Our Favorite Free Open Source Threat Intelligence Feeds
Threat intelligence feeds record and track IP addresses and URLs associated with phishing scams, malware, bots, trojans, adware, spyware, ransomware, and more. While there are plenty available online, we thought we would share our favorites.
Proofpoint’s Emerging Threats
- Proofpoint’s Emerging Threats Intelligence Feed (ET) is one of the highest-rated threat intelligence feeds. ET categorizes and tracks the recent activity of IP addresses and domains associated with malicious activity online. The feed contains 40 separate IP and URL categories, as well as continuously updated safety scores.
- Similar to ET, the CINS Score assigns threat levels to domains associated with malicious activity online. CINS expands upon this feature by adding data regarding the frequency and type of attacks. They even assign “personas” for the attacks according to the form they take.
- FBI Infragard is the product of a collaboration between the FBI and members of the private sector. Infragard connects owners and operators in various industries to provide information sharing, networks, and educational workshops to keep up with threats relevant to 16 specific infrastructure categories. Members come from a variety of industries, including law, government organizations, and business.
- Blocklist.de is a free service that tracks attacks from FTP, SSH, email, and server sources. Their goal is to report all attacks to respective departments using various databases to ensure that customers remain informed.
- AlienVault Open Threat Exchange is the world’s largest open threat intelligence community — enabling companies, independent researchers, and government agencies to share information about emerging threats to maintain a safe cyber community. AlienVault notifies individuals of dangers through community and API-generated “pulses” that also track attacks from various sources.
- Abuse.CH is a non-profit platform running projects like Feodo Tracker and URLHaus efforts to help companies protect their network infrastructures from malware. While Feodo Tracker focuses on identifying malware bots, URLHaus flags URLs for blocking.
Threat intelligence is a crucial component of any risk assessment framework. It is imperative to know where to turn for information that can protect your network infrastructure. Vulcan cyber can help you prioritize vulnerabilities before they emerge as threats. And, once vulnerabilities are identified, Remedy Cloud is the largest database of remedies for security vulnerabilities that can help you get fix done.