RST THREAT FEED

Free indicators

IP List: JSON, CSV
Domain List: JSON, CSV





Data is being updated every 24 hours in between 21:00 and 22:00 (UTC)




There are dozens of public intel sources available. To help you to leverage them, we created that free feed which anyone can download and use. We keep the names of the original IoC sources and also provide tags both derived from the sources and based on our data.

For professionals who need more information and treat context in order to investigate incidents, we suggest having a look at our Enterprise Feed data structure.


Enterprise Feed
Features Free Enterprise
Full dump every 24 hours
Unlimited number of queries
Verification
Enrichment
Scoring
SIEM Integration



Free Feed Data Structure


{
   "ip":{
      "v4":"14.33.133.188", - type | value
      "num":"237077948"     - value as Interger (comparison can be faster)
   },
   "collect":1571184000,    - incidicator collection timestamp
   "tags":{                 - tags in order to categorise indicators
      "str":[
         "shellprobe",
         "generic",
         "botnet"
      ]
   }
}
{
   "domain":"32rlav36ca.laserhairremovalindia.com", - value
   "collect":1571184000,        - incidicator collection timestamp
   "tags":{                     - tags based on original IoC sources
      "str":[
         "shellprobe",
         "generic",
         "botnet"
      ]
   }
}

Both feeds are also available for downloding as CSV files and GZ archives to optimise network usage.