We’re delighted to announce our partnership with Maltego Technologies - a leading open-source threat intelligence platform. This integration of Spamhaus’s context-rich IP and domain reputation signal further enriches Maltego’s Transform Hub, to build context, insight, and validation into your cyber investigations.

All data at your fingertips

As “the world’s most used cyber investigation platform,” Maltego enables security professionals, researchers, law enforcement, forensic investigators, and more, to increase the efficiency of their investigations by integrating data easily through one single interface: Maltego’s Transform Hub. This all-in-one intelligence platform brings together a range of data sources providing actionable insight – now including Spamhaus’ IP and domain reputation data.

Building context, confidence, and validation

Spamhaus’ IP reputation data provides signal on both malicious and compromised IP addresses, showing indications of: malware, botnet command and controllers, third-party exploits, phishing, spam, and more. Meanwhile, the domain reputation data provides signals on every domain Spamhaus observes – malicious or not.

One key benefit of the Spamhaus and Maltego integration is the diverse, contextual metadata. This context-rich data can be powerful in determining whether an entity is high risk (and why) and if it is still perpetuating malicious behavior with regular reassessment.

By leveraging the detailed signals returned along with other data sources available on the Transform Hub, users can obtain a more comprehensive understanding of the malicious activity, leading to more accurate and informed decision-making. This enables users to decide what actions to take next and how quickly to take them, making research and investigations more efficient.

Why use this data?

Spamhaus has been sharing threat intelligence to strengthen trust and safety on the Internet for over 25 years. We are the trusted authority for robust and reliable IP and domain reputation data.

Data coverage is vast, based on a diverse range of data points from various sources. This unique set of signals provides valuable context to analyze potential threats, assess, pivot, and prioritize.

As Avi Freedman, Co-Founder at Kentik shares about the data, “Spamhaus was the obvious choice. You have a great reputation for reliable and consistent data.” 

Who can use the Spamhaus and Maltego integration?

The integration is available to any Maltego user with a commercial plan and can be accessed via the Cyber Threat Intelligence module with Data Pass access.

Typical users of Spamhaus threat intelligence data include:

  • Threat Intelligence Teams
  • Incident Response Teams
  • Cyber and Digital Forensics Teams
  • Trust and Safety
  • Penetration Testers
  • CERTs
  • SOCs

How to access Spamhaus’ IP and Domain Reputation data

Accessing the data is quick and easy via Maltego’s Transform Hub. Visit the Transform Hub, search for Spamhaus, and select a plan that matches your needs.

A powerful partnership for cyber investigation

The Maltego platform offers users a powerful tool for combining multiple data sources for analysis and investigation. Spamhaus provides industry-leading IP and domain threat intelligence data. By combining the two, users achieve even greater efficiency, context, and validation for their cyber investigations.

Spamhaus are delighted to be partnered with the Maltego team. For more information about the integration, see here, or contact Maltego directly to learn more.

Spamhaus Intelligence API (SIA)

Spamhaus Intelligence API (SIA) contains context-rich metadata relating to IP and domain reputation. Integrate this data with your applications to enhance existing data feeds, or consume as an independent data source.

In this easy-to-consume format, SIA can be used for threat detection and investigation, risk scoring, customer vetting, validation and much more.

  • Save valuable time investigating and reporting
  • Simple and quick to access
  • Data you can trust in