Skip to content

Hide Navigation Hide TOC

Edit

Producer

List of threat intelligence producer from security vendors to CERTs including any producer of intelligence at large.

Authors
Authors and/or Contributors
Various

Intel471

Intel 471 provides adversary and malware intelligence for leading security teams. Our adversary intelligence is focused on infiltrating access to closed sources where threat actors collaborate, communicate and plan cyber attacks. Our malware intelligence leverages our adversary intelligence and underground capabilities to provide timely data and context on malicious infrastructure.

Synonyms

"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Intel471.

Known Synonyms
Intel 471
Intel 471 Inc.
Internal MISP references

UUID 306bc923-3200-47e3-ade9-50ffc41f668c which can be used as unique global reference for Intel471 in MISP communities and other software using the MISP galaxy

External references
Associated metadata
Metadata key Value
company-type ['Cyber Security Vendor']
country US
official-refs ['https://intel471.com/']
product-type ['intelligence-feed-provider']
products ['Malware Intelligence', 'Vulnerability Intelligence']

Sophos

Sophos Ltd. is a British-based security software and hardware company. It was listed on the London Stock Exchange until it was acquired by Thoma Bravo in February 2020

Synonyms

"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Sophos.

Known Synonyms
Sophos LTD
Internal MISP references

UUID 455b9e40-e8dd-443b-87b3-c70bd09b4231 which can be used as unique global reference for Sophos in MISP communities and other software using the MISP galaxy

External references
Associated metadata
Metadata key Value
company-type ['Cyber Security Vendor']
country UK
official-refs ['https://www.sophos.com/']
product-type ['antivirus-vendor']
products ['Endpoint']

Group-IB

Group-IB is a creator of cybersecurity technologies to investigate, prevent and fight digital crime

Internal MISP references

UUID 21afba9e-cd2a-45c9-b421-b1f14fd181e9 which can be used as unique global reference for Group-IB in MISP communities and other software using the MISP galaxy

External references
Associated metadata
Metadata key Value
company-type ['Cyber Security Vendor']
official-refs ['https://www.group-ib.com/']
product-type ['Threat Intelligence', 'Attack Surface Management', 'Fraud Protection', 'Digital Risk Protection', 'Managed XDR', 'Business Email Protection']
products ['Unified Risk Platform']

Mandiant

Mandiant is an American cybersecurity firm and a subsidiary of Google.

Internal MISP references

UUID da5cdcd1-7b15-4371-b7eb-ca32916d2052 which can be used as unique global reference for Mandiant in MISP communities and other software using the MISP galaxy

External references
Associated metadata
Metadata key Value
company-type ['Information security']
country US
official-refs ['https://www.mandiant.com/']
product-type ['Proactive Exposure Management', 'Government', 'Digital Risk Protection', ' Ransomware Protection']
products ['OpenIOC']

Spycloud

Thread intelligence provider focusing on data leaks

Internal MISP references

UUID ad99da77-986b-45bc-a7b0-c1887dd55b59 which can be used as unique global reference for Spycloud in MISP communities and other software using the MISP galaxy

Associated metadata
Metadata key Value
country US
official-refs ['https://spycloud.com']
product-type ['Post-Infection Remediation', 'Ransomware Prevention', 'Automated ATO Prevention', 'Session Hijacking Prevention', 'Threat Actor Attribution', 'Fraud Prevention']

Domaintools

DomainTools is a leading provider of Whois and other DNS profile data for threat intelligence enrichment.

Internal MISP references

UUID 993c6a36-b625-4a1f-8737-72ba5a197744 which can be used as unique global reference for Domaintools in MISP communities and other software using the MISP galaxy

External references
Associated metadata
Metadata key Value
company-type ['Threat Intelligence']
country US
official-refs ['https://www.domaintools.com/']
products ['Iris Intelligence Platform', 'Farsight DNSDB', 'Threat Intelligence Feeds']

Feedly

Feedly is an AI-powered news aggregator application for various web browsers and mobile devices running iOS and Android. It is also available as a cloud-based service.

Internal MISP references

UUID 4e7c737a-4912-488a-8571-1f9226ebad05 which can be used as unique global reference for Feedly in MISP communities and other software using the MISP galaxy

External references
Associated metadata
Metadata key Value
official-refs ['https://feedly.com/homepage']
product-type ['Threat Intelligence']

Networksdb.io

Database of public networks, IP addresses and domain names owned by companies and organisations worldwide.

