Introduction
Cyber threat intelligence helps organisations understand who is attacking them, how attacks happen, and what actions to take before damage occurs. Instead of reacting after a breach, threat intelligence allows businesses to anticipate risks and make informed security decisions.
This article provides a practical overview of cyber threat intelligence companies relevant to Malaysian organisations. It explains what threat intelligence is, why it matters, and highlights selected companies based on experience, service depth, and regional relevance. The list reflects our professional perspective rather than a strict ranking. Services, availability, and capabilities may change over time, so readers are encouraged to verify details directly with each provider.
| Table of Contents |
| Introduction |
| What Is Cyber Threat Intelligence |
| How Cyber Threat Intelligence Works |
| Types of Cyber Threat Intelligence |
| Top Cyber Threat Intelligence Companies |
| Comparison of Threat Intelligence Providers |
| Benefits for Malaysian Organisations |
| How to Choose the Right Threat Intelligence Partner |
| Conclusion |
| Disclaimer |
What Is Cyber Threat Intelligence
Cyber threat intelligence is the practice of collecting and analysing information about cyber attacks that could affect an organisation. It helps businesses understand what threats exist, who is behind them, and how attacks are carried out.
Instead of relying only on alerts after an incident happens, threat intelligence provides advance knowledge. This includes information about common attack methods, active malware campaigns, phishing techniques, and threat actors targeting specific industries or regions.
For Malaysian organisations, cyber threat intelligence adds important context. It helps security teams distinguish between random internet noise and real risks that could lead to data breaches, service disruption, or regulatory issues. By understanding threats early, organisations can make smarter security decisions rather than reacting under pressure.
How Cyber Threat Intelligence Works
Cyber threat intelligence usually follows a structured process to turn raw data into useful insights.
The first step is data collection. Information is gathered from many sources such as malware samples, security logs, phishing reports, global threat feeds, and underground forums.
Next is analysis and validation. Security analysts review the data to remove false alerts and confirm whether the threat is relevant. They also add context such as attacker motivation, targeted industries, and possible impact.
After that, intelligence is produced in usable formats. This may include reports, alerts, dashboards, or threat briefs that security teams and management can understand.
Finally, organisations apply the intelligence. This could mean blocking malicious activity, improving detection rules, strengthening controls, or adjusting security strategy. Over time, this process helps organisations become more proactive and resilient against cyber threats.
Types of Cyber Threat Intelligence
Cyber threat intelligence comes in different forms, each serving a different purpose. Understanding these types helps Malaysian organisations choose services that match their needs and budget.
- Strategic Threat Intelligence: This type supports management and business leaders. It explains overall cyber risks, threat trends, and potential business impact in simple language. It is mainly used for planning, risk discussion, and decision making rather than technical actions.
- Tactical Threat Intelligence: This type focuses on how attacks happen. It covers common phishing methods, malware behaviour, and attack techniques. Security teams use this information to improve security controls and staff awareness.
- Operational Threat Intelligence: This type supports active incidents and investigations. It provides timely information about ongoing attacks and recommended response actions. This helps organisations react faster and reduce damage during real threats.
- Technical Threat Intelligence: This type includes detailed indicators such as malicious IP addresses, domains, and file signatures. It is used by security tools for detection and blocking and works best for organisations with SOC teams or managed security services.
Smaller organisations often benefit most from strategic and tactical intelligence. Larger organisations and SOC driven environments usually require operational and technical intelligence as well.
Top Cyber Threat Intelligence Companies
1. LGMS Malaysia
Location
Subang Jaya, Selangor
Founded
2005
Website Link
https://lgms.global/
LGMS is one of Malaysia most established cybersecurity firms with strong credibility in intelligence driven security services. Their approach to threat intelligence is closely tied to real world attack simulation, regulatory expectations, and risk based security validation.
Rather than providing generic threat feeds, LGMS focuses on intelligence that supports penetration testing, red teaming, and incident investigations. This helps organisations understand how current threat trends could realistically impact their systems and business operations. Their work is often aligned with requirements from regulators, auditors, and senior management.
LGMS is frequently engaged when organisations need strong technical justification for security decisions, especially in highly regulated environments.
Best Suited For
Banks, enterprises, and regulated organisations that require intelligence led security assessments with compliance alignment.
2. Kaspersky Threat Intelligence
Location
Global with Malaysia support through partners
Founded
1997
Website Link
https://www.kaspersky.com/enterprise-security/threat-intelligence
Kaspersky provides a mature and globally recognised threat intelligence offering built on decades of malware research and large scale data collection. Malaysian organisations benefit from intelligence covering ransomware trends, phishing campaigns, malicious infrastructure, and advanced threat actors.
Their intelligence services are commonly delivered through feeds, dashboards, and detailed reports that integrate well with SOC and SIEM platforms. This allows security teams to correlate alerts with known global threat activity.
Kaspersky is often selected by organisations that require continuous intelligence rather than periodic advisory support.
Best Suited For
Medium to large organisations with security operations teams that need ongoing global threat visibility.
3. Recorded Future
Location
Global with Asia Pacific coverage
Founded
2009
Website Link
https://www.recordedfuture.com/
Recorded Future is known for its automated threat intelligence platform that aggregates data from technical sources, open sources, and dark web monitoring. The platform is designed to turn large volumes of information into actionable insights with minimal manual effort.
For Malaysian security teams, Recorded Future helps prioritise risks by linking threats to specific assets, industries, or regions. Its risk scoring and visual dashboards make intelligence easier to understand and act on.
It is commonly used by teams that want faster insights without building large internal intelligence functions.
