A Threat Intelligence Platform that Delivers
Updating network devices with the latest threat data is tedious, time-consuming, and ultimately not effective. So most “Threat Intelligence” is used for forensics to detect breaches that have already happened.
ThreatSTOP is cloud-based automated threat intelligence platform that converts the latest threat data into enforcement policies, and automatically updates your firewalls, routers, DNS servers and endpoints to stop attacks before they become breaches.
Every Network Device Needs Real-Time Threat Enforcement
The pace of today's threats makes it impossible to keep all of your network firewalls, routers and switches updated with manual methods. ThreatSTOP IP Defense enables your existing firewalls and routers to block the latest inbound and outbound communications to cyber-criminals.
ThreatSTOP IP Defense is deployable within an hour without the expense, complexity and delay of hardware upgrades, network reconfigurations, retraining or manual updates. The cloud-based service is easy to manage and works immediately on the devices you already own.
Automate and Augment your Network Threat Defense
- Automatically delivers the latest actionable threat intelligence to network firewalls, routers and switches based upon user-defined policies.
- Proactively blocks or redirects inbound malware, DDoS and other attacks, regardless of the attack type or vulnerability. Renders your network invisible to scanners, so attackers move on.
- Prevents data theft and corruption by stopping malware from “phoning home” to threat actors. Prevents activation of ransomware such as Cryptowall and Cryptolocker.
How It Works
ThreatSTOP's IP Defense provides a list of active bad IP addresses to your existing firewalls that is updated in near real time via a patented distribution mechanism. When a Bot or other malware attempts to "call home," ThreatSTOP IP Firewall prevents this from happening by blocking the communication to the criminals' computers.
- ThreatSTOP's detection engine maintains an active database of untrustworthy
IP addresses. The database is updated every 15 minutes and automatically downloaded onto your firewalls, routers and switches.
- If malware makes an attempt to "call home”, the bad IP addresses are blocked by your firewall preventing communication. Since there is no possibility of communication, the criminals in the outside world are unable to see the network.
- The firewall sends its logs back to ThreatSTOP resulting in intelligent actionable reports showing infected internal hosts for easy remediation. A closed-loop system, each user becomes part of a defense community by sharing the collected data.
- The platform is vendor-agnostic and is out-of-the-box compatible and integrated with nearly all major network vendors.
|IP Defense Check IOC||IP Defense Reporting||IP Defense Policy Creation|
Hear Directly From Our Customers
- "We have plenty of other systems in place, but ThreatSTOP prevented an ultrasound machine attack and gave us visibility into a large number of DNS queries that were being blocked. It also enabled us to quickly track down the infected ultrasound making the calls. That sold the product." - Geisinger Health
- "ThreatSTOP has eliminated manual blacklisting & remediation, reducing help desk tickets relating to malware by 90%, to only 1 - 2 per month." - University of Baltimore
- "ThreatSTOP is an effective and easy tool for reducing internet enabled/distributed malware. The price is incredibly fair, even for a non-profit." - Oklahoma Medical Research Foundation
- "Implementing this system has decreased the total number of attacks against our customers by about 40%." - Armor
- "Now we have no service stoppages, no escalations with the ISP, and no manual cleanups. We just look at the reports and respond to any issues very quickly. ThreatSTOP has solved a very big headache for us." - Bibliotheek Rotterdam