SMB Data Feeds

Protection Against Malware, Ransomware, C&Cs, and DGAs


An Extra Layer of Protection

We developed our SMB Threat Data Feeds for the specific needs of MSPs, MSSPs, ISPs and other businesses tasked with managing proxy servers, firewalls and intrusion detection and prevention services (IDS/IPS) for their customers or themselves.

These feeds are a combination of the IOCs most useful for network security efforts and systems, and they are a highly reliable layer of protection against malware infections, the transmission of compromised data, and communications with botnets and command and control (C&C) servers.

For ease of use, the data is formatted for compatibility with the most common security platforms and software – no API required – and:

stock - tick markOur database is updated constantly by crawlers in the cloud
stock - tick markEach indicator is verified daily
stock - tick markDNS names are resolved 4-6 times a day
stock - tick markNewly discovered URLs are processed within an hour.

Up-to-the-Minute Data

Our system verifies and updates the data feeds EVERY HOUR to ensure that customers are provided coverage from the latest threats.

Historically Rich

We have more than 12 years of data to protect you from ACTIVE threats, both old and new. Entries remain in our feeds until deemed safe.

Easy to Integrate

Compatible with most anti-virus, anti-spam, IDS and threat intelligence platforms. Available via download script – NO API REQUIRED.


stock - tick markMalware URL Block Lists
stock - tick markRansomware URL Block Lists
stock - tick markIPs of C&Cs and Active DGAs
stock - tick markRPZ DNS Firewall Zones


stock - tick markBIND9
stock - tick markBIND9 RPZ – DNS Firewall
stock - tick markCarbon Black 4.1+ domains IOCs
stock - tick markCarbon Black 4.1+ MD5s IOCs
stock - tick markCisco ASA FirePOWER
stock - tick markClamAV Virus DB (basic)
stock - tick markClamAV Virus DB (extended)
stock - tick markPostfix MTA
stock - tick markSnort IDS (DGAs and C&Cs)
stock - tick markSpamAssassin
stock - tick markSquidGuard block list
stock - tick markSquid Web Proxy
stock - tick markSuricata IDS / IPS block list
stock - tick markXML block
stock - tick markAggressive List Format (Domain names hosting malware)
stock - tick markSanitized URL Feed Format (Protocol, host name, domain name, and directories)


stock - tick markUpdated hourly
stock - tick markUnlimited downloads
stock - tick mark7-days money back guarantee
stock - tick markEasy cancellation
stock - tick mark6-month or 1-year subscription