What is IntelliGO Threat Intelligence?
Our MDR Center uses millions of data points to classify IPs, DNS and File Hash information that we use in our sensors and in your firewalls to block malicious hosts or threats before they become a problem.
Our feed is used to automatically block malicious activity on and off the network with our network sensors.
Frequently Asked Questions
Where do you get your feeds from?
The feeds are a collection of open source, partner technology feeds such as IBM and Palo Alto Networks, and data automatically derived from IPS/AV logs collected by all our customers.
Can the feed be used in my firewall?
Some firewalls such as Palo Alto Networks can accept dynamic lists which digest these feeds. Many firewalls limit the number of records and so we tend to translate our lists into smaller (25,000 IP/DNS or Hash) chunks.
How do I know the feed is blocking?
The feed will work similar to a firewall rule. Blocking gives our MDR center the opportunity to investigate and quarantine hosts to discover if they have been compromised.