Cyber Threat Intelligence Feed API
Outperform Any Vendor or In-House Solution For Threat Detection
The IPQS threat intelligence API includes the latest threats and trends across a variety of industries and use cases. Consume advanced threat intel feeds with on-demand API lookups to enrich threat detection data and improve threat hunting in your favorite threat intelligence platform like SOAR, SIEM, or in-house solutions.
Enterprise Threat Intelligence Feeds
Tired of threats slipping through your current solution? Instantly expand your security team's cyberthreat awareness with industry leading detection rates for botnets, proxies, VPNs, and compromised devices. Scan IPs, email addresses, domains, and URLs to analyze threats and suspicious behavior.
Zero-day phishing and malware detection can secure your customers, employees, and data from advanced threats. Accurately identify risky behavior even when fraudsters take sophisticated measures to stay under the radar.
Comprehensive Threat Detection Feeds Powered by IPQS
Confidently Score IP Addresses, Emails, URLs, and Domains
Leading IP Reputation
Flexible Detection Settings
Threat Detection API
Supplement your firewall blacklists and WAF blacklist rules with leading proxy detection and over 10 years of threat detection technology, built for enterprise and the internet's most popular sites. IPQS uses a proprietary honeypot network featuring over 10,000 websites to enable greater insight than any provider into abusive behavior online.
In addition to scoring IP addresses, threat intelligence feeds can also scan malicious URLs to identify phishing, malware, parked domains, and much more. With zero-day detection, our machine learning algorithms can detect compromised websites and sophisticated phishing attacks.
On-Premise Threat Detection Database
Protect your network and company from threats without latency or negative impact on the user experience. Import our local threat databases directly into your WAF, firewall, or in-house solutions. This on-premise threat detection solution includes the same data from our API feeds without needing to share your company's data with our API endpoints.
Learn more about our other on-premise services like our proxy detection database, which features high risk IP addresses that are active in botnets or have recently exhibited abusive behavior.
Stop Bots, DDOS Attacks, Spam, Phishing, Scraping, and Web Attacks
Stop advanced threats like credential stuffing, ATO, scraping, bots, chargebacks, and similar abuse. IPQS threat feeds are a comprehensive solution for any industry or region to efficiently prevent abusive users and bad actors. IPQS threat intelligence feeds make it easy to mitigate complex threats, even for persistent attackers. Connect to easy integrations for advanced threat enrichment.
Phishing Detection API
Enhance your SOC operations with IPQS threat intelligence analysis for URLs and domains with real-time phishing detection. Analyze URLs using our phishing and malware URL scanner API powered by our honeypot threat feeds. This endpoint can also identify parked domains, compromised servers, malware, command and control (C2) networks, botnets, and similar suspicious behavior more.
Easy Integration With Popular Firewalls, WAFs, & SOARs
Deploy the leading threat detection service in just a few minutes to popular SOAR platforms like Swimlane, Splunk, FireEye, PaloAlto XSOAR Cortex, CrowdStrike, ThreatQuotient, LogicHub, and ThreatConnect. 1-click deployment keeps your threat intelligence feeds up to date with the latest cyber threats and compromised IP addresses.
WAF rules and enterprise firewalls like F5, Barracuda, Citrix, Cisco, Akamai, Juniper Networks, Palo Alto, and Fortinet can also be quickly integrated with our proxy database feeds for the latest threat intelligence. In addition to the firewalls listed here, IPQS can be integrated into any custom platform or third party platform.