Threat Intelligence Platform Company to provide Incident Responders special pricing and free licensing of ThreatSTOP proprietary investigation and remediation tools.


Photo Credit: HowToStartABlogOnline.Net

CARLSBAD, CA: October 24th, 2017: ThreatSTOP, the integrated platform for weaponizing threat intelligence, today announced the launch of their FirstSTOP program, a package of powerful proprietary tools, software and services provided at low cost or free to qualified cyber incident response organizations and individuals. 

“The ThreatSTOP platform and tools allow for a far more proactive and modern approach for a discipline that is too frequently still using manual methods and one-off technologies,” said Paul Mockapetris, DNS Inventor & Chief Scientist at ThreatSTOP.  “The low-touch and rapid deployment of ThreatSTOP IP and DNS Defense in a log-only and/or TAP mode allows organizations to get proactive immediately with minimal network disruption.”

The ThreatSTOP integrated platform is the only cloud-based solution that transforms passive threat intelligence into proactive enforcement policies and automates the real-time updating of network enforcement devices like firewalls, routers, switches and DNS servers. The platform and components can also be deployed in monitor-only mode for incident response, and provide exponentially faster compromised asset identification, allowing for seamless transition to containment and recovery. 

The FirstSTOP program is composed of: 

  • Demo and test account with demonstration data, plus the ability to add 30 day limited customer deployments, at no charge, to facilitate incident response
  • Preconfigured, downloadable ISO versions of ThreatSTOP’s IP and DNS Defense solutions
  • 20 free licenses for ThreatSTOP’s Roaming Endpoint agents
  • Policy Customization
  • Log Analysis and Reports
  • Access, for named responders, to the ThreatSTOP Threat Intelligence “Battle Unicorns” (additional fee per responder)

“Cyberattacks are immediate business operations crises and incident responders need to respond quickly and effectively,” said Tom Byrnes, Founder and CTO of ThreatSTOP. “At minimum, most hacked organizations are looking for fast answers on the systems and applications compromised, and what continuing actions are taking place. ThreatSTOP’s FirstSTOP program will give incident responders a set of fully productized enterprise-ready tools to use existing infrastructure to identify infected machines, monitor command-and-control communications, and correlate network and endpoint incidents.”

The ThreatSTOP solution is of particular interest to MSP’s and MSSP’s, primarily those focusing on managed detection and response (MDR). Both MSP and Enterprise customers can, for example, correlate a network-level alert with roaming endpoint IOCs, analyze in conjunction with current network traffic, and deploy real-time enterprise wide process blocking based on the incident.

To learn more about ThreatSTOP’s FirstSTOP Incident Response Program, visit us here.



ThreatSTOP is the only SaaS platform that weaponizes threat intelligence by transforming forensic data into enforcement policies, and automatically updating firewalls, routers, DNS servers and endpoints to stop attacks before they become breaches.  Founded in 2009, ThreatSTOP has weaponized threat intel for over 800 customers in financial services, healthcare, energy manufacturing, education and insurance.  For more information, visit ThreatSTOP at