Company type | Private |
---|---|
Industry | Cybersecurity, threat intelligence |
Founded | 2009 |
Founders | Christopher Ahlberg Staffan Truvé |
Headquarters | , |
Number of locations | Washington, D.C., Gothenburg, Sweden, London, United Kingdom, Singapore, Tokyo, Japan |
Area served | Worldwide |
Products | Intelligence Cloud, Brand Intelligence, SecOps Intelligence, Identity Intelligence, Vulnerability Intelligence, Attack Surface Intelligence, Third-Party Intelligence, Payment Fraud Intelligence |
Number of employees | 1,000 (July 2023) |
Website | www therecord |
Recorded Future, Inc. is an American privately held cybersecurity company founded in 2009, with headquarters in Somerville, Massachusetts.
In 2007, co-founders Christopher Ahlberg and Staffan Truvé, both Ph.D.s in computer science from Chalmers University of Technology, filed for Recorded Future's first patent (granted in 2013 as United States patent US8468153B2) – Data Analysis System with Automated Query and Visualization Environment Setup.[1] The patent was used for continuous collection and processing of data and information from sources across the open, deep, and dark web, facilitated by machine learning. Recorded Future was officially incorporated in 2009.[2]
The company received initial funding from Google and In-Q-Tel, which was reported in a July 2010 introduction to Recorded Future published by Wired.[3]
When it decided that its algorithms and visualization software matched needs within the intelligence community,[4] Recorded Future entered the cyber threat intelligence market in January 2012.
In 2014, the company launched Recorded Future Dark Web, integrating open and dark web sourcing as well as dark web forum access and analysis.
In 2016, Recorded Future was named a partner for threat intelligence by Splunk,[5] Palo Alto Networks,[6] and Vencore GEOINT.[7]
In May 2017, Recorded Future introduced Insikt Group,[8] the company's threat intelligence research arm. The word "insikt" is Swedish, a nod to Recorded Future's co-founders, and means "insight." Insikt Group is responsible for delivering analyst-generated assessments, insights, and recommended actions to customers and the public.
In May 2019, New York-based private equity firm Insight Partners acquired Recorded Future for $780 million.[9]
In November 2019, the company opened a second office in Somerville with the goal of building a "campus" in the Davis Square area. Recorded Future currently employs more than 430 people around the world.[10]
In 2020, the company announced the establishment of The Record from Recorded Future News, a cybersecurity focused news outlet.[11]
In April 2023, the company launched Recorded Future AI, built on a trained OpenAI GPT model which combines insight from Insikt Group with over 100 terabytes of text, images, and technical data, the Recorded Future Intelligence Cloud.[12]
In September 2024, MasterCard acquired Recorded Future for $2.65 billion.[13]
The company specializes in the collection, processing, analysis, and dissemination of threat intelligence. Recorded Future uses machine learning and natural language processing methods to continuously collect and organize data from open web, dark web, and technical sources. The resulting information is displayed within a software-as-a-service portal.
Recorded Future's product is called the Recorded Future Intelligence Cloud.
Using what they call a "Temporal Analytics Engine," Recorded Future provides forecasting and analysis tools to help analysts predict future events by scanning sources on the internet, and extracting, measuring, and visualizing the information to show networks and patterns in the past, present, and future.[14] As of 2015[update], the engine was described as "Web Intelligence Engine."[15] Likewise, in an article in the Washington Post authored by former General Counsel of the National Security Agency Stewart Baker, described the company as a predictive analytics web intelligence firm but deleted the term upon request of Recorded Future.[16] The software analyzes sources and forms "invisible links" between documents to find links that tie them together and may possibly indicate the entities and events involved.
Clients initially included the financial sector with quantitative investors, with the company transitioning in 2013 to providing cyber security solutions, to companies such as SITA.[17]
The company was founded in 2009 by Christopher Ahlberg[15] and had 20 employees as of November 2011.[18] Google Ventures and In-Q-Tel invested "under $10 million each" into the Recorded Future shortly after the company was founded. Google published this on May 3, 2010[19] In-Q-Tel is an investment arm of the CIA.[20] As of 2015[update], it had partnerships with IBM, HP ArcSight, Cimation, Ethnographic Edge, Tiberium Security, and Malformity Labs LLC per its company profile published by Businessweek.[15]
In 2021, Recorded Future's Insikt Group identified the China-linked group RedEcho, which targeted 10 distinct Indian organizations in the power generation and transmission sector and two organizations in the maritime sector.[21]
In November 2017, Recorded Future published analysis asserting that the Ministry of State Security (China) influences or alters their National Vulnerability Database (CNNVD) to coverup espionage activities.[22] According to the analysis, "vulnerabilities commonly exploited by malware linked to Chinese APT groups" are incompatible with CNNVD publication practices. The company presented further analysis in March 2018, at the Kaspersky Labs Analyst Summit, presenting evidence that the Chinese government retroactively changed the original publication dates.[23][24]
In May 2014, Recorded Future released a report called "How Al-Qaeda Uses Encryption Post-Snowden (Part 1)."[25] Part 2 of the report was released on August 1, 2014, supposedly with a strengthened "earlier hypothesis about Snowden leaks influencing Al-Qaeda’s crypto product innovation." On the same day National Public Radio aired Recorded Future claims of "tangible evidence" that Edward Snowden harmed national security by prompting terrorists to develop more sophisticated encryption programs.[26] Glenn Greenwald and Andrew Fishman criticized Recorded Future's report did not prove causation between Snowden's leak and improved encryption by al-Qaeda.[27]
In 2011, Recorded Future reported "gaining online momentum for the Occupy Wall Street movement. When we look more carefully at influencers in this discussion using our Influencer Map, we find that Iran Press TV is the second largest influencer after the U.S. media!"[28]
In December 2022, Recorded Future released a report detailing a network of bot account on social media that disseminated spam and irrelevant comments under legitimate posts about the 2022 protests in China, including posts with hashtags that contained the names of Chinese cities. The report suggests that the Chinese government is the most likely source of the spam attack. The bots used pornography or randomized word strings to divert discussions of protests, targeting Mandarin speakers on a variety of social media platforms.[29]
In April 2015, a coding website accused Recorded Future of violating internet privacy by analyzing private Facebook messages, which it denied. The accusation was disproven when the assumed private link for private Facebook chat was found posted publicly online via a server log.[17]
Enrichment dashboards show intel on-demand inside Splunk, while monitoring and correlation dashboards apply our threat intel to your events and infrastructure.
We're very excited to join the Palo Alto Networks NextWave Technology Partners Program.
We're very excited to announce a partnership with Vencore to combine our unique open source intelligence (OSINT) datasets with its geospatial system integration and analytic capabilities.
"While this may seem like splitting hairs, in the world of data analysis software "predictive analytics" has specific technical meaning which implies something different. We use the term web intelligence to reduce this confusion."
The timeline above tells a compelling story showing how four to five months after the Snowden disclosures both mainstream AQ, as well as the break-off group ISIS, launches three new encryption tools.