Skip to content
    Back to Security Operations (SecOps)
    Security Operations (SecOps)StartupThreat Intel Platform

    EclecticIQ

    Threat intelligence platform for analyst-centric SecOps workflows

    Mkt Cap / ValPrivate (NL)
    RevenueEst. $30M ARR
    Growth+30% YoY
    EclecticIQ combines a threat intelligence platform with an analyst workbench and sharing hub in a single platform — uniquely positioning it as both the operational hub where analysts work and the collaborative layer where intelligence flows between sharing communities, ISACs, and partner organizations.
    Analyst take · Competitive edge

    SWOT Analysis

    Strengths
    • Dual-role platform: analyst workbench for investigation plus intelligence sharing infrastructure for communities
    • Strong ISAC and government customer base with deep STIX/TAXII and MISP interoperability
    • Intelligence Center provides structured threat actor, malware, and campaign tracking with analyst-curated context
    • European origin with strong GDPR compliance architecture appealing to EU financial and government buyers
    • Flexible deployment: SaaS, on-prem, and air-gapped options for sensitive environment requirements
    Opportunities
    • EU public sector and financial services regulatory compliance driving demand for GDPR-native TIP solutions
    • Intelligence sharing network growth: becoming the connective tissue for sector-specific ISAC communities
    • AI-enhanced intelligence production: automating analyst report generation and campaign attribution from raw TI
    • SOC integration: deeper SIEM and SOAR connectors enabling TI-triggered automated response
    Weaknesses
    • Less brand recognition in North American enterprise market versus Recorded Future and Anomali
    • Platform UI complexity requires dedicated threat intelligence analyst training for full utilization
    • Sales and support presence lighter in North America and APAC versus European home market
    • Machine-speed TI automation capabilities less mature than Recorded Future's AI-driven intelligence pipeline
    Threats
    • Recorded Future with AI-native intelligence production and dark web collection capabilities
    • Anomali ThreatStream with broader commercial TI feed aggregation ecosystem
    • SIEM vendors embedding native TI correlation reducing standalone TIP investment rationale
    • MISP open-source platform capturing budget-constrained organizations in EclecticIQ's government segment

    User Sentiment

    Synthesized from G2, Gartner Peer Insights, and analyst review data.

    What users love
    • Combined analyst workbench and sharing hub means threat intelligence production and distribution from one platform
    • ISAC community integration is seamless — sharing structured intelligence with sector peers happens in clicks
    • Strong STIX/TAXII interoperability makes EclecticIQ the central node in multi-platform TI ecosystems
    • On-prem and air-gapped deployment options satisfy strict data residency requirements in government and defense
    Common complaints
    • Platform complexity requires dedicated TI analyst investment — not suitable for lean security teams without TI focus
    • North American support and sales coverage lighter than European presence — longer response times reported
    • AI-driven intelligence automation capabilities still catching up to Recorded Future's machine-speed enrichment

    Pricing & TCO

    Analyst-synthesized pricing signals — directional only, contact vendor for current terms.

    Enterprise LicenseHigh TCOContact Sales No Free Tier

    Typical ACV (Mid-Enterprise)

    $60K–$400K

    Market Segments

    EnterpriseFortune 500

    Deployment

    SaaSOn-Prem

    Key Cost Drivers

    • Deployment model: SaaS versus on-prem or air-gapped
    • Number of analyst workbench users
    • Intelligence sharing community feeds and ISAC memberships

    Enterprise TIP pricing with on-prem flexibility — air-gapped deployment adds significant infrastructure investment.

    Full comparison

    Customer Profile

    Who buys this

    Typical segments

    Government and Defense OrganizationsEuropean Financial ServicesISACs and Intelligence Sharing Communities

    Typical buyer

    Threat Intelligence Manager, Security Operations Director, or Government CISO

    Top use cases
    1. 1ISAC intelligence sharing: structured TI exchange across sector communities using STIX/TAXII
    2. 2Threat actor tracking: analyst-curated profiles of adversary groups, TTPs, and campaign histories
    3. 3Air-gapped intelligence operations: classified threat intelligence management in isolated environments

    Future Focus Areas

    1

    AI intelligence production: automated threat report generation and campaign attribution from raw indicator data

    2

    Supply chain intelligence: integrating SBOM and vendor risk data with adversary campaign intelligence

    3

    Automated sharing triggers: rule-based intelligence dissemination to sharing communities based on campaign relevance

    4

    Detection engineering integration: direct conversion of TI into SIGMA and YARA detection rules for SOC consumption