What are PT Threat Intelligence Feeds?
Feed benefits
Features and advantages

01

What are PT Threat Intelligence Feeds?

PT Threat Intelligence Feeds are data feeds on indicators of compromise (malicious domains, IP addresses, links, and file hashes) that provide SOC teams with current information on security threats. PT ESC experts collect data for PT Threat Intelligence Feeds during incident investigations and research on hacker groups. Anonymized data from other Positive Technologies products is also used.

  • Integrate in SIEM systems

    The most up-to-date data for fast and accurate threat detection

  • Integrate in other information security systems

    Quickly confirm and prioritize incidents with detailed context

  • Integrate in TI platforms

    Out-of-the-box integration with information security tools

02

Feed benefits

  • Important context to effectively and quickly detect dangerous activity on the network

  • Additional data for assessing incident severity and prioritizing response tasks

  • Regularly updated threat intelligence that can be used for proactive protection

  • Track current industry threats that are especially relevant for specific organizations

Created by the PT Expert Security Center

The PT Expert Security Center (PT ESC) is at the forefront of cyberthreat research, detection, response, and investigation of complex incidents in large companies. The PT ESC team also investigates the activities of hacker groups in Russia and around the world to learn about attacker tactics, techniques, and tools. Our specialists analyze and verify all the indicators of compromise in feeds to give you unique, valuable insights into real-world threats.
PT Expert Security Center

03

Features and advantages

  • Unique data on real threats

    Anonymized telemetry from hundreds of Positive Technologies product installations provides awareness of what is going on in the world of information security right now.

  • Reputation and potential damage assessment

    For each indicator of compromise, reputation and potential damage are estimated. This helps prioritize threats, estimate possible damage from attacks, and focus on preventing what's most dangerous.

  • Advanced context data

    Enriching indicators of compromise with additional data gives SOC analysts the context they need to make informed threat response decisions.

  • 30+ feeds

    Indicators of compromise in PT Threat Intelligence Feeds are grouped into feeds based on potential application in targeted attacks, specific malware families or malicious campaigns, and more.

  • Integration in products from a variety of vendors

    PT Threat Intelligence Feeds supports a growing number of formats and wide range of protection tools.

Get in touch

Fill in the form and our specialists
will contact you shortly