BlogCareersContact Us
< Back to Blog

Our Favorite Free Open Source Threat Intelligence Feeds

Yossi Glazer
 | Oct 21, 2021
 | Product Manager

Threat intelligence feeds record and track IP addresses and URLs associated with phishing scams, malware, bots, trojans, adware, spyware, ransomware, and more. While there are plenty available online, we thought we would share our favorites.

Proofpoint’s Emerging Threats

  • Proofpoint’s Emerging Threats Intelligence Feed (ET) is one of the highest-rated threat intelligence feeds. ET categorizes and tracks the recent activity of IP addresses and domains associated with malicious activity online. The feed contains 40 separate IP and URL categories, as well as continuously updated safety scores.

CINS Score

  • Similar to ET, the CINS Score assigns threat levels to domains associated with malicious activity online. CINS expands upon this feature by adding data regarding the frequency and type of attacks. They even assign “personas” for the attacks according to the form they take. 

FBI Infragard

  • FBI Infragard is the product of a collaboration between the FBI and members of the private sector. Infragard connects owners and operators in various industries to provide information sharing, networks, and educational workshops to keep up with threats relevant to 16 specific infrastructure categories. Members come from a variety of industries, including law, government organizations, and business. 


  • is a free service that tracks attacks from FTP, SSH, email, and server sources. Their goal is to report all attacks to respective departments using various databases to ensure that customers remain informed. 

AlienVault OTX

  • AlienVault Open Threat Exchange is the world’s largest open threat intelligence community — enabling companies, independent researchers, and government agencies to share information about emerging threats to maintain a safe cyber community. AlienVault notifies individuals of dangers through community and API-generated “pulses” that also track attacks from various sources. 


  • Abuse.CH is a non-profit platform running projects like Feodo Tracker and URLHaus efforts to help companies protect their network infrastructures from malware. While Feodo Tracker focuses on identifying malware bots, URLHaus flags URLs for blocking. 

Threat intelligence is a crucial component of any risk assessment framework. It is imperative to know where to turn for information that can protect your network infrastructure. Vulcan cyber can help you prioritize vulnerabilities before they emerge as threats. And, once vulnerabilities are identified, Remedy Cloud is the largest database of remedies for security vulnerabilities that can help you get fix done. 

About the Author

Yossi Glazer

Yossi has over 20 years of experience in IT and cybersecurity companies, in various roles ranging from development to product. He is passionate about innovation and solving real-life problems through new products and methodologies.

People also read

How to fix the zero day CVE-2022-22620 vulnerability

Read More >

SANS Cloud Security Survey 2022 – highlights

Read More >

5 Azure Security Tools You Should Know About

Read More >

CIS Benchmarks and system hardening: an introduction

Read More >

Microsoft zero day, More Musk drama, and more: first officer’s log – week 3

Read More >
< Back to Blog
Did you find this interesting? Share it with others: