Monday, March 14, 2016
Wapack Labs has been populating this database for about a year. It's essentially the indicators taken from our own analysis, and then grown.
Every day we get asked "Why buy another feed?" This is a bit different. If I'm a bad guy and I have one domain registered for a C2 node, there's a good chance my other domains are also used for C2 nodes. We try and find all of them, starting from the one we know, and then provide them all to our subscribers... and they're in Threat Recon.
Sign up for your free API key. Every user gets 20 queries and 1000 free indicators per month. Plug in your search and off you go. Threat Recon runs from the web interface, or machine to machine.