Whether your goal is to protect your enterprise network from infections and data loss, shield your customers from harm, or incorporate awareness of malicious URLs into software or hardware, the LookingGlass Malicious URL Data Feed is a cost-effective, easy-to-implement solution that brings real-time awareness of dangerous programs spreading across the web. Rather than week- or month-old malware samples, the Malicious URL Data Feed is dynamically updated, showing the online locations where malicious programs originate: the websites infecting users’ machines right now. LookingGlass analysts identify the malicious pages being used to lure or engage users, the hosting points for the malicious code itself, and test malware against a large bank of anti-virus and honey pots to provide an accurate list of threats to systems and users.

Real-Time Delivery

Every hour a malicious website is accessible to your employees or customers is another hour that malware may infect your network, compromise your data, and impact your users. Real-time discovery, detection, and reporting are critical to maximizing the effectiveness of the data. The Malicious URL Data Feed is updated every five minutes, and LookingGlass uses many detection sources and methods, including spammed links, suspicious domain name registrations, phishing pages, “suspect email” streams from major webmail providers, and patented “invisible site seal” technology to ensure the fastest possible discovery of malicious new pages anywhere online.

99.9% Accuracy

LookingGlass link-checking and malware analysis engines have been continuously updated and re-trained for more than five years by using past findings to improve the system. Every database record includes documentation of malware behavior and activity, with key elements provided data feed metadata. This provides clear evidence of bad behavior for every URL you receive. With LookingGlass, you can trust you’re utilizing an intelligence feed that won’t take up precious resources with manual review or time-consuming verification.

Tailored To Meet Business Needs

The LookingGlass Malicious URL Data Feed is available in two versions depending on your business needs:

  • “Thin” version – Real-time data feed of URL-based threats and binary-URLs with full location data.  This version is best suited for perimeter devices, blocking or trending analysis/
  • “Thick” version – Includes real-time “thin version” data feed plus additional daily feed of details such as binary hashes, AV results, and hosting details.  This version is best suited for research, correlation with other cyber threat intelligence and various “big data” and analytics needs.

Easy Implementation

Available via Secure File Transfer Protocol (sFTP) or HTTPS web service, the feed is posted in an easy-to-use XML format. We provide sample files on request, two-week live trials for qualified prospects, and simple, concise implementation documents that have many customers up and running in less than a day.

Next Steps

  • Contact us for more information about LookingGlass Machine-Readable Threat Intelligence.