+1.813.321.0987

INTEGRATIONS AND FORMATS

Threat Intelligence That Fits Everywhere

Seamless Threat Intelligence Feed Integration

Malware Patrol offers machine-readable threat intelligence (MRTI) in formats that work with many of the industry’s most popular cyber security tools and platforms. This way, companies can protect themselves using our reliable, historically rich data without needing additional resources to do so.

Our indicators of compromise include malware URLs, command & control servers, DGAs, phishing, newly registered domains, sites using crypto-mining scripts, and more. Learn more about our commercial data feeds here.

If we don’t have the format or integration you’re looking for, contact us. We offer free feed customization for Enterprise customers and will gladly consider working with your SIEM, SOAR, TIP, or another service provider to make sure our data is integrated with their platform.

Check out our current integrations and formats below. We also have threat intelligence feed integration configuration guides available.

 

How big are your threat data gaps?

See for yourself.

Integration Details

Cisco Firepower 1000 Series next-generation firewalls protect small to mid-size businesses, branch offices, and the distributed enterprise with performance, ease of use, and deep visibility and control to detect and stop threats fast.

Integration Details

Threat Blocker previously Bandura Cyber is an autonomous cyber intelligence and defense company that brings the power of cyber intelligence and cyber defense to global organizations. In partnership with ThreatBlockr, Malware Patrol has two subscription offerings available on the ThreatBlockr Threat Intelligence Data Marketplace: Malware Patrol Essentials and Malware Patrol Enterprise.

Integration Details

Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network – today and into the future.  More than 300,000 customers worldwide trust Fortinet to protect their businesses.

Integration Details

No matter how big you are, public or private, and in what industries or sectors you do business, the array of pfSense® services can help you reach your security needs. Configuration guide available.

Integration Details

BIND 9, ISC’s Domain Name System (DNS) software program, is widely used on the Internet by enterprises and service providers, offering a robust and stable platform on top of which organizations can build distributed computing systems. Configuration guide also available. 

Integration Details

ClamAV® is an open-source antivirus engine for detecting trojans, viruses, malware & other malicious threats. Configuration guide available for using our feeds with the OpenSource AntiVirus solution.

Integration Details
Integration Details

The MISP threat sharing platform is a free and open-source software helping information sharing of threat intelligence including cyber security indicators. We offer two options for MISP:

1) Sync your instance with ours

2) Download MISP-formatted feeds.

Integration Details

Now security organizations can leverage MineMeld, an open-source application that streamlines the aggregation, enforcement, and sharing of threat intelligence. MineMeld is available for all users directly on GitHub, as well as pre-built virtual machines (VMs) for easy deployment.

Integration Details

ThreatQuotient’s Open Exchange provides the largest and most adaptable set of integrations in the industry. Logged in customers can find more details about the integration with Malware Patrol in the ThreatQ marketplace. 

Integration Details

Anomali users can find Malware Patrol in the APP Store or, when logged in, the ThreatStream store. We offer a special Malicious Campaigns data feed for Anomali customers that contain a combination of unique, high confidence indicators – URLs, hashes, IPs, and C2s – related to the latest malicious campaigns. 

Integration Details

SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free. SquidGuard is published under GNU Public License.

Integration Details

VMware Carbon Black’s cloud-native endpoint protection platform combines the intelligent system hardening and behavioral prevention needed to keep emerging threats at bay.

Replace legacy antivirus with lightweight prevention that adapts to your business.
Detect and prevent attackers from abusing legitimate tools.
Automate your investigation workflow to respond efficiently.

Integration Details

It is Wietse Venema’s mail server that started life at IBM research as an alternative to the widely-used Sendmail program. Now at Google, Wietse continues to support Postfix. Malware patrol offers threat intelligence feed integration with PostFix.

Postfix attempts to be fast, easy to administer, and secure. The outside has a definite Sendmail-ish flavor, but the inside is completely different.

Integration Details

Squid offers a rich access control, authorization and logging environment to develop web proxy and content serving applications. Squid offers a rich set of traffic optimization options, most of which are enabled by default for simpler installation and high performance.

Integration Details

Suricata is the leading independent open source threat detection engine. By combining intrusion detection (IDS), intrusion prevention (IPS), network security monitoring (NSM), and PCAP processing, Suricata can quickly identify, stop, and assess the most sophisticated attacks.

Integration Details

Apache SpamAssassin is the #1 Open Source anti-spam platform giving system administrators a filter to classify email and block spam (unsolicited bulk email).

It uses a robust scoring framework and plug-ins to integrate a wide range of advanced heuristic and statistical analysis tests on email headers and body text including text analysis, Bayesian filtering, DNS blocklists, and collaborative filtering databases.

Integration Details

DansGuardian is an award-winning Open Source web content filter which currently runs on Linux, FreeBSD, OpenBSD, NetBSD, Mac OS X, HP-UX, and Solaris. It filters the actual content of pages based on many methods including phrase matching, PICS filtering and URL filtering. It does not purely filter based on a banned list of sites like lesser totally commercial filters.

Integration Details

Use AdBlock to block annoying ads, speed up browsers and protect yourself on the internet. We offer threat intelligence feed integration with AdBlock.

Integration Details

Integrating Malware Patrol’s data into a powerful security tool such as Palo Alto’s world-class firewall increases its effectiveness. The specialized insights from our threat intelligence bolster the firewall’s defenses, providing broader coverage, improved threat detection, and proactive prevention.