At G DATA, we closely monitor current cyberthreats, such as malware campaigns, and link their behavior and derived indicators of compromise in our Threat Intelligence Platform. You can use it to search a graph via an API or interactively through a web UI, which correlates current and past threats. The data includes static analysis results, dynamic behavior, and network behavior, forming the most complete picture of a malware.
Our Malicious DNS list consists of regularly updated entries of malware domains that we have discovered. These include command-and-control servers as well as malicious-content delivery servers. This list can be used as a DNS blocklist or to compare with DNS queries in your own network enabling you to detect a compromise at an early stage through regular updates and quality assurance.
Use our File History API for deeper analyses in order to find out when and how often requested files are executed. In particular, the timestamps of the first and last execution are good clues to block suspicious files completely before further analysis.
The Problem: You manage the security of various enterprise networks; however, you do not have enough of data on current threat situations and indicators of compromise (IOC) at your own disposal.
The Solution: Our insights on current threats, IOCs, malware domains, and malware campaigns can be accessed via an API or web UI. Enrich your data with our information to get a holistic view of your customers’ threat situation and create seamless blocklists.
Recommendation: Malicious DNS List, Sample Exchange