inSite is available to all NetSTAR partners as a threat feed
San Mateo, April 9 – NetSTAR, a global leader in URL, domain, and IP address categorization and security for the OEM market, has enhanced its internet threat intelligence solution within its internet categorization portfolio: inSITE Threat Intelligence. The inSITE solution allows a partner to submit a URL or IP address and receive NetSTAR’s most current threat intelligence for that entry. We scan/crawl over 36 billion URLs and IPs and then use over 60 malware processing engines, sandboxes, honeypots, our own globally-distributed human intelligence teams, and strategic partnerships with leading internet security players to develop timely and accurate threat intelligence. Partners identify threats through the inSITE solution to strengthen policy enforcement, secure endpoints, and protect networks.
NetSTAR threat intelligence will include some or all of the following, depending on the URL or IP address:
|Host||Country||Risk score||Server status code|
|Path||Geolocation||In top 1M (y/n)||CNAME|
|Date first seen||ASN||Malware association||Name server|
|Date last seen||URL raw||Botnet association||Mail server|
|Number of updates||URL redirect||Phish information||IPv4|
|Traffic source||Site platform||Language||IPv6|
In addition to returning the NetSTAR proprietary category of the URL or IP, we also return a NetSTAR security category. NetSTAR’s security categories are:
|Mobile malware||Bot phone home|
|Infected site||C&C servers|
The inSITE solution is available to OEM partners via two distinct deployment models. Partners can ingest an active threat list via a data feed, which is updated every five minutes. Partners can also make API calls to a historical threat database that includes a longitudinal view of threat histories. inSITE is available to NetSTAR OEM partners now.