World Crime Feeds​ (WCF)

Real time, online and scalable Threat Intel platform| Offered via: Online API Service

World Crime Feeds - OneFirewall WCF

World Crime Feeds (WCF) contains real time data for cyber-attacks across the globe. WCF is powered using the following four main sources:

  1. Cyber-attacks feeds from alliance members submissions
  2. Open Source Threat Feeds (Emerging threats, AlienVault, etc…)
  3. Security Partners and Paid services ( Labs, etc…)
  4. OneEye Forecast (offered only to enterprise alliance members)

WCF indexes are currently: 1.5 million IPv4 Networks 600 million single IPv4 address (~7% of the total internet)

As the IP/s are fluid during the span of the time and cyber actors constantly change network and location, OneFirewall developed a propriety algorithm to decline the importance of these events during the time. From the current Data Base the total IPs that are blocked from OneFirewall Alliance members are ~511k (~0.6% of the total internet is blocked).

List of Cyber Threat Intelligence Connectors with OneFirewall

  1. 29 OneFirewall Alliance Members
  2. Cyber Threat Alliance - (
  3. Machine Learning in parternship with Polytechnic University of Turin (
  4. Europe based Telecommunication Company (Security Partner)
  5. [confidential] Russian multinational cybersecurity and anti-virus provider (Security Partner)
  6. Alienvault/AT&T Cybersecurity - (
  7. CIArmy/CINS Score - (
  8. Emerging Threats, Compromised IPs - (
  9. Rutgers Department of Computer Science - (
  10. Botnet C2 IP Ruleset & SSL BlackList - (
  11. GreenSnow - (
  12. FireHOL - (
  13. BAD IPs - (
  14. SANS Internet Storm Center - (
  15. Blocklist - (
  16. Phishtank - (
  17. IP Blacklist - (
  18. Norwegian UNIX User Group
  19. Cybercrime Tracker - (
  20. Artists Against 419 - (
  21. ADBlockPlus - (
  22. LLC (Tokyo, Japan)
  23. VX Vault - (
  24. IP Quality Score - (
  25. Project HoneyPot - (
  26. Honey DB - (
  27. Abuse IPDB - (
  28. MalwareDomainList - (
  29. Prof. Charles B. Haley personal feeds
  30. StopForumSpam (
  31. Malc0de - (
  32. BlockList - (

The total connectors are accountable for 790 CTI Feeds sources

The service is offered via online subscription and is consumable via HTTP API, API documentation is available, however most of our alliance members are expected to use WCF-Agent to interact with WCF. For enterprise-subscribed alliance members OneFirewall offers the free of charge development of new or custom plugins of WCF Agent. More details about the cyber-crime sources are described below.

Alliance Member Benefits
As the core of OneFirewall Alliance solution, WCF provides via API a real time threat intelligence service that can prevent cyber actors with malicious intent from accessing the alliance member technological platform
Product Maturity
This product is already developed and has been deployed in production since April 2018. Continuous improvements of the algorithm and scalability are provided as the size of the Data Base increases daily.
Free, Premium and Enterprise
Contact us for this product

Access Now

Register and access OneFirewall Shared Threat intelligence data lake
Cloud Solution