Um novo dataset está disponível via Spamhaus Intelligence API

What is the Spamhaus Intelligence API (SIA)?

The name gives it away – it’s an API that’s easy to integrate with existing systems, which delivers enhanced IP reputation data. This metadata gives increased visibility and context to users, speeding up investigations and accelerating reporting relating to IP addresses.

Red Sift Open Cloud utilizes SIA to help their customers rapidly classify potential threats, enabling them to dramatically reduce the amount of time spent analyzing reports. Read more.

What is the extended CSS (eCSS)?

This dataset is specific to SMTP traffic, i.e., it only lists port-25 based detections. The focus is on spam and other low-reputation sources. Our researchers list IPs on this dataset if they observe any of the following behavior:

• Sending bulk unsolicited email
• Having poor email marketing list hygiene
• Sending out malicious emails due to compromised accounts, web forms, or content management systems (CMS)

The eCSS contains between 300,000 – 1.5 million listings, with up to 285,000 new listings added every 24 hours. Not only can it be used by abuse desks for remediation, but, given its SMTP focus, senders can utilize it from a reputation perspective too. Additionally, receivers can use the CSS to take a deeper dive into the reasons behind a listing on the CSS blocklist.

What else is available via SIA?

A dataset called the extended eXploits blocklists (eXBL) is also included. This lists IP addresses belonging to any device showing signs of compromise and includes the Internet of Things (IoT) traffic. Listings on the eXBL result from:

• Malware infections
• Trojan infections
• Worm infections
• Devices controlled by botnets command and controllers (C&Cs)
• Third-party exploits, such as open proxies.

This dataset on average contains 7.5 million listings, with up to 75,000 newly observed IPs added every 24 hours.

How do you access the eCSS?

If you’d like to trial this data via SIA, you can sign up here. Alternatively, for those who would like an opportunity to experiment with our data over an extended period, sign up for our free Developer License, which gives six months of access to these datasets without any charge.