Man monitoring servers

Threat intelligence data updated every 60 seconds

The range, sophistication and severity of internet-borne security threats have increased significantly over the last decade. However, the mechanism by which computers connect and exchange information has not changed.

Ultimately, computers communicate IP to IP. This fact allows Spamhaus security researchers to trace communications between C&C server IP addresses and botnet nodes. Using passive DNS data, they can observe links between botnets and malware dropper domains, even where fast-flux is being employed to obscure individual IP addresses.

Spamhaus Technology offers Spamhaus’ near real-time threat intelligence in the form of response policy zones (RPZ); Border Gateway Protocol feeds (BGPf); Composite Block Lists (CBL); Exploits Block Lists (XBL); and passive DNS feeds used by security researchers.

Spamhaus Technology RPZs prevent DNS resolution to malware download sites, mitigate phishing risks and disrupt connections between infected devices and C&C servers and prevent data egress.

Using Spamhaus Technology BGPf, network managers can quickly and simply block communication with IPs involved in the most dangerous cybercrime and stop DDoS attacks in progress.

Spamhaus Technology CBL identifies single IP addresses that are part of botnet infrastructure; exhibit characteristics of open proxies; or are infected with botnet malware.

Spamhaus Technology XBL provides network managers and security managers with real-time data on devices on their networks that have been compromised and used for illegal third party exploits, enabling malware removal and remediation. XBL draws on Spamhaus’ real-time intelligence on spam sources and is the primary distribution zone for CBL data.

Spamhaus passive DNS is a resource for security researchers, enabling them to query the Spamhaus research data to identify new malware download sites, botnet C&Cs and DDoS sources and investigate and combat zero day threats, spamming and phishing campaigns.

Our constantly updated global data provide a rich source of threat intelligence on malicious domains and IP addresses that are the engines of global spam and cybercrime: providing you with another layer of defence to your networks.

Sign up for your 30 day trial

In addition to studying spamtraps, our global team of researchers compile data on domains that are in bad neighbourhoods; name server glue records and newly-registered domains.

They gather temporal data on the activity levels of recently-registered domains and newly-active IP addresses, to identify characteristic botnet, phishing and DDoS activity.

Protect yourself against threats

Discover why we’re the most trusted Mailfilter and Security solution with a 30 day free trial

Our customers

Many of the world’s largest internet service providers rely on Spamhaus threat intelligence to block harmful email traffic and protect their customers.

AOL Logo
Microsoft Logo
AT&T Logo
Comcast Logo
COX Logo
1∧1 Logo
Century Link Logo
 Mail RU Logo
Time Warner Cable Logo
Sonic Net Logo

With over 12 years experience, we are trusted experts

Get in touch

Latest News

PIPELINE Security partnership delivers advanced threat intelligence to Asia Pacific.

New partnership between Tokyo-based PIPELINE Security and Spamhaus Technology will bring faster, easier access to global cyber threat intelligence.

Read more

Virus Bulletin reviews the latest Spamhaus Botnet Threat Report

Independent researchers review the latest annual Spamhaus Botnet Threat Report.

Read more

Connect with Spamhaus Technology

Keep up to date with the latest news at Spamhaus Technology.