Stay ahead of cyber threats with our intelligence tools
Enhance your business's security with our solutions that deliver real-time intelligence on emerging cyber threats. Choose from our comprehensive range of offerings, including raw data feeds, APIs, and web lookup, all designed for seamless integration with your existing security infrastructure. This ensures rapid threat detection and response, strengthening your business's defenses.
Our products
Our tools are designed to evaluate IP addresses, provide a security assessment, and deliver comprehensive threat intelligence information.
Lookup
API
Data Feed
Use cases
Enhance your organization's cybersecurity efforts:
Automated Threat Detection
Enrichment of Security Data
Integration with SIEM & SOAR
Our data enrichments
Explore the output from our Data Feed and API using our Web Lookup. Simply enter an IP address and visualize the data we provide. If you prefer documentation, please refer to our Data Feed Docs.
IP Threat Assessment
Assess whether an IP is classified as a Threat, Benign, Suspicious, or Unknown. For identified threats, provide details regarding the type of the threat.
- - Verdict
- - Threat Score
- - Threat Type
- - First/Last Seen
IP Geolocation
Obtain the geolocation information for the IP address.
- - Country
- - Region
- - City
Proxy Detection
Identify public VPNs or TOR exit nodes.
- - Tor Exit Node Flag
- - Public VPN Flag
- - Public VPN Name
Reverse DNS (PTR)
Retrieve the PTR record and compare whether the reverse and direct resolution results match.
- - PTR Record
- - Records Match Flag
Benign Infrastructure Info
Verify if the IP belongs to any known benign crawler, bot, or service.
- - Name
- - Description
- - Reference URLs
Known IPs
Display information on IP addresses connected to known internet services that are not anticipated to perform legitimate infrastructure scans or crawls.
- - Name
- - Description
- - Reference URLs
AS Info
Display autonomous system details.
- - ASN
- - Name
- - Domain Name
WHOIS (IP Netblock) Info
Retrieve IP Netblock (WHOIS) information for the IP address, supplemented with the general threat score for this block.
- - Netblock Threat Score
- - Registrar Organization
- - Range Borders
- - Network Name
- - Organization Details
- - Admin/Tech/Abuse Contact Info
- - Last Modified
Malicious Activity Details
Provide specific details regarding the exact attack attempted from the IP address.
- - Type of Attack
- - Signature
- - Severity
- - CVE
- - Last Activity
We cover the following threat types
Attack
Malicious activity detected from the host.
C2 (C&C)
Known botnet's "Command and Control" hosts.
Malware
Hosts related to malicious software distribution.
Phishing
Hosts involved in phishing activity.
Spam
Hosts engaged in sending spam.
Suspicious
Hosts whose activity hasn't been confirmed as malicious but remains suspicious. For example, it could involve hosts scraping websites or sending a large number of ICMP queries.
Our Threat Intelligence data sources
By combining data from the following multiple sources, our products provide you with a comprehensive and accurate view of the threat landscape, enabling you to take proactive steps to protect your organization from cyber threats.
OSINT
We collect indicators of compromise (IoCs) and threat data from open sources, combining details from nearly all available public sources into one centralized location.
Honeypots/sensors
We operate a custom network of honeypots to trap and study attacks's infrastructure.
Algorithmic and Machine Learning Analysis
We use known IoCs to predict and discover new potential threats, which we then validate and incorporate into our database.
Abuse Reports
We gather abuse reports and scrutinize them for insights.
In-House Research
Our specialist team conducts independent research to pinpoint and dissect new IoCs.
Own Data Enrichments
We continuously collect, process, and unify essential enrichment data, including IP Geolocation, Proxy Detection, Reverse DNS (PTR), AS Information, WHOIS (IP Netblock) Information, and more.
You’ll be in good company
Our solutions are already used by HiQ Finland, Deloitte, Amesan Consulting, Swedbank, Cisco, Accenture, Nielsen Suomi, CGI, Telia, Digital Ocean, University of Southern California, and others.
Experience our data in action with a live IP Lookup
Contact Us
Have a technical issue? Want to provide feedback? Need information about our subscription plans? We're here to help! Please note that our services are exclusively for registered companies. Requests from private individuals or emails that do not match the company domain name will not be processed. You can also reach us at support@falconsentinel.com.