inSite is available to all NetSTAR partners as a threat feed

San Mateo, April 9 – NetSTAR, a global leader in URL, domain, and IP address categorization and security for the OEM market, has enhanced its internet threat intelligence solution within its internet categorization portfolio: inSITE Threat Intelligence. The inSITE solution allows a partner to submit a URL or IP address and receive NetSTAR’s most current threat intelligence for that entry. We scan/crawl over 36 billion URLs and IPs and then use over 60 malware processing engines, sandboxes, honeypots, our own globally-distributed human intelligence teams, and strategic partnerships with leading internet security players to develop timely and accurate threat intelligence. Partners identify threats through the inSITE solution to strengthen policy enforcement, secure endpoints, and protect networks.

NetSTAR threat intelligence will include some or all of the following, depending on the URL or IP address:

Domain IP Category Head content
Host Country Risk score Server status code
Path Geolocation In top 1M (y/n) CNAME
Date first seen ASN Malware association Name server
Date last seen URL raw Botnet association Mail server
Number of updates URL redirect Phish information IPv4
Traffic source Site platform Language IPv6

 

In addition to returning the NetSTAR proprietary category of the URL or IP, we also return a NetSTAR security category. NetSTAR’s security categories are:

Malware Botnet
Mobile malware Bot phone home
Infected site C&C servers
Spam Spyware
Phishing site Keyloggers
Cryptomining Remote proxies
Hacking/cracking CPU/resource abuse

 

The inSITE solution is available to OEM partners via two distinct deployment models. Partners can ingest an active threat list via a data feed, which is updated every five minutes. Partners can also make API calls to a historical threat database that includes a longitudinal view of threat histories. inSITE is available to NetSTAR OEM partners now.