UltraThreat Feeds for Threat Detection
Are you detecting threats where they originate?
Every connected enterprise works to prevent the nightmare of a data breach or compromised network. That requires an active threat detection program to find threats in your network, systems or applications before they can be exploited in an attack.
Even better: Detecting threats on the Internet, where they originate.
That’s the advantage you gain with Neustar UltraThreat Feeds for threat detection. They expand the scope of your threat detection program to the global sweep of the Internet.
Data for these feeds is drawn from the DNS exhaust of our globally distributed network of authoritative and recursive DNS service sites that together process more than 100 billion lookups every day. This data is analyzed using machine learning powered by artificial intelligence to create focused data feeds that enable your team to detect and neutralize rapidly evolving threats before they can inflict serious damage.
Zeroes in on active lookups of known DGA domains as well as patterns in traffic indicative of new DGAs at work, including:
Identifies suspicious queries and responses in traffic that are suggestive of DNS tunneling attempts. The feed is comprised of information about each suspicious query or response, including a time stamp and the second level domain associated with it.