CISA’s KEV additions: Stay on top of the recently added CVEs, and how to fix them | Read more >>

Q1 Vulnerability Watch: Discover the notable vulnerabilities form Q1 2023 and start Q2 more secure | Get the report >>

The CyberRisk Summit is back: Join us on May 23 to learn how cyber risk experts put vulnerability risk in context | Get your free ticket >>

CISA’s KEV additions: Stay on top of the recently added CVEs, and how to fix them | Read more >>

Q1 Vulnerability Watch: Discover the notable vulnerabilities form Q1 2023 and start Q2 more secure | Get the report >>

The CyberRisk Summit is back: Join us on May 23 to learn how cyber risk experts put vulnerability risk in context | Get your free ticket >>

TRY VULCAN FREE
Tools

Our Favorite Free Open Source Threat Intelligence Feeds

Threat intelligence feeds record and track IP addresses and URLs associated with phishing scams, malware, bots, trojans, adware, spyware, ransomware, and more. Here are some of our favourites to help you stay ahead of malicious actors.

Derek Hays | October 21, 2021

Threat intelligence feeds record and track IP addresses and URLs associated with phishing scams, malware, bots, trojans, adware, spyware, ransomware, and more. While there are plenty available online, we thought we would share our favorites.

Proofpoint’s Emerging Threats

  • Proofpoint’s Emerging Threats Intelligence Feed (ET) is one of the highest-rated threat intelligence feeds. ET categorizes and tracks the recent activity of IP addresses and domains associated with malicious activity online. The feed contains 40 separate IP and URL categories, as well as continuously updated safety scores.

CINS Score

  • Similar to ET, the CINS Score assigns threat levels to domains associated with malicious activity online. CINS expands upon this feature by adding data regarding the frequency and type of attacks. They even assign “personas” for the attacks according to the form they take. 

FBI Infragard

  • FBI Infragard is the product of a collaboration between the FBI and members of the private sector. Infragard connects owners and operators in various industries to provide information sharing, networks, and educational workshops to keep up with threats relevant to 16 specific infrastructure categories. Members come from a variety of industries, including law, government organizations, and business. 

Blocklist.De

  • Blocklist.de is a free service that tracks attacks from FTP, SSH, email, and server sources. Their goal is to report all attacks to respective departments using various databases to ensure that customers remain informed. 

AlienVault OTX

  • AlienVault Open Threat Exchange is the world’s largest open threat intelligence community — enabling companies, independent researchers, and government agencies to share information about emerging threats to maintain a safe cyber community. AlienVault notifies individuals of dangers through community and API-generated “pulses” that also track attacks from various sources. 

Abuse.CH

  • Abuse.CH is a non-profit platform running projects like Feodo Tracker and URLHaus efforts to help companies protect their network infrastructures from malware. While Feodo Tracker focuses on identifying malware bots, URLHaus flags URLs for blocking. 

Threat intelligence is a crucial component of any risk assessment framework. It is imperative to know where to turn for information that can protect your network infrastructure. Vulcan cyber can help you prioritize vulnerabilities before they emerge as threats. And, once vulnerabilities are identified, Remedy Cloud is the largest database of remedies for security vulnerabilities that can help you own your risk