ESET Threat Intelligence features a full API that is available for automation of reports, YARA rules and other functionalities to allow for integration with other systems used within organizations.
These allow organizations to set up custom rules to obtain company-specific information that security engineers are interested in. Organizations receive valuable details such as the number of times specific threats have been seen worldwide, URLs containing malicious code, malware behavior on the system, where it was detected, and more.
Businesses want to prevent infiltrations from being able to communicate in or out of their network.
- ESET Threat Intelligence proactively notifies security teams of the most recent targeted attacks and command and control (C&C) servers that have occurred elsewhere.
- Threat intelligence provides TAXII feeds which can be connected to UTM devices to stop connectivity to or from malicious actors, thus preventing data leaks or damages.
- Businesses input rules and mitigations to prevent the intrusion of malware into their organization.
ESET proprietary early warning reports and feeds
Targeted malware report
Keeps the user informed about a potential attack that is under preparation or an ongoing attack aimed specifically against their organization. This report includes YARA rule strings, reputation information, similar binaries, file details, sandbox output and more.
Botnet activity report
Delivers regular and quantitative data about identified malware families and variants of botnet malware. The report provides actionable data that includes Command and Control (C&C) servers involved in botnet management, samples of botnet, global weekly statistics, and a list of targets of this malware.
Forged SSL certificate report
Generated when ESET detects a newly released SSL certificate by a certificate authority which has a very similar asset as the one provided by the customer during initial setup. This may include details such as upcoming phishing campaigns that are attempting to leverage this certificate. The report provides key attributes of the certificate, YARA matches and certificate data.
Targeted phishing report
Shows data about all phishing email activities targeted for the selected organization. The report provides phishing campaign information that includes campaign size, number of clients, URL screenshots, preview of phishing email, location of servers and much more.
Features domains which are considered malicious including domain name, ip address, detection of file downloaded from URL and detection of file which was trying to access the URL.
Malicious file feed
Features executables which are considered malicious and recognizes and shares information such as SHA1, MD5, SHA256, detection, size, and file format.
Features three types of feeds that check over 1000+ targets per day including information on the botnet itself, servers involved and their targets. Data provided include items such as detection, hash, last alive, files downloaded, ip addresses, protocols, targets.
Explore our customized solutions
Please leave us your contact details so we can design a personalized offer to fit your requirements.
Looking for the complete security of your network?
Related enterprise-grade solutions
Related SMB solutions
- ESET Security Management Center
Real-time network security visibility, reporting and management on a single screen.
- ESET Dynamic Threat Defense
Cloud-based sandboxing technology detects never before seen or zero-day threats.
- ESET Enterprise Inspector
EDR tool detects APTs, targeted attacks, file-less attacks plus risk assessment, forensic investigation.
- ESET Threat Monitoring
On-demand threat investigation, root cause analysis and remediation advice.
Stay on top of cybersecurity news
Brought to you by awarded and recognized security researchers from ESET's 13 global R&D centers.
We Live Security blog
Getting cybersecurity right in the work-from-home world can feel daunting. ESET Chief Security Evangelist Tony Anscombe shares 6 best practices that will steer you in the right direction.
If left unpatched, a firmware flaw in some enterprise-class solid-state drives could make data on them unrecoverable as early as this fall