Sold by: Threater
Deployed on AWS
Threater is the only active defense solution that blocks every threat from every path in your network at any scale in real time. Your security stack is better with Threater.
4.8
Overview
Threater is the only active defense cybersecurity platform that fully automates the enforcement, deployment and analysis of cyber intelligence at a massive scale. As the foundational layer of an active defense strategy, our patented solution blocks known threats from ever reaching your networks. Threater utilizes immense volumes of cyber intelligence from over 50 renowned security vendors to provide unparalleled visibility over the threat landscape resulting in a more efficient and effective security posture. Security teams at companies of all sizes use Threater to deploy active security, gain real-time network visibility into threats and policy violations, ensure their network is protected and reduce manual work. Your security stack is better with Threater. Read more at threater.com.
Highlights
- Enable an ideal protected network while improving security stack efficiency
- Seamlessly integrate into and enhance your existing security stack
- Mitigate unexpected blocks quickly and intuitively using automation saving time and resources
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing and entitlements for this product are managed through an external billing relationship between you and the vendor. You activate the product by supplying a license purchased outside of AWS Marketplace, while AWS provides the infrastructure required to launch the product. AWS Subscriptions have no end date and may be canceled any time. However, the cancellation won't affect the status of the external license.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
Our terms of service, including our refund policy, can be found at: https://www.threater.com/terms-of-service/
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
64-bit (x86) Amazon Machine Image (AMI)
Amazon Machine Image (AMI)
An AMI is a virtual image that provides the information required to launch an instance. Amazon EC2 (Elastic Compute Cloud) instances are virtual servers on which you can run your applications and workloads, offering varying combinations of CPU, memory, storage, and networking resources. You can launch as many instances from as many different AMIs as you need.
Version release notes
Additional details
Usage instructions
GWLB configuration: https://threater-marketplace.s3.amazonaws.com/Threater+Enforce+in+AWS+-+GWLB.pdf
Middlebox configuration: https://threater-marketplace.s3.amazonaws.com/Threater+Enforce+in+AWS+-+Middlebox.pdf
General Threater usage: https://support.threater.com
Resources
Vendor resources
Support
Vendor support
Standard (8 x 5) and Enterprise (24 x 7) Subscription models are available - see
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Threater is the only active defense solution that blocks every threat from every path in your network at any scale in real time. Your security stack is better with Threater.
Customer reviews
Richard Q.
Exceptional Security with Ease of Use
Reviewed on Mar 06, 2026
Review provided by G2
What do you like best about the product?
I like the support provided today and the ongoing technical support, as it makes things run smoothly. The ease of use and navigation of the Threater web portal is also something I really appreciate. These aspects help streamline the process and make it easier to understand. It's overall easy to use and understand. Additionally, the initial setup was very easy, which was a big plus for me.
What do you dislike about the product?
The product is great. No dislikes
What problems is the product solving and how is that benefiting you?
I use Threater to block threats from coming inbound and outbound, solving the problem of keeping bad actors out of our network system.
Michael T.
Easy Setup, Effective Threat Blocking, and Insightful Reporting
Reviewed on Mar 04, 2026
Review provided by G2
What do you like best about the product?
It does what it says. It's a great first line of defense for blocking known threats using IP lists that you are subscribed to or created by you. Sometimes sites get added to lists by mistake blocking your legitimate traffic, but setting up your own list to whitelist is incredibly easy and changes take effect almost immediately. The reports were a great way for us to figure out where most of the malicious traffic targeting us comes from. The interface is easy to use and navigate. Probably one of the easiest initial setups we've had.
What do you dislike about the product?
When legitimate traffic is blocked the user only sees a page failed to load. We then use the logs to search from blocks coming from their IP to sometimes get the correct IP for whitelisting. This is usually only a problem because lists will sometimes add legitimate sites to their lists for what ever reason, so the root cause isn't threater's fault, but it would be nice if it gave the user more information when it was the source of blocking traffic as it isn't always the cause.
What problems is the product solving and how is that benefiting you?
It is constantly blocking a lot of malicious traffic before it even hits our firewall.
Greg V.
Highly Effective at Blocking Malicious Traffic Before It Reaches Your Network
Reviewed on Mar 04, 2026
Review provided by G2
What do you like best about the product?
I’ve been very happy with threatER. It has been extremely effective at stopping malicious traffic from various countries before it ever reaches our environment. Since implementing it, over 99% of incoming traffic has been blocked, which in our case is a positive indicator because it was all unwanted or malicious traffic. It has significantly reduced noise and potential attack surface.
What do you dislike about the product?
I don’t have many complaints about threatER itself. The only issue I’ve encountered relates more to the threat intelligence feeds included with the subscription. Occasionally, a feed will update and begin blocking traffic unexpectedly. While this isn’t really a problem with threatER as a platform, it can still create operational issues that require investigation and adjustment.
What problems is the product solving and how is that benefiting you?
ThreatER helps reduce the amount of malicious and unwanted traffic reaching our environment. By automatically blocking connections from known malicious sources and high-risk regions, it significantly reduces noise in our logs and lowers the number of potential threats we need to investigate. This allows our security team to focus on legitimate activity and higher-value security work instead of constantly filtering through large amounts of attack traffic.
Higher Education
Easy-to-Use Interface with Fast Whitelisting and Clear Block Visibility
Reviewed on Mar 03, 2026
Review provided by G2
What do you like best about the product?
Easy to use interface and love the ability to easily see if a url/domain or IP address is blocked. If it is block, it is easy to create a whitelist rule and the changes take effect quickly within seconds to minutes at most. Customer support has always been great, and our account rep Julia has been very helpful by doing her quarterly check-ins.
What do you dislike about the product?
The only issue or dislike that comes to mind is when we have seen blocks to legitimate webistes due to having a bad blocklist. This issue only occurred a couple of times, but it did cause a lot of issues for us and our users not being able to access their websites.
What problems is the product solving and how is that benefiting you?
They recently added the ability to block ASN blocks instead of blocking a whole country.
Loris M.
Effortless Integration with Unmatched Threat Blocking
Reviewed on Feb 14, 2026
Review provided by G2
What do you like best about the product?
I like Threater because it's easy to use and the integration is seamless, provided that the client allows us to place the hardware Enforcer in line with their Internet links. I appreciate that it logs every traffic flow, allowing us to produce analytics which inform active threat or tactical threat blocking. The initial setup process is quite easy too; we just deploy the policies and the client plugs it in, with everything managed through the central cloud-based management platform.
What do you dislike about the product?
It's deployment is limited to on-Prem, AWS, Azure, and Google's Cloud platform. We are unable to deploy it on other cloud platforms.
What problems is the product solving and how is that benefiting you?
I use Threater to collect threat intel, integrate intelligence feeds easily, and block threats at a scale unmatched by an Exchange firewall. It detects exposed assets, services, and monitors outbound traffic to manage risks effectively.