Cyber Threat Intelligence Feeds
New Detection Rules Feed
The feed offers a continuous stream of newly published detection rules, sourced from over 40 public GitHub repositories.
It is designed for individual researchers, students, or security teams on a limited budget looking to track emerging detection trends and gain early visibility into new detection methods.
Detection Rules Pro Feed
A full collection of new rules and rule modifications. Rules are pre-processed and are shipped with extracted key observables (IPs, hashes, etc.) for direct use in SIEM/TIP platforms.
The feed is designed for SOC teams and detection engineers who need reliable, actionable data for direct use in SIEM/TIP platforms and for CTI correlation. The inclusion of rule updates also aids teams in maintaining and refining their own detection logic by observing community best practices.
Enterprise Detection Intelligence Feed
Premium feed that expands "Detection Rules Pro" Feed with analysis and guidance. The feed includes rule change analysis with impact guidance, correlation to active CVEs and threat campaigns, and a weekly detection engineering brief, all designed to support strategic decision-making, prioritization of efforts, and a robust, proactive detection posture.
The feed is best suited for mature security operations centers, threat intelligence teams, and proactive detection engineers requiring advanced context.