threatmatic.com

What It Is

Threatmatic is an enterprise-focused zero trust network access and endpoint-side policy enforcement platform. Its core idea is not just to protect the traditional perimeter, but to enforce ZTNA policies on each protected endpoint, covering distributed users, applications, and east-west traffic. The website highlights “minute-level deployment, millisecond-level enforcement” and positions the product as a Zero Trust Edge / un-VPN alternative to traditional VPNs.

Core Capabilities

In terms of protection features, Threatmatic covers user and application allowlisting, executable file control, IPv4/IPv6/URL/port access control, bidirectional inbound and outbound access control, microsegmentation, DNS-over-HTTP control, DNSSEC Enforcement, malicious site query detection, malware C2 communication blocking, and application bandwidth control. Policies can be assigned using combinations of users, groups, devices, device pools, tags, IPs, ports, and time windows, offering fairly granular control. On the management side, it provides a UI, cloud management platform, audit logs, deep analytics, alerts, and natural-language queries, and also mentions Gen-AI capabilities.

Deployment, Integrations, and Pricing

Deployment options are relatively flexible, with support for cloud, private, or hybrid deployments. The policy engine can run in public or private virtual machines, and customer-owned infrastructure is also supported. The platform covers Windows, macOS, and Linux, and also mentions iPhone and Android. For integrations, it supports identity providers such as AD, Azure AD/Entra, GitHub, Google, AWS, Ping, and Okta, and can also work with EDR/XDR, firewalls, cloud threat intelligence, and the Threatmatic API. Pricing only lists Standard and Premium plans, both of which require contacting sales; specific prices, billing metrics, and trial policies are not publicly disclosed.

Pros and Cons

The main advantages are that real-time endpoint-side enforcement is better suited to controlling east-west access, the policy dimensions are granular, and the platform combines ZTNA, microsegmentation, un-VPN functionality, and bandwidth governance. Its deployment models are also relatively friendly to hybrid-cloud environments. The drawbacks are that the website does not disclose compliance certifications, SLA details, customer case studies, or specific pricing, and some pages are still under maintenance. Its AI automation capabilities and “millisecond-level” performance claims also lack third-party validation materials.

Who It’s For and Access from China

Threatmatic is better suited to mid-sized and large enterprise security teams that already have IAM, EDR/XDR, and firewall systems in place, and want to strengthen endpoint-based zero trust, replace VPNs, govern cloud access, and manage software update traffic. The official website does not clarify access from mainland China, payment methods, or local support information. Before procurement, buyers should test connectivity, management console availability, and compliance fit. Comparable alternatives include Zscaler ZPA, Cloudflare Zero Trust, Netskope, Prisma Access, Tailscale, and Twingate.