(Open-Source Threat Intelligence)
Helping our clients accelerate and simplify the implementation of open-source threat intelligence data.

Data and information that is freely available to the public are used to generate open source intelligence. It is not limited to what can be found using Google and is an important component of a company's digital security toolbox.

Information overload and alert fatigue are real issues that can cause security teams to miss important issues. Furthermore, organizations must devote additional time and effort to vetting open source data and identifying false positives and false negatives.

The term "Indicators of Compromise" (IOC) refers to information that describes or identifies the following:


Malicious reconnaissance, which includes unusual communication patterns that appear to be sent with the goal of acquiring technical knowledge about a cybersecurity danger or weakness.


A method for circumventing a security control or exploiting a security flaw.


A security vulnerability, as well as unusual conduct that appears to suggest the presence of such a vulnerability.


A way of inadvertently allowing the defeat of a security control or the exploitation of a security vulnerability by a user with legitimate access to an information system or information stored on, processed by, or traversing an information system.


Cyber command and control that is malicious.


The actual or potential damage caused by an incident, including a description of the data stolen as a result of a specific cybersecurity breach.


Any other component of a cybersecurity threat.

Any of these indicators of compromise (IOC's) can be used to stop cyber criminals from stealing your data, causing damage to your systems and IT infrastructure, or damaging your systems with ransomware. Using a Threat Intelligence platform or downloading and filtering these indications for your own usage can give your organization with additional insights and security protection.

Osint Sources


If "Upload files" is selected, then files are uploaded to VirusTotal for scanning otherwise the MD5, SHA-1 and SHA-256 hashes are sent.
DNS name
DNS name
IP addresses
malware (MD5, SHA-1, SHA-256)
API key

Built for ISP, Telcom, and service providers

Learn how to build new security services to protect your consumers and business users