ESET® THREAT INTELLIGENCE SERVICE

Extend your security intelligence from local network to global cyberspace

110m+
users worldwide

400k+
business customers

200+
countries & territories

13
global R&D centers

ESET Threat Intelligence Service

Get in-depth, up-to-date global knowledge about specific threats and attack sources, which can be difficult to obtain if you only have access to information within your own networks. Enable your organization to:

Checkmark icon

Block targeted attacks

Checkmark icon

Protect against phishing

Checkmark icon

Stop botnet attacks

Checkmark icon

Detect advanced persistent threats


Real-time data feed

ESET Threat Intelligence data feeds utilize widely supported STIX and TAXII formats, which makes it easy to integrate with existing SIEM tools. Integration helps to deliver the latest information on the threat landscape to predict and prevent threats before they strike.

Robust API

ESET Threat Intelligence features a full API that is available for automation of reports, YARA rules and other functionalities to allow for integration with other systems used within organizations.

YARA rules

These allow organizations to set up custom rules to obtain company-specific information that security engineers are interested in. Organizations receive valuable details such as the number of times specific threats have been seen worldwide, URLs containing malicious code, malware behavior on the system, where it was detected, and more.

Use cases

PROBLEM

Businesses want to prevent infiltrations from being able to communicate in or out of their network.

SOLUTION

  • ESET Threat Intelligence proactively notifies security teams of the most recent targeted attacks and command and control (C&C) servers that have occurred elsewhere.
  • Threat intelligence provides TAXII feeds which can be connected to UTM devices to stop connectivity to or from malicious actors, thus preventing data leaks or damages.
  • Businesses input rules and mitigations to prevent the intrusion of malware into their organizations.

Protected by ESET since 2011.

Protected by ESET since 2008.

Canon logo

Protected by ESET since 2016.

T-com logo

ESET ISP security partner since 2008.

ESET proprietary early warning reports and feeds

Targeted malware report

Keeps the user informed about a potential attack that is under preparation or an ongoing attack aimed specifically against their organization. This report includes YARA rule strings, reputation information, similar binaries, file details, sandbox output and more.

Botnet activity report

Delivers regular and quantitative data about identified malware families and variants of botnet malware. The report provides actionable data that includes Command and Control (C&C) servers involved in botnet management, samples of botnets, global weekly statistics and a list of targets of this malware.

Forged SSL certificate report

Generated when ESET detects a newly released SSL certificate by a certificate authority which has a very similar asset as the one provided by the customer during initial setup. This may include details such as upcoming phishing campaigns that are attempting to leverage this certificate. The report provides key attributes of the certificate, YARA matches and certificate data.

Targeted phishing report

Shows data about all phishing email activities targeted for the selected organization. The report provides phishing campaign information including campaign size, number of clients, URL screenshots, preview of phishing email, location of servers and much more.

Automated sample analysis report

Creates a custom report based on the submitted file or hash, which provides valuable information for fact-based decisions and incident investigations.


Domain feed

Features domains which are considered malicious including domain name, IP address, detection of file downloaded from URL and detection of file which was trying to access the URL.

Malicious file feed

Features executables which are considered malicious and recognizes and shares information such as SHA1, MD5, SHA256, detection, size and file format.

Botnet feed

Features three types of feeds that check more than 1,000+ targets per day including information on the botnet itself, servers involved and their targets. Data provided include items such as detection, hash, last alive, files downloaded, IP addresses, protocols and targets.

Explore our customized solutions

Please leave us your contact details so we can design a personalized offer to fit your requirements.
No commitment.

Looking for additional solutions?

Related enterprise-grade solutions

ESET Targeted Attack Protection solution icon

ESET Targeted Attack Protection

  • Security Management Center
  • Endpoint Protection Platform
  • Cloud Sandbox Analysis
  • Endpoint Detection & Response

Stay on top of cybersecurity news

Brought to you by respected security researchers from ESET's 13 global R&D centers.

Corporate blog

Human Rights Day 2019 – The power of the internet

This Tuesday, 10 December, is Human Rights Day, marking the day on which the Universal Declaration of Human Rights was adopted by the United Nations in 1948. This year, the theme is ‘Youth Standing Up...

Dr. Paul Vixie scores Google 2 out of 2 points for doing DNS-over-HTTPS the right way

Last week, we spoke about the ongoing battle for internet privacy with the rollout of the new DNS-over-HTTPS (DoH) protocol. DoH encrypts the traffic between a browser and a DNS provider, ensuring...

Webinars

Cybersecurity Trends 2020: What's Coming & How to Prepare

Wednesday, Dec. 18, 2019

Get a head start with expert insights from the ESET research team, based on their upcoming 2020 cyber trends report.

The MITRE ATT&CK framework: Everything you need to know in under 60 minutes

Wednesday, Nov. 13, 2019

The ATT&CK framework is an ever-expanding knowledge base of threat tactics and techniques—based on real-world observations— that the global cybersecurity community...

We Live Security blog

Inside consumer perceptions of security and privacy in the connected home

The ESET survey polled 4,000 people to get a sense of their attitudes towards the privacy and security implications of smart home technology

Needles in a haystack: Picking unwanted UEFI components out of millions of samples

ESET experts describe how they trained a machine-learning model to recognize a handful of unwanted UEFI components within a flood of millions of harmless samples