TI

Threat Intelligence

Minimizes risk. Improves security posture.

Gain additional insight into various threats and threat actors

Integrates with NSFOCUS Cloud and
On-Premises Defenses

STRATEGIC AND TACTICAL THREAT INTELLIGENCE

NSFOCUS
Threat Intelligence
(NTI) Portal

Threat Analysis
Reports

Actionable
Data Feeds

Threat information & knowledge
Drill to detail on threats
Incident response & forensic analysis

Threat Trends, Campaigns, Actors
Critical Vulnerabilities
Weekly, Monthly, Quarterly Reports

IP Reputation
Malicious Web/URL
Malware Hashes
Command & Control

NTI PORTAL

Gain additional insight into various threats and threat actors
IP’s, domains, vulnerabilities, and malware
Customizable views, searches, and results
Graphs, charts, tables, and target systems and applications
Upload malware samples – receive results
Monitor and track IP addresses – automatic notification

ACTIONABLE DATA FEEDS

	Data Feed Description	Primary Threat Prevention
Command & Control	List of IP addresses that are known to control botnet armies used to take services offline	Prevents participation in bot networks
Maleware File Hashes	A set of MD5 file hashes that can be used to identify malware in email or file transfers as well as stored data	Malware, Ransomware, Trojan, Scanning, Probing, Data Leakage
Malicious Web/URL	A domain reputation list that includes malicious websites that are the source of cyber threat attacks and activities	Malware, Ransomware, Spyware, Phishing, Data Leakage
IP Address Reputation	List of IP addresses that have earned a negative reputation through involvement in suspicious activity	Phishing, Spam, Botnets, DDoS and APT attacks
	Standards based API: JSON and XML, STIX and TAXII formats

Highlights

Integration with NSFOCUS Cloud and On-Premises Defenses
Intel is derived by an extensive sensor, honeypot, and managed services network
Endpoint, application, and network Visibility and Intelligence
700G data collected daily