Best Threat Intelligence Platforms for JSON

IP Threat Intel provides real-time threat information that helps security teams reduce alert overload and accelerate triage on TIPs, SOAR & SIEM platforms. Available as an API to your SIEM/SOAR/TIP, or as a database on-premise for the most demanding workloads. The feed provides detailed data on IP addresses observed over the past 30 days including ports targeted by IPs. It is updated every 60 minutes to reflect the current threat environment. Each IP entry contains context on the volume of events over the last 30 days, as well as the most recent detection made by ELLIO’s deception network. This list includes all IP addresses observed in the past 24 hours. Each IP entry contains tags and comments that provide context about the targeted regions, the connection volume and the last IP observed by ELLIO’s deception network. It is updated every 5 minutes to ensure you have the latest information for your investigation.

Cavalier is built on forensic technologies, operational know-how and the IDF 8200 Unit's counter-national adversaries and professional threats actors. It is a unique source of cybercrime intelligence data based on millions of compromised machines in global malware-spreading campaign. Our high-fidelity data comes directly from threat actors, and is updated monthly with hundreds of thousand of new compromised computers. Cavalier’s high-fidelity data provides unprecedented detail on threats, including ransomware and business espionage. It also protects employees, customers, partners, and digital assets. Hackers can use the sessions of existing victims by importing cookies and bypassing security measures. Hackers use the URLs accessed by victims, their login credentials and plaintext passwords to hack into employee or user accounts.