based on keywords, vendor names, or specific CVE patterns.

Alerting

Notification Channels

Get alerted where you work

Email Digests

Daily or weekly email summaries with threats ranked by severity and relevance to your filters.

Slack Integration

Push alerts directly to your Slack channels with severity badges and one-click dashboard links.

Microsoft Teams

Adaptive card notifications in Microsoft Teams with threat details and action buttons.

In-App Notifications

Full notification center in your ThreatWatch dashboard with read/unread tracking.

Features