Integration Details

What does this offering provide?

Exceptional coverage of contextual IP and domain reputation metadata. Understand levels of risk with heuristics identifying “exploit”, “sinkhole”, “proxy” etc. in addition to whether the activity is still in operation with regular re-evaluation, plus current and historical context of an entry.

Gain signals relating to:

  • Compromised devices showing indications of malware, trojan/ worm infections, devices controlled by botnet C&Cs
  • Botnet C&C servers
  • Malicious email communications
  • Reputation for any domain observed by Spamhaus, good or bad

Full documentation of what metadata is available via this integration can be found here.

Why use this data? 

  • Data coverage | Based on observations of billions of DNS queries daily, partnering with abuse.ch, and two-way intel from governments, law enforcement, CERTs, enterprise businesses, ISPs, ESPs and more, Spamhaus’ intelligence is based on truly vast data input.
  • Significant context | Unique IP and domain reputation signals. Understand the behavior, properties, and relationships of potential threats to quickly assess, pivot and prioritize.
  • Experience | Spamhaus has been operating for over 25 years to identify adversary activity, and sharing threat intelligence to improve Internet trust and safety. 

Who can use this integration?

Any Maltego customer, accessible via the Cyber Threat Intelligence module with Maltego Data Pass access.

This is relevant for:

  • Incident response
  • Continuous monitoring
  • Prioritization
  • Cyber and digital forensics
  • Trust and safety

What Spamhaus customers say about the data:

Our Virtual CISO customers have really valued the extra insights,”  Darren Williams, Founder and CEO of BlackFog.

Spamhaus was the obvious choice. You have a great reputation for reliable and consistent data.” Avi Freedman, Co-Founder, Kentik.

Spamhaus data allows us to add huge amounts of value for our customers and beyond.” Deepak Prabhakara, Founding Engineer and CTO, Redsift.

Getting set up

Setup is quick and easy via Maltego Data Hub. Spamhaus Intelligence can be accessed via Maltego Data Pass. Maltego Data Pass is available on purchase with all Maltego Plans.

For more information, visit the Maltego website and select the plan most relevant for your needs.