Cyber Threat Intelligence Feed API
Outperform Any Vendor or In-House Solution For Threat Detection
The IPQS threat intelligence API includes the latest threats and trends across a variety of industries and use cases. Consume advanced threat intel feeds with on-demand API lookups to enrich threat detection data and improve threat hunting in your favorite threat intelligence platform like SOAR, SIEM, or in-house solutions.
IPQS features unrivaled IP address reputation, URL scanning, domain reputation, and bot prevention with zero-day threat detection against sophisticated bad actors and cybercriminals including phishing, account takeover, & fraudulent activity.
IPQS Threat Intelligence Feed Activity
Botnet IP Addresses Tracked
High Risk IPs Blacklisted/Second
Abusive Data Center IPs
Enterprise Threat Intelligence Feeds
Tired of cyber threats slipping through your current threat intelligence solutions? Instantly expand your security team's cyberthreat awareness with industry leading detection rates for botnets, proxies, VPNs, and compromised devices. Scan IPs, email addresses, domains, and URLs to analyze threats and suspicious behavior.
Zero-day phishing and malware detection can secure your customers, employees, and data from advanced emerging threats. Accurately identify risky behavior even when fraudsters take sophisticated measures to evade security teams and stay under the radar.
Comprehensive Threat Detection Feeds Powered by IPQS
Confidently Score IP Addresses, Emails, URLs, and Domains
Leading IP Reputation
Flexible Detection Settings
Threat Detection API
Supplement your firewall blacklists and WAF blacklist rules with leading IP address proxy detection and over 10 years of threat detection technology, built for enterprise and the internet's most popular sites. IPQS uses a proprietary honeypot network featuring over 10,000 websites that feed threat signals to our risk scoring engines which enable greater insight to identify sophisticated threats for abusive behavior online.
In addition to scoring IP addresses, threat intelligence feeds can also scan malicious URLs to identify phishing, malware, parked domains, and much more. With zero-day detection, our machine learning algorithms can detect compromised websites and sophisticated phishing attacks.
On-Premise Threat Detection Database
Protect your network and company from cybersecurity threats without latency or negative impact on the user experience. Import our local threat databases directly into your WAF, firewall, or in-house solutions. This on-premise threat detection solution includes the same intelligence feed data from our API services without needing to share your company's data with our API endpoints.
Learn more about our other on-premise services like our proxy detection database, which features threat intelligence data such as high risk IP addresses that are active in botnets or have recently exhibited abusive behavior.
Stop Bots, DDOS Attacks, Spam, Phishing, Scraping, and Web Attacks
Stop advanced threats like credential stuffing, ATO, scraping, bots, chargebacks, and similar abuse. IPQS threat feeds are a comprehensive solution for any industry or region to efficiently prevent abusive users and bad actors. Access unique threat data sets such as advanced bot detection tools. IPQS threat intelligence feeds make it easy to mitigate complex cyber threats, even for persistent attackers. Connect to easy integrations for advanced threat enrichment in your favorite security tools.
Phishing Detection API
Enhance your SOC operations with IPQS threat intelligence analysis for URLs and domains with real-time phishing detection. Analyze URLs using our phishing and malware URL scanner API powered by our honeypot threat feeds. This endpoint can also identify threat actors, parked domains, compromised servers, malware, command and control (C2) networks, botnets, and similar suspicious behavior more. Our threat data is trusted by security analysts and senior security professionals across Fortune 500s and the internet's largest websites.
Easy Integration With Popular Firewalls, WAFs, & SOARs
Deploy the leading threat detection service in just a few minutes to popular SOAR platforms like Swimlane, Splunk, FireEye, PaloAlto XSOAR Cortex, CrowdStrike, ThreatQuotient, LogicHub, and ThreatConnect. 1-click deployment keeps your threat intelligence feeds up to date with the latest cyber threats and compromised IP addresses.
WAF rules and enterprise firewalls like F5, Barracuda, Citrix, Cisco, Akamai, Juniper Networks, Palo Alto, and Fortinet can also be quickly integrated with our proxy database feeds and threat reports to protect against the latest security threats. In addition to the firewalls listed here, IPQS can be integrated into any custom platform or third party threat intelligence platforms to enrich threat information.