Best Suited For
Security teams that prefer automated intelligence platforms with prioritisation and fast decision support.
4. IBM X Force Threat Intelligence
Location
Global with Malaysia presence through IBM Malaysia
Founded
1911
Website Link
https://www.ibm.com/security/xforce
IBM X Force provides threat intelligence backed by global research teams and extensive enterprise security experience. Their intelligence covers threat actors, malware trends, and attack techniques across industries.
For Malaysian organisations already using IBM security products, X Force intelligence integrates smoothly into existing workflows. The intelligence supports SOC operations, incident response, and strategic risk planning.
IBM X Force is often selected by organisations that value vendor stability and long term enterprise support.
Best Suited For
Large organisations seeking integrated threat intelligence within a broader enterprise security ecosystem.
5. Palo Alto Networks Unit 42
Location
Global with Malaysia support
Founded
2014
Website Link
https://unit42.paloaltonetworks.com/
Unit 42 is the threat intelligence and research team of Palo Alto Networks. It is known for in depth research on malware, ransomware groups, and emerging attack techniques.
Malaysian organisations benefit from Unit 42 intelligence when using Palo Alto security platforms. The intelligence helps security teams stay informed about evolving threats and improve detection and response.
Unit 42 is particularly strong in publishing clear and timely threat reports that are accessible to both technical and non technical readers.
Best Suited For
Organisations using Palo Alto security solutions that want intelligence aligned with their existing tools.
6. CrowdStrike Threat Intelligence
Location
Global with Malaysia availability
Founded
2011
Website Link
https://www.crowdstrike.com/en-us/platform/threat-intelligence/
CrowdStrike provides threat intelligence built on telemetry collected from its global endpoint protection platform. The intelligence focuses on adversary tracking, intrusion campaigns, and real time threat activity.
Malaysian organisations use CrowdStrike intelligence to gain visibility into active attacker groups and attack techniques targeting businesses worldwide. The intelligence is often used to support proactive threat hunting and incident response.
CrowdStrike is commonly selected by organisations that prioritise endpoint visibility and real time intelligence.
Best Suited For
Organisations with endpoint centric security strategies and proactive threat hunting teams.
Comparison of Threat Intelligence Providers
The table below provides a clearer comparison to help Malaysian organisations shortlist suitable providers.
| Provider | Intelligence Style | Key Strength | Malaysia Relevance | Best Fit |
| LGMS | Intelligence driven testing and advisory | Compliance and technical depth | High | Banks and regulated sectors |
| Kaspersky | Global threat feeds and malware research | Large scale visibility | High | SOC based organisations |
| Recorded Future | Automated intelligence platform | Fast prioritisation | Medium | Agile security teams |
| Mandiant | Incident driven intelligence | Advanced threat insight | Medium | High risk environments |
| IBM X Force | Enterprise research driven intelligence | Integration and stability | Medium | Large enterprises |
| Unit 42 | Vendor backed threat research | Timely threat reports | Medium | Palo Alto users |
| CrowdStrike | Telemetry driven intelligence | Real time adversary tracking | Medium | Endpoint focused teams |
Benefits for Malaysian Organisations
Cyber threat intelligence offers practical benefits for organisations operating in Malaysia.
It helps reduce the risk of cyber incidents by identifying threats before they cause damage. This is especially important for organisations handling customer data, financial information, or critical systems.
Threat intelligence also supports compliance with regulations such as PDPA and security standards like ISO 27001. By understanding current threat trends, organisations can demonstrate that security decisions are risk based and informed.
For organisations with limited security staff, threat intelligence improves efficiency. Teams can focus on the most relevant threats instead of reacting to every alert. This leads to better use of time and resources.
In addition, threat intelligence improves communication with management. Security teams can explain risks in clearer terms, helping leaders understand why certain security investments or actions are necessary.
How to Choose the Right Threat Intelligence Partner
Choosing the right threat intelligence partner depends on organisational needs and maturity.
First, consider the relevance of intelligence. Providers should offer insights that match your industry, size, and region. Intelligence that reflects threats affecting Malaysian organisations is more valuable than generic global data.
Next, look at how intelligence is delivered. Some providers offer automated platforms with dashboards and feeds, while others provide analyst driven reports and advisory support. The right choice depends on internal skills and how intelligence will be used.
Integration is another key factor. Intelligence should work well with existing security tools such as SIEM, SOC platforms, or incident response processes.
Finally, evaluate support and communication. A good partner explains threats clearly and provides guidance rather than just raw data. Organisations should also confirm service scope, pricing, and expectations directly with the provider before making a decision.
Conclusion
Cyber threat intelligence has become an important part of modern cybersecurity strategies. For Malaysian organisations, understanding threats before incidents happen can reduce risk, support compliance, and improve decision making at both technical and management levels.
The companies highlighted in this article represent different approaches to threat intelligence. Some focus on deep technical analysis while others provide automated platforms or global visibility. There is no single best provider for every organisation. The right choice depends on business size, industry, regulatory exposure, and internal security capabilities.
By taking time to evaluate needs and speaking directly with providers, organisations can select a threat intelligence partner that supports long term security resilience and business confidence.
Disclaimer
The companies listed in this article are presented based on our professional perspective and research at the time of writing. The order of listing does not represent a ranking and should not be interpreted as a recommendation.
Organisations are encouraged to contact each provider directly to confirm service scope, suitability, and current offerings. While efforts have been made to ensure accuracy, information may change over time. If you identify any inaccurate or outdated information, please reach out to us so we can review and update the content.
