Most threat intel tools are either too expensive, too generic, or both. You end up with a $30k/year subscription to a feed full of American news that has nothing to do with your Dutch MKB client getting hit by ransomware.
Digiweerbaar built something different.
What Is the Cyber Dreigingsradar?
The Cyber Dreigingsradar is a live threat monitoring dashboard focused exclusively on the Netherlands and Belgium. It pulls from 100+ sources including NCSC, CISA, Europol, FBI, NIST NVD, and ransomware leak sites on the dark web, and filters out everything that isn't relevant to Benelux organizations.
The base version is free. You get a lot.
It launched in May 2026. Jonathan van Eerd of Digiweerbaar put it best: "Many organizations can no longer see what's really important because of the sheer volume of cybersecurity news. The Cyber Dreigingsradar helps organizations recognize risks faster without spending hours every day following threat intelligence."
That's exactly the problem it solves.
What You Actually Get
The free dashboard gives you a real-time threat level score (0-100), categorized as Low, Elevated, Considerable, or High. Right now it's sitting at 64 (Elevated), down 3 from yesterday.
Under the hood:
Incidents (7 days) - Dutch and Belgian victims\, updated daily. Recent examples: a targeted phishing campaign hitting nearly 100 Flemish hotels with accurate booking data\, a data breach at the municipality of Eindhoven caused by staff pasting sensitive documents into public AI services like ChatGPT\, and BCD Travel losing 396\,000 accounts to ShinyHunters.
Live threat feed - Current active threats like the LiteLLM critical RCE vulnerability being actively exploited\, the Check Point VPN exploit being mass-abused\, and a new PyPI supply chain campaign poisoning 19 packages with credential stealers.
Actively exploited CVEs - Three CVEs listed with CVSS scores of 9.3\, 9.1\, and 10.0 as of today. The full list is Pro-only but the top three are visible for free.
Ransomware Radar - Which groups are active right now and how many victims they've claimed. LockBit leads with 77\, followed by PLAY (25)\, Qilin (24)\, and CL0P (17). Recent Dutch victims include a religious institution in Amersfoort (STORMOUS)\, De Waard Transport (PLAY)\, and Van Tuijl Haaften (LockBit).
Darkweb victims - 448 Dutch and Belgian organizations in the database. 235 Dutch\, 212 Belgian. The full list is available publicly on ccinfo.nl.
Sector risk scores - ICT & Telecom is at Critical (94%)\, Government at Elevated (44%)\, Education at Elevated (40%). If you work in or serve those sectors\, this dashboard tells you what's actively targeting your clients.
Data breach check - Built on HaveIBeenPwned data. Check your domain or email against 1\,003 known breaches and 17.6 billion leaked records. You can also check specific passwords locally in your browser (hashed\, never transmitted).
The Threat Landscape Right Now (NL/BE)
Based on what the dashboard shows today:
Software vulnerabilities are the most active threat category, scoring 95/100 in the 7-day activity index. Patch Tuesday this month addressed 200 vulnerabilities including 3 zero-days and 33 critical issues.
Phishing is at 38/100 and climbing, driven largely by the hotel sector campaign where attackers had accurate booking data, making messages extremely convincing.
Data exposure scores 62/100, with the Odido breach (6.1 million records from February) still being the biggest NL-specific recent event.
Over the past 30 days: 55 victims, 284 threat alerts, 141 vulnerabilities tracked, and 59 law enforcement actions (public).
The Pricing Tiers
Free - Live dashboard\, threat level\, incident feed\, ransomware radar\, darkweb victim list\, sector risk scores\, data breach check.
Pro (19.95/month) - Weekly strategic threat report\, full CVE trending data\, complete actively-exploited list with CVSS/EPSS/KEV data\, weekly deep-dive report\, ransomware group details.
Pro Daily (49.95/month) - Everything in Pro plus a fresh daily dashboard update with the top 3 priorities for your organization each working day.
Enterprise - Adds a personal action roadmap\, security score on 6 domains\, darkweb monitoring for your domain\, automated pentest report\, awareness/phishing simulation tracking\, backup resilience analysis\, NIS2 compliance checklist\, and supplier risk scoring.
For a solo consultant or small MSSP the free tier plus Pro is genuinely good value. The sector analysis and ransomware radar alone save meaningful research time per client report.
Who This Is For
This tool is most useful if:
- You do security work for Dutch or Belgian organizations and need to stay current without a full-time threat intel workflow
- You're an IT manager or CISO who wants a morning briefing that's actually relevant to your geography
- You need to brief non-technical stakeholders on current threat levels without sending them a 40-page report
- You're building a security awareness program and want real, local examples to make the training hit harder
It's not a replacement for a full threat intel platform if you're running a large SOC. But for the audience it's designed for, MKB organizations and the people who serve them, it fills a gap that nothing else really covers at this price point.
Worth bookmarking and worth the 5 minutes to sign up for the daily mail.
