ThingsRecon named a European Leader in the ECSO Cyberhive Matrix 2026

Our Supply Chain Intelligence platform earned top marks for user experience and European compliance readiness in the Cyber Threat Intelligence category.

Access the full ECSO Cyberhive Matrix 2026

What makes ThingsRecon stand out in the CTI landscape:

Discovery before assessment.

Most threat intelligence tools work from known data. ThingsRecon reconstructs your external footprint from the outside in, discovering supplier infrastructure, shared services, and hidden dependencies that traditional vendor risk programs never reach.

A new dimension of risk: Digital Proximity.

Through a patent-pending measure, ThingsRecon quantifies not just how severe a risk is, but how close it sits to your core systems and how far it can propagate, turning exposure data into prioritized action.

Continuous, not point-in-time.

ThingsRecon continuously maps domains, APIs, certificates, web applications, and inherited third-party assets, surfacing exposure shifts as they happen rather than at the next assessment cycle.

Built for European regulatory requirements.

Designed to support NIS2 and DORA third-party risk obligations. Data hosted in the EU. SOC 2 Type II certified. Cybersecurity Made in Europe label recipient.

about the report

What is the ECSO Cyberhive Matrix?

The Cyberhive Matrix is ECSO's annual independent evaluation of European cybersecurity solutions. It is built on Cyberhive and open-source data, with methodology developed by a dedicated Task Force of industry experts.

Unlike analyst reports produced by commercial research firms, the Cyberhive Matrix is operated by a non-profit federation whose mandate is to strengthen independent European cybersecurity. Every solution is evaluated on the same criteria. Trustworthiness, replicability, and usability are central to the design.

About ThingsRecon

Supply chain intelligence that starts from the outside.

Most third-party risk programs start with a list of known vendors. ThingsRecon starts from the outside of your organization and works inward, discovering the digital relationships you did not know existed before assessing them.

The platform continuously maps supplier infrastructure, shared services, and inherited dependencies, then ranks every finding by Digital Proximity, a patent-pending measure of how close a risk is to your core systems and how far it can spread.

Used by security teams that need to answer the question their current tools cannot: what is actually connected to us, and what does that mean for our exposure?

ThingsRecon logo
european readIness
Built in Europe. Designed for European
regulatory requirements.


- Data hosted in the EU. Headquartered in the EU.

- Designed to support NIS2 and DORA third-party risk obligations.

- SOC 2 Type II certified with third-party audit report.

- Cybersecurity Made in Europe label recipient.

- Privacy Policy compliant with EU GDPR.