Threat Intelligence Data Feed
Equips your security systems with a comprehensive list of IoCs for automatic threat detection and response. The premium version enhances this with in-depth threat intelligence, similar to our Lookup service. Select from raw or pre-filtered feeds, both tailored for smooth integration within your infrastructure.
Use Cases
Threat Intelligence Data Feed provide the data to improve many aspects of information security. By providing lists of known threats, the feeds enable identification, monitoring, flagging and blocking them, in addition to allowing performing cybersecurity research and analysis.
Security Tools
Saas Platforms
Firewalls & Denylists
We cover the following threat types
Every IoC is attributed with a threat type. There are 9 threat types present in the data feed:
Attack
Malicious activity detected from the host. For example, SSH brute-force, etc.
Botnet
A host was detected as an actor in a group of connected hosts that perform malicious activities (botnet).
C2 (C&C)
The host is a known botnet's "Command and Control" server.
Malware
The IoC is related to malicious software distribution. It can be a host or a URL serving the malware.
Phishing
The indicator, usually a domain name or URL, is involved in Phishing activity;
Suspicious
IoC's activity hasn't been verified to be of malicious nature. For instance, it may be a host scraping websites, sending large amounts of ICMP queries, etc.;
Generic
IoC has been involved in some form of malicious activity but couldn't be classified into one of the other categories.
Spam
A host engaged in sending spam.
Tor
A host acts as a TOR exit node
Our Threat Intelligence data sources
By combining data from the following multiple sources, our Threat Intelligence Data Feed provides you with a comprehensive and accurate view of the threat landscape, enabling you to take proactive steps to protect your organization from cyber threats.
OSINT
We collect indicators of compromise (IoCs) and threat data from open sources, combining details from nearly all available public sources into one centralized location.
Honeypots/sensors
We operate a custom network of honeypots to trap and study attacks's infrastructure.
Algorithmic and Machine Learning Analysis
We use known IoCs to predict and discover new potential threats, which we then validate and incorporate into our database.
Abuse Reports
We gather abuse reports and scrutinize them for insights.
In-House Research
Our specialist team conducts independent research to pinpoint and dissect new IoCs.
Database samples
We provide daily data in CSV and JSON formats. The data includes denylists, malicious domains, IPs, CIDR, and more.
Free sample
Full sample
Pricing plans for all team sizes
Threat Intelligence Data Feeds provide daily data in CSV and JSON formats. The data includes denylists, malicious domains, suspicious IPs, CIDRs, and more. Please note that our service is for registered companies only. Requests from private individuals or emails that don't match the company domain name are ignored.
For invoice payments, please get in touch with us via support@falconsentinel.com or Contact us form.
You’ll be in good company
Our solutions are already used by HiQ Finland, Deloitte, Amesan Consulting, Swedbank, Cisco, Accenture, Nielsen Suomi, CGI, Telia, Digital Ocean, University of Southern California, and others.
Contact Us
Got a technical issue? Want to send feedback about data feeds? Need details about our plans? Let us know. Please note that our service is for registered companies only. Requests from private individuals or emails that don't match the company domain name are ignored.