Skip to main content

Kaspersky Threat Data Feeds

Access to constantly updated threat data feeds collected by Kaspersky and enriched with actionable context

Get in touch
Download Overview
Download Leaflet

Cyber threats are constantly growing in frequency and complexity. Cybercriminals use increasingly complicated intrusion kill chains, campaigns and customized Tactics, Techniques and Procedures (TTPs) to bypass security controls and disrupt your business. Kaspersky offers continuously updated Threat Data Feeds to detect malicious activity on your enterprise network. Threat Data feeds provide access to the structured information about threats and malicious infrastructures. Information is updated close to real time and can be easily integrated with different security controls. Kaspersky Threat Data Feeds allow security teams not only to detect threats, but to effectively prioritize incidents that require immediate remediation, by providing additional valuable context from multiple Kaspersky sources.

25+ out-of-the-box threat data feeds for different tasks

Threat data feeds created tailored to your organization's needs are available

Unique sources
Threat data feeds are aggregated from a number of highly reliable sources including Kaspersky ...
Data analysis
The incoming raw data is inspected and refined using multiple preprocessing techniques and...
Data quality
Filtering received data using the industry's most extensive database of legitimate files and URLs keeps...
Delivery speed
Threat data feeds are updated in near real-time, allowing you to detect threats before they have the ...
Easy integration
Popular data formats (JSON, OpenIoC, CSV, STIX) support the easy integration of threat data ...
Threat data feeds for industrial organizations
Founded in 2016, Kaspersky international center ICS CERT is a continuous source of unique data ...

Use cases

Enrich your SIEM with high quality IoCs with actionable context and reduce its workload

To monitor cybersecurity events and detect incidents, large organizations use SIEM systems that automatically search for indicators of compromise (IoCs).

Kaspersky provides data feeds with additional useful context to prioritize alerts on detected indicators of compromise IoCs and eliminate detected threats quickly and efficiently.

Our thorough analysis of IoCs ensures high quality data and minimal false positives. Fast delivery means you can detect near 0-day threats much earlier than they appear in OSINT, and even in other vendor sources.

Using Kaspersky Threat Data Feeds together with the Threat Intelligence platform Kaspersky CyberTrace significantly reduces SIEM workload. CyberTrace quickly matches incoming events with the threat data feeds and sends notifications on detected threats to the SIEM along with additional context.

Integrate high confidence deny lists into your network security controls

Next Generation Firewall is today’s first layer of perimeter defense for any corporate infrastructure. Inspecting traffic and filtering dangerous network connections is a basic step for any security policy.

Enrich your NGFWs with dynamically updated, high-trust IoC lists to automatically block the most common threats before they penetrate your infrastructure, and focus on protecting critical systems from the most sophisticated attacks.

Protecting the software development process from threats hidden in open source components

The majority of software developers include open source software packages in their development cycle, and often trust the integrity of such packages implicitly.

However, open source software frequently contains serious vulnerabilities and intentionally hidden threats – which can leave the products using these packages compromised and vulnerable to manipulation, including scarey supply chain attacks.

Incorporate Kaspersky Open Source Software Threats Data Feed into your DevSecOps processes to detect threats hidden inside the packages you use in a timely manner.

Out-of-the-box integrations

Integrate your security tools with Kaspersky Threat Intelligence using out-of-the-box connectors or our robust REST API

Related products

Kaspersky Unified Monitoring and Analysis Platform
Kaspersky Unified Monitoring and Analysis Platform
A next-generation SIEM solution for managing security data and events
Kaspersky CyberTrace
Kaspersky CyberTrace
A Threat Intelligence Platform significantly reducing SIEM workload through an additional layer of incoming data parsing and matching with threat intelligence data.

Need help to take the next step?

Contact a Kaspersky expert
Leave us your contact information and we’ll get in touch.
Connect with our partners
Ready to buy? Our partner in your region can take you through the next steps