INTEGRATIONS AND FORMATS
Threat Intelligence That Fits Everywhere
Seamless Integration
Malware Patrol offers machine-readable threat intelligence (MRTI) in formats that work with many of the industry’s most popular cyber security tools and platforms. This way, companies can protect themselves using our reliable, historically rich data without needing additional resources to do so.
Our indicators of compromise include malware URLs, command & control servers, DGAs, phishing, newly registered domains, sites using crypto-mining scripts, and more. Learn more about our commercial data feeds here.
If we don’t have the format or integration you’re looking for, contact us. We offer free feed customization for Enterprise customers and will gladly consider working with your SIEM, SOAR, TIP, or other service provider to make sure our data is integrated with their platform.
Check out our current integrations and formats below. We also have threat intelligence feed integration configuration guides available.
How big are your threat data gaps?
See for yourself.
Integration Details
Cisco Firepower 1000 Series next-generation firewalls protect small to mid-size businesses, branch offices, and the distributed enterprise with performance, ease of use, and deep visibility and control to detect and stop threats fast.
Integration Details
“To make the very best threat intelligence actionable and available for every enterprise defender.” threatER is an autonomous cyber intelligence and defense company that brings the power of cyber intelligence and cyber defense to global organizations. Malware Patrol has two subscription offerings available on the threatER Marketplace: Malware Patrol Essentials and Malware Patrol Enterprise.
Integration Details
Fortinet empowers its customers with intelligent, seamless protection across the expanding attack surface and the power to take on ever-increasing performance requirements of the borderless network – today and into the future. More than 300,000 customers worldwide trust Fortinet to protect their businesses.
Integration Details
No matter how big you are, public or private, and in what industries or sectors you do business, the array of pfSense® services can help you reach your security needs. Configuration guide available.
Integration Details
The MISP threat sharing platform is a free and open-source software helping information sharing of threat intelligence including cyber security indicators. We offer two options for MISP:
1) Sync your instance with ours
2) Download MISP-formatted feeds.
Integration Details
ClamAV® is an open-source antivirus engine for detecting trojans, viruses, malware & other malicious threats. Configuration guide available for using our feeds with the OpenSource AntiVirus solution.
Integration Details
MikroTik develops and sells wired and wireless network routers, network switches, access points, as well as operating systems and auxiliary software. Their RouterOS has a very powerful firewall implementation.
Malware Patrol offers three feeds formatted for MikroTik devices. Combined, these feeds provide protection against a wide range of threats from active, malicious campaigns.
Integration Details
ThreatQuotient™s Open Exchange provides the largest and most adaptable set of integrations in the industry. Logged in customers can find more details about the integration with Malware Patrol in the ThreatQ marketplace.
Integration Details
Now security organizations can leverage MineMeld, an open-source application that streamlines the aggregation, enforcement, and sharing of threat intelligence. MineMeld is available for all users directly on GitHub, as well as pre-built virtual machines (VMs) for easy deployment.
Integration Details
Integrating Malware Patrol’s data into a powerful security tool such as Palo Alto’s world-class firewall increases its effectiveness. The specialized insights from our threat intelligence bolster the firewall’s defenses, providing broader coverage, improved threat detection, and proactive prevention.
Integration Details
Anomali users can find Malware Patrol in the APP Store or, when logged in, the ThreatStream store. We offer a special Malicious Campaigns data feed for Anomali customers that contain a combination of unique, high confidence indicators – URLs, hashes, IPs, and C2s – related to the latest malicious campaigns.
Integration Details
Squid offers a rich access control, authorization and logging environment to develop web proxy and content serving applications. Squid offers a rich set of traffic optimization options, most of which are enabled by default for simpler installation and high performance.
Integration Details
SquidGuard is a URL redirector used to use blacklists with the proxysoftware Squid. There are two big advantages to squidguard: it is fast and it is free. SquidGuard is published under GNU Public License.
Integration Details
Suricata is the leading independent open source threat detection engine. By combining intrusion detection (IDS), intrusion prevention (IPS), network security monitoring (NSM), and PCAP processing, Suricata can quickly identify, stop, and assess the most sophisticated attacks.