Kaspersky Threat Data Feeds

Программное обеспечение Kaspersky Threat Data Feeds предназначено для обнаружения вредоносных действий и кибер-атак в корпоративной сети. Решение гарантирует точность обнаружения, так как Kaspersky Threat Data Feeds содержит тщательно проверенные данные индикатора угрозы, полученные в реальном времени.  Все агрегированные данные тщательно проверяются и уточняются в режиме реального времени с использованием нескольких методов предварительной обработки, таких как статистические критерии и многочисленных технологий «Лаборатории Касперского» (песочницы, механизмы эвристики, мультисканеры, инструменты сходства, профилирование поведения и т. д.). 



Kaspersky Lab offers three types of Threat Data Feed:

  • Malicious URLs and masks;
  • MD5 hashes of malicious objects database;
  • Mobile Thread Feeds.

Kaspersky Lab Threat Data Feeds Benefits

  • Empower your SIEM solution by leveraging data about harmful URLs. The SIEM is notified about malware, phishing and Botnet C&C URLs from logs coming to the SIEM from different network devices (user PCs, network proxies, firewalls, other servers).
  • Empower primary network defense solutions such as firewalls, IPS/IDS, SIEM solutions, Anti-APT, sandbox/ simulation technology, UTM appliances etc with continuously updated threat intelligence.
  • Improve your forensic capabilities by providing security teams with meaningful information about threats and insights into the thinking behind targeted attacks.
  • Support your research. Information about harmful URLs and MD5 hashes of malicious files makes a valuable contribution to threat research projects.

Feed Description

  • Malicious URLs – a set of URLs covering malicious links and websites. Masked and non-masked records are available.
  • Phishing URLs – a set of URLs identified by Kaspersky Lab as phishing sites. Masked and non-masked records are available.
  • Botnet C&C URLs – a set of URLs of botnet command and control (C&C) servers and related malicious objects.
  • Malware Hashes (ITW) – a set of file hashes and corresponding verdicts covering the most dangerous and prevalent malware delivered through the intelligence of KSN. Malware Hashes (UDS) – a set of file hashes detected by Kaspersky Lab cloud technologies (UDS stands for Urgent Detection System) based on a file’s metadata and statistics (without having the object itself). This enables the identification of new and emerging (zero-day) malicious objects that are not detected by other methods.
  • Mobile Malware Hashes – a set of file hashes for detecting malicious objects that infect mobile platforms.
  • P-SMS Trojan Feed — a set of Trojan hashes with corresponding context for detecting SMS Trojans ringing up premium charges for mobile users as well as enabling an attacker to steal, delete and respond to SMS messages.
  • Mobile Botnet C&C URLs — a set of URLs with context covering mobile botnet C&C servers.

Запросить цену