World Crime Feeds​ (WCF)

Real time, online and scalable Threat Intel platform| Offered via: Online API Service
work-single-image

World Crime Feeds - OneFirewall WCF

World Crime Feeds (WCF) contains real time data for cyber-attacks across the globe. WCF is powered using the following four main sources:

  1. Cyber-attacks feeds from Alliance Members Submissions
  2. Open Source Threat Feeds (Emerging threats, AlienVault, etc…)
  3. Security Partners and Paid services (Kaspersky Labs, etc…)
  4. OneEye Forecast (offered only to enterprise customers)

WCF indexes are currently: 1.5 million IPv4 Networks 600 million single IPv4 address (~7% of the total internet)

As the IPs are fluid during the span of the time and cyber actors constantly change network and location, OneFirewall developed a propriety algorithm to decline the importance of these events during the time. From the current Data Base the total IPs that are blocked from customers are ~511k (~0.6% of the total internet is blocked).

List of Cyber Threat Intelligence Connectors with OneFirewall

  1. 26 OneFirewall Alliance Members
  2. US based Threat Alliance Association (Security Partner)
  3. Europe based Telecommunication Company (Security Partner)
  4. Russian multinational cybersecurity and anti-virus provider (Security Partner)
  5. Alienvault/AT&T Cybersecurity - (https://cybersecurity.att.com/)
  6. CIArmy/CINS Score - (http://www.ciarmy.com/)
  7. Emerging Threats, Compromised IPs - (https://www.proofpoint.com/us)
  8. Rutgers Department of Computer Science - (https://resources.cs.rutgers.edu/)
  9. Botnet C2 IP Ruleset & SSL BlackList - (https://sslbl.abuse.ch/)
  10. GreenSnow - (https://greensnow.co/)
  11. FireHOL - (http://iplists.firehol.org/)
  12. BAD IPs - (https://www.badips.com/)
  13. SANS Internet Storm Center - (https://www.dshield.org/)
  14. Blocklist - (http://www.blocklist.de/)
  15. Phishtank - (https://phishtank.com/)
  16. IP Blacklist - (http://www.darklist.de/)
  17. Norwegian UNIX User Group
  18. Cybercrime Tracker - (https://cybercrime-tracker.net)
  19. Artists Against 419 - (https://db.aa419.org/)
  20. ADBlockPlus - (https://adblockplus.org/)
  21. Joewein.de LLC (Tokyo, Japan)
  22. VX Vault - (http://vxvault.net/)
  23. IP Quality Score - (https://www.ipqualityscore.com/)
  24. Project HoneyPot - (https://www.projecthoneypot.org)
  25. Honey DB - (https://honeydb.io)
  26. Abuse IPDB - (https://www.abuseipdb.com/)
  27. MalwareDomainList - (http://www.malwaredomainlist.com/)
  28. Prof. Charles B. Haley personal feeds
  29. StopForumSpam (https://stopforumspam.com/)
  30. Malc0de - (http://malc0de.com/)
  31. BlockList - (http://www.blocklist.de/en/index.html)

The total connectors are accountable for 790 CTI Feeds sources

The service is offered via online subscription and is consumable via HTTP API, API documentation is available, however most of our customers are expected to use WCF-Agent to interact with WCF. For enterprise-subscribed customer OneFirewall offers the free of charge development of new or custom plugins of WCF Agent. More details about the cyber-crime sources are described below.

Customer Benefits
As the core of OneFirewall Alliance solution, WCF provides via API a real time threat intelligence service that can prevent cyber actors with malicious intent from accessing the customer technological platform
Product Maturity
This product is already developed and has been deployed in production since April 2018. Continuous improvements of the algorithm and scalability are provided as the size of the Data Base increases daily.
Subscriptions
Free, Premium and Enterprise
Contact us for this product

Access Now

Register and access OneFirewall Shared Threat intelligence data lake
Cloud Solution