Data & Intelligence Sources
When you add our data to your network, you get:
- Standard or tailored threatlists.
- One interface for Cloud, IoT, roaming laptops and traditional enterprise network.
- One interface regardless of your firewall, router, brand, etc.
- Constant updates to latest threats.
- Keep your data in and malware out.
- Get 20% more of your network bandwidth back.
- Throw spam and DDoS away at the perimeter or your network, on and off prem.
- Don't just block, report and analyze too.
Over 200 authoritative feeds + operationalized threat intelligence
We protect IT infrastructure against the most current and active criminals via our Ransomware, Botnet C&C hosts, phishing and Malware dropper intelligence for both inbound and outbound connections, while at the same time protecting data center infrastructure via our Server centric lists against inbound attacks. In addition, our customers’ VOIP infrastructure is safeguarded against criminals that use VOIP servers to relay their calls and we also provide geographical filtering on regional, country and in special cases ZIP/Postal code level granularity.
While the accuracy of our Threat Intelligence is what makes ThreatSTOP different, the fact that we make this intelligence actionable is what truly sets us apart. This is achieved in near real time via frequent updates and uses proprietary algorithms that we apply to each and every list we capture. Depending on the data source and specific method used to collect the data, ThreatSTOP utilizes various techniques to ensure the validity of each entry. Based on our experience in the security space as well as our background in signal processing we have developed proprietary algorithms to identify currently active threats from these sources. Using techniques adapted from signal processing and noise reduction we are able to identify the domains and IP addresses that are currently malicious.
We also remove BOGONs, duplicates, Martians and other invalid data while we are aging out IP addresses and domains no longer deemed a threat. These correlation and processing heuristics have been carefully tuned over the last 5 years to ensure that they optimize the output to minimize false positives without missing serious threats.
Aside from scrubbing each of the sources tracked by ThreatSTOP and ensuring their validity, our protection takes it a step further by running our threat intelligence against our proven whitelists of known and trusted sites to effectively guard against botnet controllers deliberately trying to make IP reputation ineffective. Our whitelists are rigorously maintained, with domains only deemed ‘trusted’ after meeting ThreatSTOP’s strict evaluation to ensure that they are highly unlikely to contain a threat for a significant period of time.