Modern threat activity rarely respects borders, applications, or traditional security boundaries. Attackers routinely leverage geographic infrastructure, consumer platforms, and popular communication services to blend malicious activity into normal traffic. At ThreatSTOP, we focus on giving organizations precise control over where their networks connect and which applications are allowed to communicate.

Today, we are announcing the immediate availability of new geographic based and application based protection targets, giving customers greater flexibility to allow or restrict traffic with confidence and intent.

All protections are created and maintained by the ThreatSTOP Security, Intelligence, and Research team, and are available across Protective DNS and IP Defense environments.

New Geographic Based IP and Domain Protections

Geographic controls remain a foundational requirement for organizations managing regulatory exposure, operational risk, or regional access policies. These new geographic targets allow customers to explicitly allow or restrict traffic at both the domain and IP layers based on country of origin.

The following country level protections are now available:

  • SL Sierra Leone

  • KW Kuwait

  • PS Palestinian Territories

  • QA Qatar

  • JO Jordan

  • BH Bahrain

  • AE United Arab Emirates

  • MR Mauritania

  • OM Oman

  • SA Saudi Arabia

  • EG Egypt

  • TN Tunisia

  • DJ Djibouti

  • KM Comoros

  • DZ Algeria

  • MA Morocco

  • TW Taiwan

  • TH Thailand

  • GD Grenada

  • PH Philippines

  • DM Dominica

These targets give security teams the ability to align network access with business operations, regulatory requirements, and threat intelligence insights. Whether restricting exposure to high risk regions or explicitly allowing trusted geographies, Protective DNS and IP Defense make geographic policy enforcement straightforward and auditable.  These are available in our Governance Bundle.

Expanded Application Control Protections

Applications are frequently abused as cover for data exfiltration, command and control communication, and policy evasion. Popular consumer and collaboration platforms are especially attractive due to their global footprint and trusted reputation.

Our Application Control Bundle has been expanded with new protections that allow organizations to control application traffic at the domain and IP layers. 

Newly available application protections include:

  • eBay

  • AliExpress

  • Temu

  • Wish

  • Etsy

  • Rakuten

  • WhatsApp

  • Telegram

  • Facebook Messenger

  • Snapchat

  • Zoom

  • YouTube

  • QQ

  • Gemini

These controls support a wide range of use cases, including reducing shadow IT, limiting unsanctioned communications channels, preventing data leakage, and enforcing acceptable use policies. By applying protections through Protective DNS and IP Defense, customers gain consistent enforcement across on premises networks, cloud environments, and security controls such as firewalls and AWS WAF.

Proactive Protection Built for Real World Threats

Every new target is developed with real world abuse patterns in mind. The ThreatSTOP Security, Intelligence, and Research team continuously analyzes command and control activity, phishing infrastructure, peer to peer communication, data exfiltration techniques, DDoS behavior, and invalid traffic trends.

By translating intelligence into immediately usable protections, ThreatSTOP enables organizations to reduce exposure before incidents occur, not after alerts are triggered.

Take the Next Step with ThreatSTOP

For those interested in joining the ThreatSTOP family, or to learn more about our proactive protections for all environments, we invite you to visit our product page. Discover how our solutions can make a significant difference in your digital security landscape. We have pricing for all sizes of customers. Get started with a Demo today.

Connect with Customers, Disconnect from Risks

MITRE ATT&CK Framework Mapping

 

Threat Activity Addressed

MITRE Technique

Description

Command and control traffic

T1071

Application layer protocol abuse

Command and control over common services

T1071.001

Web protocols

Application abuse and covert communications

T1090

Proxy and relay techniques

Data exfiltration via applications

T1041

Exfiltration over command and control channel

Geographic infrastructure abuse

T1583

Acquire infrastructure

Network denial and disruption

T1498

Network denial of service