MetaDefender InSights TI

About MetaDefender InSights TI feeds

InSights TI is a threat indicator feed composed of indicators relating to adversary infrastructure used for a variety of abuse types, including phishing, malware staging, VPN and proxy endpoints, and attack origination including mail delivery, scanning & exploitation, and network penetration. This feed includes data from OPSWAT's own intelligence analysis and our partner networks.

Indicator types

InSights TI comprises the following types of threat indicators:

  • IP addresses
  • Domain names
  • URLs

Target use case

This feed is well suited for broad-based threat intelligence workflows focused on diverse use cases such as email security reputation checks, controlling the flow of files and content in to end users and endpoint devices, security data analysis and threat hunting. It can also support integrated business workflows that monitor for external threats across perimeter systems, monitor new hire and third party fraud, safeguard M&As, perform prospect validation and KYC checks, and more.

Methodology

InSights TI comprises data collected from across OPSWAT's intelligence processing ecosystem. Our own proprietary threat research in areas such as threat actor and malware family tracking is combined with our work in infrastructure intelligence, identifying large scale ecosystems of the IP address and DNS space to collect indicators ranging from those observed in individual campaigns to broader scale internet abuse. This is aggregated with data collected from OPSWAT's intelligence partner network as well as select open source intelligence (OSINT) sources. After collecting and normalizing the data, our quality processing systems perform filtering and expiration of aged indicators, helping keep the resulting technical indicator feeds relevant and actionable for a broad range of uses.

Target systems

Our InSights TI feed is suited for usage in SIEM platforms, XDR solutions, EDR deployments, email security platforms, NDR platforms, insider threat monitoring, home grown detection platforms and data lakes. Collecting the data in threat intelligence platforms (TIPs) can help ensure a comprehensive collection of intelligence indicators applicable to many detection and contextualization use cases.

Type to search, ESC to discard
Type to search, ESC to discard
Type to search, ESC to discard
Next to read:
MetaDefender InSights OSINT
On This Page
MetaDefender InSights TIAbout MetaDefender InSights TI feedsIndicator typesTarget use caseMethodologyTarget systems