Threat Intelligence Feeds

Over 4 Billion Data Intelligence points with attribution and breach source data are stored and searchable for actionable orchestration.

Make your threat feed unique.

The Threat Intelligence Feeds available through Massive are not limited by the scope above. Complete API customization is available for uniquely required data sets and attribution. Each feed module can be complemented with segments of other feeds based on your requirements.

Botnet Intelligence Feed

Unlike traditional Botnet Feeds which provide signature data relating to botnets for blocking, Resecurity distributes raw data on the botnets’ data feed itself. Terabytes of information, actively streaming from compromised locations can now be cross-indexed to determine if your digital infrastructure is being actively siphoned of information.

Covering countless malware families including the most notorious you can be alerted of an exposed employee or machine by seeing your data through the threat actor’s eyes.

Infected / Vulnerable Host Feeds

This dataset includes hundreds of millions of active and historical IP addresses, domains and summary information on the infected or vulnerable host, as well as the detected malware or vulnerability, C2 communication time stamps and other attribution fields.

Compromised Credentials Feed

The compromised credentials feeds within Resecurity is a uniquely sourced repository of billions of company and personal accounts. The compromised emails are uniquely scored with risk levels assigned to each property based on our proprietary threat algorithm.

  • PII & SPI
  • Email Addresses
  • Names
  • IPs
  • Time stamps
  • TTP used
  • Breach summary
  • Operator input

Threat Actor Profiles

Access to a growing threat actor list in the millions. Cyber attackers come in all shapes, sizes and capabilities. These unique feed includes detailed activity monitoring to segregate low-risk threat actors from advanced persistent threat actors (APTs). Get access to nation and state actors, exploit traders and black market merchants. Under stand their tools and trade and evaluate critical risk with detailed profiling and attribution.

E-Crime Feeds

The Dark Web feed can be established through the API to monitor exact signature criteria. With hundreds of millions of full context entries and imagery pulled from OSINT and Dark web locations.

  • OSINT social and public forums
  • ToR
  • IP2
  • Telegram
  • Black Markets
  • Security event logs

IOC Feeds & Library

The IOC feeds gives indicator of compromised information from public sources as well as Massive’s operative collection and cross-platform attribution.

  • Time stamps & Activity Graphs
  • MD5s / SHA256
  • IOC Attribution
  • Antivirus name directory
  • File identification
  • VirusTotal Meta
  • Exiftool File Meta

Global Security Event Feed

Operator published global security event feed with detailed descriptions and timeline for APTs, Malware, Ransomeware and Vulnerabilities.

  • Incident Summary & References
  • Threat Actor attribution
  • Associated Dark Web Events
  • Meta Data