Our network of sensors picks up the buzz of the Internet around the clock and around the world. Our automated analysis engine makes sense of it for you. Our RIFE algorithm calculates the approximate scale of malicious actors' operations.

BuzzSec CTI Briefings

Free Reports Updated Daily

(coming soon)

QueenBee: A dossier of activity from the most prominent and pervasive attacker observed today

PollenCount: An average of observed attacks per exposed IP address in the past 24 hours

Updated Hourly

WorkerBees: IP addresses performing Internet-scale brute-force and BotNet infection

ScoutBees: IP addresses performing Internet-scale reconnaissance and scanning

DroneBees: IPs, FQDNs and URLs hosting malware and Command/Control

Sample Drone URL Feed

Swarms: Small CIDR ranges that are hosting concerted attack and recon efforts

Sample feed (Live-updating)
Sample Summary Report (Live-updating)

Apitoxins: Malicious file hash IOCs being deployed by attackers

Dynamic Feeds

Our dynamic feeds are designed for automated reporting and blocking, and are rendered in real time with up-to-the-second intelligence. Import them into your firewall as an External Dynamic List. Load them into Splunk, OSSIM, ArcSight or ELK. Build scripts to update iptables and pf rules.

IP / CIDR feed: Worker, Scout, Drone and Swarm addresses
Combined Feed Sample (Live-updating)

FQDN feed: Hostnames and domains associated with threats we've observed