The security incident response team now has an additional input to operations, with all the information needed to quarantine and re-mediate an infected server.
The third-party risk management team now has a powerful tool to enhance activities such as physical inspections and periodic surveys, using the feed to identify new infections among partners and suppliers.
The threat intelligence team can use the feed to bring actionable recommendations to situational reviews based on analyses such as understanding the size of specific botnets, regions or countries where new infections are active, and targets such as industry peers.
Our global botnet monitoring system, based on a worldwide sinkhole network, catches infections that your security infrastructure fails to detect. Its accuracy is assured by analyzing malware command and control (C2) communications and applying false-positive detection algorithms on newly identified infections to ensure that only new infections are recorded. The Infection Records Data Feed provides a convenient, additional layer of security.
The following IT security teams use the Infection Records Data Feed: