ESET Threat Intelligence reports and feeds
Get in-depth, up-to-date global knowledge about specific threats and attack sources. Use the expertise of our IT team, because it can be difficult for security engineers, who access information only within their own networks, to detect these threats. Enable your organization to:
Detect Advanced Persistent Threats (APTs)
Block suspicious domains
Prevent botnet attacks
Block Indicators of Compromise
Get APT reports you can act on – quickly and accurately
Putting our best research at your fingertips
Our research team is well known in the digital security environment, thanks to our award winning We Live Security blog. Their great research and APT activity summaries are available, with much more detailed information at your disposal.
Actionable, curated content
Reports provide a great deal of context to what is going on and why. Thanks to this, organizations can prepare in advance for what might be coming. It’s not just the reports themselves – they are curated by our experts who put them in a human-readable format.
Make crucial decisions fast
All this helps organizations to make crucial decisions and provides a strategic advantage in the fight against digital crime. It brings an understanding of what is happening on the ‘bad side of the internet’ and provides crucial context, so that your organization can make internal preparations quickly.
Access to ESET Analyst
Every customer ordering the APT Reports PREMIUM package will have also access to an ESET analyst for up to four hours each month. This provides the opportunity to discuss topics in greater detail and help resolve any outstanding issues.
In-depth analysis
The package includes in-depth technical analysis reports describing recent campaigns, new toolsets and related subjects, and activity summary reports. A monthly overview combines information from all Technical Analysis and Activity Summary reports released in the previous month into a shorter and more digestible form.
ESET proprietary intelligence feeds
Get a quick, real-time look at the worldwide threat landscape. Our feeds come from our research centers based around the globe to get a holistic picture, and quickly block IoCs in your environment. Feeds are in the formats • JSON • STIX 2.0
Malicious files feed
Understand which malicious files are being seen in the wild. Features domains which are considered malicious, including domain name, IP address, detection of file downloaded from URL and detection of the file which was trying to access the URL. This feed comprises shared hashes of malicious executable files and associated data.
Domain feed
Block domains which are considered malicious including domain name, IP address, and the date associated with them. The feed ranks domains based on their severity, which lets you adjust your response accordingly, for example to only block high-severity domains.
Botnet feed
Based on ESET's proprietary botnet tracker network, Botnet feed features three types of sub-feeds – botnet, C&C and targets. Data provided includes items such as detection, hash, last alive, files downloaded, IP addresses, protocols, targets and other information.
URL feed
Similar to Domain feed, the URL feed looks at specific addresses. It includes detailed information on data related to the URL, as well as information about the domains which host them. All the information is filtered to show only high confidence results and includes human-readable information on why the URL was flagged.
APT feed
This feed consists of APT information produced by ESET research. In general, the feed is an export from the ESET internal MISP server. All the data that is shared is also explained in greater detail in APT reports. The APT feed is also part of APT reports offering, but the feed can also be purchased separately.
IP feed
This feed shares IPs considered to be malicious and the data associated with them. The structure of the data is very similar to that used for the domain and URL feeds. The main use-case here is to understand which malicious IPs are currently prevalent in the wild, block those IPs which are of high severity, spot those that are less severe, and investigate further, based on additional data, to see if they have already caused harm.
Protected by ESET since 2017
more than 9,000 endpoints
Protected by ESET since 2016
more than 4,000 mailboxes
Protected by ESET since 2016
more than 32,000 endpoints
ISP security partner since 2008
2 milion customer base
Improve resilience to attacks
In order to manage risks and effectively implement the Zero Trust framework, organizations need more than just information about what's happening on their own network. The latest information on the wider threat landscape helps better prevent attacks, even before they strike. In order to face these threats, organizations need to create robust systems that help protect, mitigate and investigate security problems, so that business continuity remains unaffected.
Act on comprehensive information
Threat Intelligence platforms can provide a lot of data and potentially overwhelm organizations with information. It's crucial that businesses are able to act quickly on information they receive, without the need for exhausting analysis. Speed is of the essence when taking the threat intelligence data out of a report and feed, and blacklisting the Indicators of compromise (IoCs) or alerting internal security staff. Feeds and reports must be highly contextual to ensure a quick response.
Get the big picture
It's important that the threat intelligence data you receive is not only actionable, but also easily and comprehensively integrated in your environment. Support for out-of-the box integration into TI systems and third party SIEMs is a must; as is support for industry standard formats such as TAXII, so that integrating with in-house tools is also possible.
Explore our customized solutions
Please leave your contact details so we can design a personalized offer to fit your requirements.
Committed to the highest industry standards
ESET was named a 'Leader' in the 2024 IDC MarketScape for Modern Endpoint Security
ESET was awarded in multiple independent tests
ESET is a ‘Top Player’ in Advanced Persistent Threat protection ESET has been recognized as a ‘Top Player’ for the fifth year in a row in Radicati’s 2024 Advanced Persistent Threat Market Quadrant
ESET is appreciated by customers worldwide
ESET is recognized for over 700 reviews collected on Gartner Peer Insights © 2022 Gartner, Inc. Gartner® and Peer Insights™ are trademarks of Gartner, Inc. and/or its affiliates. All rights reserved. Gartner Peer Insights content consists of the opinions of individual end users based on their own experiences, and should not be construed as statements of fact, nor do they represent the views of Gartner or its affiliates. Gartner does not endorse any vendor, product or service depicted in this content nor makes any warranties, expressed or implied, with respect to this content, about its accuracy or completeness, including any warranties of merchantability or fitness for a particular purpose.
Related business solutions
Security solution
ESET PROTECT MDR
The ultimate fusion of cutting-edge security tools and top of the line human expertise.
Security solution
ESET PROTECT Enterprise
Extended detection and response (XDR) that delivers enterprise-grade visibility, threat hunting and response options.
Protection category
Advanced Threat Defense
Proactive cloud-based defense against zero-day and never-before-seen threat types.
Related resources and documents
APT Reports
Prepared by ESET's world-leading malware experts, APT reports analyze specific, current advanced persistent threats.
Threat research
ESET has been a global leader in cyber threat research for more than 30 years.