Threat Intelligence is aggregated from fused, heterogeneous and highly reliable sources such as Maltiverse web crawlers, Maltiverse custom honeypots (24/7/365 monitoring of specific types of attacks and their targets and activities), spam traps, research teams, the deep web, partners and other historical data about malicious objects.
All the aggregated data is carefully inspected and refined in real-time using multiple preprocessing techniques, such as statistical criteria, sandboxes, heuristics engines, similarity tools, behavior profiling etc., analysts validation and allowlisting verification. As a result, Maltiverse Threat Intelligence Feed service contains thoroughly vetted threat indicator data sourced from the real world, in real time.
Available Threat Intelligence Feeds? #
Threat intelligence feeds can be found in the following link:
https://maltiverse.com/threatintel
How often are the feeds updated? #
Maltiverse update the feeds in real time. Some feeds might be updated less frequently depending on how quickly their contents change.
How are the feeds delivered? #
We make the feeds available for download over HTTPS and TAXII protocol, using an API Key for client authorization.
What format are the feeds in? #
We output our feeds in JSON format and plain text . We also provide STIX2, CSV and plain text. Conversion to other formats can be offered upon request.
What are Maltiverse Custom Feeds?Our integration team of security analysts will support you in the process and advise you on the creation of custom feeds tailored to the particular needs of your industry.
