Threat Intelligence Feed Advanced Protection

The OPSWAT Threat Intelligence Feed is an enterprise security product designed to deliver real-time threat knowledge to organizations, easily integrating inside existing infrastructure to provide better protection against sophisticated attacks. 

Why Integrate a Threat Feed?

Cyber-security threats are becoming more complex every day. Enterprise environments grow more complex and attackers are constantly developing innovative ways to infiltrate networks, sometimes laying dormant until directed to attack, or silently compromising the security of organizations and/or individuals.

OPSWAT's Threat Intelligence Feed addresses challenges faced by Security Operations Centers (SOC) by providing real-time insights on the most dangerous and complex cyber-attacks. We built a feed which is live and easy to query, helping organizations defend against file-based attacks. The feed is composed of hashes deemed to be infected by our multi-scanning technology. The hashes detected are added to the feed immediately after detection. There are multiple sources where we collect infected files from, some of the most notable sources include:

  • OPSWAT customers that submit infected files for analysis with MetaDefender Cloud 
  • The MetaDefender Cloud community of free users submitting infected files
  • OPSWAT partners participating in the Malware Sharing Program

The main use cases for the feed include enhancing security applications with blacklist capabilities in order to quickly and accurately quarantine malicious files before they penetrate corporate spaces. The feed can also be combined with other threat intelligence feeds from different vendors.



How Do I Query the Feed?

The feed has a free tier and grants access to the first 1000 infected hashes each day to registered users. For commercial users, the feed has more advanced features like:

  • Access to the full list of malware detected each day
  • The ability to query up to the previous 12 months of malware submitted
  • Filtering by file category. Because your organization might only be interested in certain types of files (Android or document-based malware)

For more information on the feed please see our documentation.

Great Things to Come

This is a new feed part of MetaDefender Cloud. The first in a series of multiple feeds which will be introduced as part of the Feed API product line. The roadmap also includes enhancements that are focused on providing more value to our users by adding metadata like malware family, type and infection score. We'll also be adding more feed types.

For any question or inquiries do not hesitate to contact us

Sign up for Blog updates
Get information and insight from the leaders in advanced threat prevention.