Protection Against Malware, Ransomware, C2s and DGAs
Small Business Protection
Our Business Protect threat data feeds offer your customers and networks a highly reliable layer of protection against malware infections, the transmission of compromised data, and communications with botnets and command and control (C2) servers.
Most importantly, the data in our feeds is formatted for ease of use, compatible with the most common security platforms and software – no API required – and:
– Our database is updated constantly by crawlers in the cloud
– Each indicator is verified daily
– DNS names are resolved 4-6 times a day
– Newly discovered URLs are processed within an hour.
Malware data for rolling 9-month period to maximize active threat coverage. The feed includes these fields:
- Sanitized URL
- Malware Classification
- MBL ID
IPs of C2s and Active DGAs
RPZ DNS Firewall Zones:
– Malware URLs
BIND9 RPZ – DNS Firewall
Carbon Black 4.1+ domains IOCs
Cisco ASA FirePOWER
ClamAV Virus DB (basic)
ClamAV Virus DB (extended)
Snort IDS (C&Cs)
SquidGuard block list
Squid Web Proxy
Suricata IDS / IPS block list
Malware URLs – Sanitized Feed Format (Protocol, host name, domain name, and directories)
Access to the CyberChef tool set
Dedicated account manager
Priority tech support
Free data evaluation & technical consultation
Unlimited-use commercial license
6-month or 1-year subscriptions
About Our Data
Malware Patrol’s threat data is aggregated from diverse sources, including web crawlers, botnet monitors, spam traps, honeypots, research teams, partners and historical data about malicious campaigns. All the data is carefully inspected. As a result, our feeds contain thoroughly vetted indicators sourced from the real world.
Because security budgets are usually limited, it is important to rely on a data source that provides coverage for the current malicious campaigns and threats that directly affect your company and your customers, maintaining a high level of security but using the minimum amount of resources.
How We Can Help
As a SMB, MSP, MSSP, ISP or similar company, there are many ways to use our data to protect your assets, employees and networks, as well as your customers:
- Reinforce your network defenses by adding continuously updated data to your SIEM, firewalls, IPS/IDS, proxy, and DNS servers.
- Prevent the exfiltration of sensitive data and intellectual property from infected machines.
- Detect malicious content hosted on your networks and servers.
- Improve incident response and forensic capabilities by providing your teams with meaningful information about threats.
- Grow your business by providing industry-leading threat data as a premium service to your customers.