Internal MISP references

UUID 17fec4c4-3822-4198-9735-cee04aa51305 which can be used as unique global reference for Networksdb.io in MISP communities and other software using the MISP galaxy

External references
Associated metadata
Metadata key Value
official-refs ['https://networksdb.io/']

Censys

Compagny providing comprehensive dataset of internet intelligence

Internal MISP references

UUID 101ca178-12c8-4488-b234-93f263e30b1a which can be used as unique global reference for Censys in MISP communities and other software using the MISP galaxy

Associated metadata
Metadata key Value
country US
official-refs ['https://censys.com/', 'https://censys.io/']
products ['Censys Search', 'Exposure Management', 'The Censys Internet Map', 'Integrations']

DomainIQ

DomainIQ is an internet research tool providing information about a domain name, its owner, the server it's hosted on, its ownership history, similar domains and more.

Internal MISP references

UUID 3f79697b-63d8-4c86-aabf-84df1f03c43d which can be used as unique global reference for DomainIQ in MISP communities and other software using the MISP galaxy

Associated metadata
Metadata key Value
country US
official-refs ['https://www.domainiq.com']

Arctic

Computer and Network Security

Synonyms

"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Arctic.

Known Synonyms
Arctic Security
Internal MISP references

UUID 542f8890-128b-42ca-97f9-8fe2af7ab783 which can be used as unique global reference for Arctic in MISP communities and other software using the MISP galaxy

Associated metadata
Metadata key Value
company-type ['Computer and Network Security']
country FI
official-refs ['https://www.arcticsecurity.com/']

Bitsight

BitSight is a cybersecurity ratings company that analyzes companies, government agencies, and educational institutions.

Internal MISP references

UUID 1e98d9ac-0ef1-4046-bf9f-7c905a56ba90 which can be used as unique global reference for Bitsight in MISP communities and other software using the MISP galaxy

Associated metadata
Metadata key Value
country US
official-refs ['https://www.bitsight.com']

RiskIQ

RiskIQ, Inc. is a cyber security company that was based in San Francisco, California. It provided cloud-based software as a service (SaaS) for organizations to detect phishing, fraud, malware, and other online security threats. RiskIQ was acquired by Microsoft in July 2021.

Internal MISP references

UUID 9f279581-5514-42cd-8011-05af9787ee37 which can be used as unique global reference for RiskIQ in MISP communities and other software using the MISP galaxy

External references
Associated metadata
Metadata key Value
company-type ['Cyber Security company']
country US
official-refs ['https://community.riskiq.com/']
product-type ['Threat detection']

Sweepatic

Sweepatic is a cybersecurity company

Internal MISP references

UUID c9bd796a-8b73-42ab-8abe-0016292f5528 which can be used as unique global reference for Sweepatic in MISP communities and other software using the MISP galaxy

Associated metadata
Metadata key Value
company-type ['Cyber Security vendor']
country BE
official-refs ['https://www.sweepatic.com']
product-type ['EASM platform']

Team Cymru

Team Cymru is an internet security firm that offers research services making the internet a more secure place.

Internal MISP references

UUID 8a22c0b2-d05f-4142-ab74-ffdf38fe4758 which can be used as unique global reference for Team Cymru in MISP communities and other software using the MISP galaxy

Associated metadata
Metadata key Value
company-type ['Cyber Security vendor']
country US
official-refs ['https://www.team-cymru.com/']
product-type ['Threat Intelligence Solutions', 'Attack Surface Management Solution', 'Threat Feeds']
products ['Pure Signal™ Recon', 'Pure Signal™ Scout', 'Pure Signal™ Orbit', 'IP Reputation Feed', 'Controller Feed', 'Botnet Analysis & Reporting']

G DATA

G Data CyberDefense AG (until September 2019 G Data Software AG) is a German software company that focuses on computer security.

Synonyms

"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular G DATA.

