Explore OpenCTI or OpenAEV platform with 30 days Free Trial!
XTM Hub by FiligranSign In
IPsum logo

IPsum

Automatic deploy
Verified
Open Source Threat Intel
Infrastructure & Attack Surface Visibility

Overview

IPsum connector imports malicious IP addresses from 30+ aggregated blacklists into OpenCTI as indicators, with confidence scoring based on cross-list occurrence count.

IPsum is a threat intelligence feed based on 30+ different publicly available lists of suspicious and/or malicious IP addresses. All lists are automatically retrieved and parsed on a daily basis. The feed provides IP addresses together with a total number of blacklist occurrences — the greater the number, the lesser the chance of false positive detection.

This connector fetches malicious IP addresses from the IPsum feed and imports them into OpenCTI as IPv4-Addr observables and STIX 2.1 Indicators. It supports configurable threat levels (1-8), custom scoring, and TLP markings.

Basic information

IPsum
Connectors
External import
6.8.13
7.260710.0
0

    We use cookies to make the XTM Hub work, understand how it's used, and improve your experience. Strictly necessary cookies are always on. With your consent, we also use optional cookies for functionality, performance and analytics, and marketing. You can accept all, reject all, or choose which optional cookies to allow. You can change your preferences at any time via "Cookie settings". See our Cookie Policy for more information.