An Extra Layer of Protection
We developed our SMB Threat Data Feeds for the specific needs of MSPs, MSSPs, ISPs and other businesses tasked with managing proxy servers, firewalls and intrusion detection and prevention services (IDS/IPS) for their customers or themselves.
These feeds are a combination of the IOCs most useful for network security efforts and systems, and they are a highly reliable layer of protection against malware infections, the transmission of compromised data, sites using cryptominer scripts, and communications with botnets and command and control (C&C) servers.
For ease of use, the data is formatted for compatibility with the most common security platforms and software – no API required – and:
– Our database is updated constantly by crawlers in the cloud
– Each indicator is verified daily
– DNS names are resolved 4-6 times a day
– Newly discovered URLs are processed within an hour.
Our system verifies and updates the data feeds EVERY HOUR to ensure that customers are provided coverage from the latest threats.
We have more than 12 years of data to protect you from ACTIVE threats, both old and new. Entries remain in our feeds until deemed safe.
Easy to Integrate
Compatible with most anti-virus, anti-spam, IDS and threat intelligence platforms. Available via download script – NO API REQUIRED.
IPs of C&Cs and Active DGAs
RPZ DNS Firewall Zones:
– Malware URLs
– C&C URLs
– Cryptominer URLs
– DGA Domains
BIND9 RPZ – DNS Firewall
Carbon Black 4.1+ domains IOCs
Carbon Black 4.1+ MD5s IOCs Cisco ASA FirePOWER
ClamAV Virus DB (basic)
ClamAV Virus DB (extended)
Snort IDS (DGAs and C&Cs)
SquidGuard block list
Squid Web Proxy
Suricata IDS / IPS block list
Aggressive List Format (Domain names hosting malware)
Sanitized URL Feed Format (Protocol, host name, domain name, and directories)
7-days money back guarantee
6-month or 1-year subscription