Known Synonyms
G Data CyberDefense AG
G Data Software AG
GDATA
Internal MISP references

UUID 2b69f676-c875-4000-8350-5f162e69d908 which can be used as unique global reference for G DATA in MISP communities and other software using the MISP galaxy

External references
Associated metadata
Metadata key Value
company-type ['Computer software']
country DE
official-refs ['https://www.gdata-software.com', 'https://www.gdatasoftware.co.uk']
product-type ['Antivirus software', 'Mobile Device Management']
products ['AntiVirus', 'InternetSecurity', 'TotalSecurity', 'AntiVirus for Mac', 'AntiVirus Business', 'AntiVirus Enterprise', 'ClientSecurity Business', 'ClientSecurity Enterprise', 'EndpointProtection Business', 'EndpointProtection Enterprise', 'MailSecurity', 'PatchManagement', 'Mobile Security', 'VPN']

Sekoia

Sekoia.io is a European cybersecurity SAAS company, whose mission is to develop the best protection capabilities against cyber attacks.

Internal MISP references

UUID 6c9ef130-7cf6-4eeb-9e65-46228fc5e30c which can be used as unique global reference for Sekoia in MISP communities and other software using the MISP galaxy

Associated metadata
Metadata key Value
company-type ['Cyber Security Vendor']
country FR
official-refs ['https://www.sekoia.io']
product-type ['eXtended Detection and Response SaaS platform']
products ['SIEM RELOADED

Excellium

Excellium Services Group is a cyber-security consulting and technology Integration Company established since 2012 in Luxemburg and Belgium, with activities and in France and Africa.

Internal MISP references

UUID 73ae2776-3700-4120-84ae-7e9785e6071b which can be used as unique global reference for Excellium in MISP communities and other software using the MISP galaxy

Associated metadata
Metadata key Value
company-type ['Cyber-security consulting and technology Integration Company', 'CSIRT']
country LU
official-refs ['https://excellium-services.com']
product-type ['CERT-XLM', 'SOC', 'GDPR Services', 'Information Security Governance', 'Intrusion Tests – Red Team (Application Security Team)', 'Network & Security Infrastructure', 'Training']
products ['EyeGuard', 'EyeTools', 'EyeDeep', 'EyeTLD', 'EyeNotify']

Telindus

Telindus is a brand of Proximus Luxembourg SA. Founded in 1979, Telindus Luxembourg accompanies all organizations in their digital transformation, by providing holistic ICT & Telecommunication solutions, as well as tailored support services. Our areas of expertise include Telecommunication Services, ICT Infrastructure, Multi-Cloud, Digital Trust Solutions, Cybersecurity, Business Applications, Managed Services and Training.

Internal MISP references

UUID 4155eec3-fae2-4e80-a9a6-89b0f976851a which can be used as unique global reference for Telindus in MISP communities and other software using the MISP galaxy

Associated metadata
Metadata key Value
company-type ['Service Provider']
country LU
official-refs ['https://www.telindus.lu/en']
product-type ['Ethical Hacking', 'Infrastructure Security', 'Managed Security Services', 'Protection, Detection and Orchestration', 'Security Operations Center', 'Strategy, risk, management and advice', 'ICT solutions', 'Telecoms', 'Cloud']

BleepingComputer

Bleeping Computer is a website covering technology news and offering free computer help via its forums that was created by Lawrence Abrams in 2004. It publishes news focusing heavily on cybersecurity, but also covers other topics including computer software, computer hardware, operating system and general technology.

Internal MISP references

UUID ec3fb9b0-4f24-4099-ad48-3e8f68e88275 which can be used as unique global reference for BleepingComputer in MISP communities and other software using the MISP galaxy

External references
Associated metadata
Metadata key Value
company-type ['Technology news and computer help']
country US
official-refs ['https://www.bleepingcomputer.com/']
product-type ['Security and Technology Blog Posts']

Cisco Talos Intelligence Group

Synonyms

"synonyms" in the meta part typically refer to alternate names or labels that are associated with a particular Cisco Talos Intelligence Group.

Known Synonyms
Cisco Talos
Internal MISP references

UUID 0adf6f0f-3795-4de1-9763-1bdd1c31a5d7 which can be used as unique global reference for Cisco Talos Intelligence Group in MISP communities and other software using the MISP galaxy

External references
Associated metadata
Metadata key Value
country US

Europol

Headquartered in The Hague, the Netherlands, Europol’s mission is to support its Member States in preventing and combating all forms of serious international and organised crime, cybercrime and terrorism. Europol also works with many non-EU partner states and international organisations.

Internal MISP references

UUID f6eae887-7ee4-4999-a909-5eef291c40cc which can be used as unique global reference for Europol in MISP communities and other software using the MISP galaxy

Associated metadata
Metadata key Value
country NL
official-refs ['https://www.europol.europa.eu/']