Kaspersky Threat Intelligence

Evidence-based knowledge, including context and actionable recommendations, regarding cyberthreats

Request a Call Download Datasheet

Modern cyberthreats are becoming ever more sophisticated. Attack surfaces expand as rafts of new devices are introduced into large organizations almost daily. The motives of threat actors out to exploit these diversity varies widely, from organized crime to hacktivism and terrorism, their methods evolving to become stealthier, cleverer, and harder to detect. All this raises the problem of building efficient protection systems, capable of stopping highly sophisticated threats in their tracks.

What We Offer

Counteracting modern cyberthreats requires a 360 degree view of the methods, tactics and tools used by threat actors. Threat intelligence derived from external trusted sources enables you to detect threats, preventing them before they can penetrate internal networks.

  • Threat Data Feeds

    Threat Data Feeds

    Enhance your existing security controls and improve forensic capabilities using cyberthreat data from Kaspersky Lab.

  • APT Intelligence Reporting

    APT Intelligence Reporting

    Gain exclusive, proactive access to descriptions of high-profile cyber-espionage campaigns, including indicators of compromise.

  • Financial Threat Intelligence Reporting

    Financial Threat Intelligence Reporting

    High-end intelligence and awareness in high-profile attacks on financial institutions, including indicators of compromise.

  • Tailored Threat Reporting

    Tailored Threat Reporting

    Threat intelligence tailored to your specific organization or country derived from both deep and dark web sources.

  • Threat Lookup

    Threat Lookup

    A web portal giving you access to all the knowledge acquired by us at Kaspersky Lab about threat indicators and their relationships. 

  • Phishing Tracking

    Phishing Tracking

    Real-time notifications about the ongoing phishing attacks targeting you or your customers.

  • Botnet Tracking

    Botnet Tracking

    Real-time notifications about ongoing botnet attacks threatening your customers and your reputation.

  • Transforms for Maltego

    Transforms for Maltego

    Visualize the relationships between threat indicators by gaining actionable context from Kaspersky Lab

Get started with Threat Intelligence Services

Request a trial to clearly understand your benefits from the detailed insights into cyber threats delivered to you in the most convenient way.


Suitable for

  • Enterprise organizations

  • Government

  • Financial Services

  • Managed Security
    Service Providers

In Use

Enhance your threat detection capabilities

Threat Data Feeds can be integrated with SIEM systems or security devices including IPS/IDS, firewalls, security proxies etc, providing the additional layer of intelligence needed for your security teams to confidently identify suspicious activities ongoing in your networks. "Raw" data like IP addresses is often not fully actionable itself, so each of our feeds provides additional context, helping to guide further research and investigation.  

Strengthen your defenses against threats targeting you

Leveraging the information provided in APT Intelligence Reports and Financial Threat Intelligence Reports you can respond quickly to new threats and vulnerabilities by blocking attacks via known vectors, reducing the damage caused by advanced attacks and enhancing your security strategy. Our Tailored Threat Reporting and threat tracking services present a snapshot of your current attack status, identifying weak-spots ripe for exploitation and allowing you to focus your defense strategy on areas pinpointed as prime targets for attack.

Boost your incident response levels with global threat visibility

Kaspersky Threat Lookup delivers all the knowledge acquired by Kaspersky Lab about cyber-threats and their relationships, brought together into a single, powerful web service. The platform retrieves the latest detailed threat intelligence about URLs, domains, IP addresses, file hashes, threat names, statistical/behavior data, WHOIS/DNS data, etc. The result is global visibility of new and emerging threats, helping you secure your organization and boosting your incident response.

Threat Data Feeds Demo

Demo Threat Data Feeds contain limited number of records which are available in the paid offering and give an idea of the integration with leading SIEMs. By clicking the links below you can download the connectors for the corresponding SIEMs


The Threats

Tracking, analyzing, interpreting and mitigating constantly evolving IT security threats is a massive undertaking. Enterprises across all sectors are facing a shortage of the up-to-the-minute, relevant data they need to help them manage the risks associated with IT security threats.

  • Real threats buried among thousands of insignificant alerts

  • Threats lying undiscovered but active within the organization

  • Poor incident prioritization

  • Unknown attack vectors being missed

  • Inadequate internal funding due to poor risk visibility

  • A security strategy unaligned with the current threatscape

Related Solutions