Flare Expands Identity-First Cyber Threat Intelligence Platform 2026

Security teams are buried under disconnected tools for threat intelligence, investigation, and identity risk management. Breached identities remain the most exploited attack vector, while analysts struggle to correlate external threats with their internal identity infrastructure. Flare addresses this gap by consolidating cyber threat intelligence and identity exposure management into a single identity-first platform.

What was announced

On June 24, 2026, Flare announced expanded capabilities for Flare CTI and a new Okta integration within its Identity Exposure Management (IEM) offering. The updates extend Flare's identity-first approach into tactical threat intelligence workflows and agentic security operations.

To date, hundreds of organizations have deployed Flare's IEM in production, processing more than 25,000 automatic identity validations. With the new Okta integration, security teams can validate exposed credentials and identity risks against their live Okta environments, prioritize remediation, and reduce account takeover risk.

Security teams are under pressure to seal the most potent threat vector, breached identities, and take advantage of new advances in AI, all while managing increasingly complex environments. Organizations need a clearer view of the real, concrete threats they face, the identities really at risk, and the actions they should take now

Why this matters

For CISOs, CIOs, and IT directors, the consolidation of CTI and identity risk management eliminates the cost and complexity of running multiple point solutions. Procurement leaders gain a unified vendor relationship, while SOC analysts get the context needed to identify high-priority threats faster and act sooner. Flare was recently recognized as The Hacker News' Most Innovative Cyber Threat Intelligence Platform and included in the inaugural Gartner Magic Quadrant for Cyber Threat Intelligence, where it was called out for its strength in IEM.

Technical details

• Intelligence Browser: Centralized research across IOCs, threat actors, TTPs, multiple intelligence providers, and entity relationships.
• AI-powered reporting: Finished intelligence tailored to different audiences, from analysts to executives.
• Sandbox and file analysis: Detonation of suspicious files and URLs for IOC enrichment.
• STIX/TAXII feeds: Direct push of intelligence into SIEM, SOAR, and other core security systems.
• Okta integration: Validation of exposed credentials against live Okta environments, joining Microsoft Entra ID as a supported identity provider.
• Identity Exposure Management: Largest collection of stealer logs, criminal forums, and identity exposures in the industry.

Softprom and Flare

Softprom is the official distributor of Flare. Organizations seeking to consolidate cyber threat intelligence and identity exposure management can request a demo, pricing, or a free trial through Softprom.

This content was prepared as part of the Softprom DistriFlow project — an automated system for monitoring and adapting vendor news. Original source: original article.