THREAT DATA OVERVIEW
Malware, Ransomware, C2s, Cryptominers, DGAs, DDoS, and More
The Value of Threat Data
Security professionals tasked with protecting assets against malicious actors rely on indicators of compromise (IoCs) from external sources to improve their team’s threat landscape visibility. According to a study conducted by the Ponemon Institute:
- 78% of respondents rate the importance of threat intelligence in achieving a strong cyber security posture as very high
- 46% percent of respondents believe commercial data feeds provide more actionable intelligence than free sources.
Malware Patrol offers a wide variety of IoC feeds for use in all types of security environments and tools. Our data is verified and actionable. It protects your customers and networks against communications with botnets and command and control (C2) servers, malware infections and the transmission of compromised data.
You need data to help block and detect threats, with a focus on the latest malicious campaigns. Or, as a security service provider, you use threat data to provide services to your customers.
Mature security program with a range of needs. You integrate IoCs into your SIEM, TIP or other tools for threat detection and response. You sell security services and use data from multiple vendors for maximum coverage.
Choose the Right Data for Your Needs
We offer three main options:
- Business Protect is designed with the budget and needs of small to medium-sized businesses in mind. The service includes a malware and ransomware URLs feed in a variety of formats.
- DNS RPZ Firewall offers a set-it-and-forget-it automatic (AXFR/IXFR) BIND server transfer of up to seven separate response policy zones of malicious domains related to: (1) C2s, (2) COVID-19 Newly Registered Domains, (3) Cryptominers, (4) DGAs, (5) DNS-over-HTTPS servers, (6) Malware & Ransomware, and (7) Phishing sites.
- Enterprise Data Feeds include data for companies that have a mature cybersecurity program and require more specific or customized threat intelligence, such as for research purposes. The feeds can be purchased separately or in bundles, based on your business needs.
For ease of use, our data feeds are formatted for compatibility with the most common security platforms and software and:
- Allow for UNLIMITED downloads
- Each indicator is verified daily
- DNS names are resolved 4-6 times a day
- Newly discovered URLs are processed within an hour.
SMBs & Security Service Providers
Security/DNS Service Providers
Cyber Security Enterprises
|Free data evaluation||✓||✓||✓|
|Unlimited-use commercial license||✓||✓||✓|
|Priority tech support||✓||✓||✓|
|Subscription options: Monthly or Annual||✓||X||X|
|Subscription options: Annual or multi-year||X||✓||✓|
|Dedicated account manager||X||X||✓|
|Free feed customization/formatting||X||X||✓|
|Bitcoin Blockchain Strings||X||X||✓|
|Domain Names Generated via DGAs||X||X||✓|
|Malware Hashes or Samples||X||X||✓|
|Newly Registered Domains||X||X||✓|