The continuing growth of botnets brings a new challenge for applications and systems — to ensure that the host you are transacting with really is ‘trustworthy’ and not compromised by malware.
Cyren’s IP Reputation Intelligence feed provides information on hosts discovered in the last 24 hours that are infected by malware and used as ‘zombies’ by botnets. Data describing bad IP addresses and types of malicious activities detected is provided by the Cyren GlobalView™ Threat Intelligence Cloud. This document describes the IP Reputation Intelligence feed and its data format.
The service delivers data from the GlobalView threat intelligence network regarding identified, recently active zombie host computers. IP addresses can be compared to the known “bad IP” records in the data, and if there is a match, accompanying data describes the types and frequency of malicious activity known to have originated from that host. Cyren’s partners use the IP Reputation Intelligence feed to:
- Prevent fraudulent activities
- Decrease bot user registration
- Hinder Dynamic Denial of Service (DDoS) attacks
- Supplement Advanced Persistent Threats (APT) detection