Delivering Data Security and Testing Solutions

ThreatSTOP is About Taking Action

Is there a way to deliver security to customers that automated tedious processes and augmented the capabilities of companies with limited IT and Security staffing and resources?

This is especially true of threat intelligence. Conceptually, anyone could get access to any number of feeds, but few companies had the resources to curate the feeds and turn that data into machine readable enforcement policies. An even smaller percentage of organizations had the manpower to update all of their network devices with their updated policies (and even then, the threat was usually outdated). Worse still, there were no reporting tools that adequately captured the log data specific to blocked and redirected connections and visualized them in the way companies need. From this perfect storm of vulnerability came ThreatSTOP.

A Threat Intelligence Platform That Delivers

ThreatSTOP evolved into what is it today, a cloud-based automated threat intelligence platform that converts the latest threat data into enforcement policies, and automatically updates your firewalls, routers, DNS servers and endpoints to stop attacks before they become breaches.

The ThreatSTOP platform blocks unwanted traffic and attacks by preventing connections, both inbound and outbound, with threat actors. This approach enables ThreatSTOP to neutralize a broad range of threats and malware including ransomware, DDoS, Angler Kits, phishing and botnets.

Powerful Threat Intelligence DNA

ThreatSTOP leverages the company’s comprehensive and authoritative database of IP addresses, domains and the network infrastructure used in cyberattacks to develop best-in-class threat intelligence. Our world-class security team curates the latest threat information from more than 50 public and proprietary sources including trust groups and law enforcement, and dynamically updates your policy as the threat landscape changes.

Threat data collected is cross-correlated between sources to provide a high level of confidence in the threat data curated and ensures a high degree of accuracy to prevent false positives. Our threat data is further enhanced with a feedback loop from customer logs proving our security team with up-to-the-minute access to IOCs for new and emerging threats.

For the List of Data Sources please click here

We automate the process of operational intelligence

Even with all your existing security layers, threats are still getting into your network. While attackers are motivated and more sophisticated, your security products don't always integrate, resources are scarce and manual processes take too long. Our platform transforms 200+ threat feeds into actionable security policies to block real-time threats for your whole network. We built ThreatSTOP to make this possible for every organization.



Products that make up our platform


DNS Defense

  • Threats are continuously discovered by our security researchers, tracked by the 200+ authoritative threat intelligence sources we integrate into our platform, automatically shared as policy updates direct to your DNS firewall.
  • Attacks are prevented by neutralizing malware's ability to call home, eliminating data destruction or exfiltration that has bypassed existing network security layers.
  • Advanced reporting provides full visibility into blocked DNS queries and identifies infected machines, allowing for efficient and accurate remediation.

IP Defense

  • Automatically delivers the latest actionable threat intelligence to network firewalls, routers and switches based on user-defined policies.
  • Proactively blocks or redirects inbound malware, DDoS and other attacks, regardless of attack type or vulnerability. Renders your network invisible to scanners, so attackers move on.
  • Prevents data theft by stopping malware from "phoning home" to threat actors. Prevents activation of ransomware, such as Cryptowall and Cryptolocker.

Roaming Defense

  • Your security on the road: Takes our DNS Defense and delivers it to individual endpoints, providing the same security for your team when your laptop is off the corporate network. Essentially, putting a DNS firewall on your laptop. No relying on VPN or unknown wifi network security.

Check IOC Subscription

  • Rich Metadata and Passive DNS.
  • Our database of known malicious IPs has grown: 24 million indicators of compromise keep you safe.
  • Optional API Service available to automatically check for indicators of compromise.

Deploying ThreatSTOP

  1. Device integration is fast and easy.
  2. We work everywhere.
  3. Integrates with firewalls, routers, switches, DNS servers (and more) in less than one hour.
  4. Option to spin up a VM and start blocking threats: Pick your hypervisor and open source platform. Create a virtualized IP firewall, transparent bridge or DNS device running ThreatSTOP in minutes. 
  5. Protects Cloud workloads.

We're vendor neutral and comprehensive, with complimentary DNS and IP filtering. You have the ability to provision your devices and enterprise consistently, with multi-layered security.