London, UK - December 2nd, 2020.  Today, Spamhaus Technology Ltd, the trusted authority on IP and domain reputation, releases its Intelligence API [BETA]. This is the first time Spamhaus has released its extensive threat intelligence via API, providing enriched data relating to IP addresses exhibiting compromised behavior.

Available free of charge, developers can readily access enhanced data that catalogs IP addresses compromised by malware, worms, Trojan infections, devices controlled by botnets, and third party exploits, such as open proxies.

The API features live and historical data, including bot names, first seen dates, and valid until dates, providing security developers with the capacity to create additional applications to enhance network security.  Using a combination of machine learning, manual investigations, and heuristics, Spamhaus’s researchers derive this information from data shared by the industry and beyond – including from hosting companies, ISPs, internet governing bodies such as ICANN, and from its own honeypots and spam traps.

For years, the researchers at the Spamhaus Project have recorded a wealth of intelligence relating to IPs and domains. They’ve been working with big data long before it became the buzzword it is today,” explains Simon Forster, CEO at Spamhaus Technology. “It’s a pleasure to share this in a readily available API format with the wider internet community. We’re looking forward to seeing the security challenges this data can resolve in live environments.”

There are multiple applications for this data. Spamhaus Intelligence API can be integrated with current applications to provide increased visibility as to where issues have occurred, for example, Splunk applications. The use cases are numerous and include improved incident response, online real-time risk assessment, and trend monitoring.

Spamhaus is providing this BETA version at no cost to interested developers. Find out more at

The following statistics illustrate the amount of data processed each day across all datasets:

  • 4 billion SMTP connections analyzed
  • 12 million botnet nodes
  • 3 million domains assessed
  • 18,000 malware samples processed
  • 100s of heuristics used

Get free access to the Spamhaus Intelligence API (SIA) here.