Let's Face It:
Your desktop antivirus software is known to be ineffective for zero-day attacks. Even with daily updates, your antivirus vendor might lack sufficient global reach to find the newest and most sophisticated infections. And, in spite of antivirus, firewalls, and proxies, LookingGlass research indicates that that devices everywhere, from private individuals’ computers to governments, have active infections. The LookingGlass global botnet monitoring system, based on a worldwide sinkhole network, catches infections that your security infrastructure fails to detect. Its accuracy is assured by analyzing malware command and control (C2) communications and applying false-positive detection algorithms on newly identified infections to ensure that only new infections are recorded. The Cyveillance Infection Records Data Feed provides a convenient, additional layer of security.

Cyveillance Infection Records Data Feed Use Cases
The following IT security teams use the Cyveillance Infection Records Data Feed:

  • The security incident response team now has an additional input to operations, with all the information needed to quarantine and remediate an infected server.
  • The third-party risk management team now has a powerful tool to enhance activities such as physical inspections and periodic surveys, using the feed to identify new infections among partners and suppliers.
  • The threat intelligence team can use the feed to bring actionable recommendations to situational reviews based on analyses such as understanding the size of specific botnets, regions or countries where new infections are active, and targets such as industry peers.


  • The Cyveillance Infection Records Data Feed is delivered in OpenTPX format.
  • Purchasers of the Infection Records Data Feed gain access to the Infections Record Portal along with several analysis tools. Learn more.

Next Steps

  • Visit the Virus Tracker
  • Contact us for more information about LookingGlass Cyveillance Machine-Readable Threat Intelligence.