FAQs
About Maltiverse
What is Maltiverse?
An automated way to deliver reliable threat intelligence to be consumed by SOCs and MSSPs. We aggregate information from hundreds of public, private and community sources, we treat and enrich this information, give it a scoring and deliver it to reduce false positives.
What makes Maltiverse unique?
Our threat intelligence more reliable than other providers, making SOC analysts’ lives much easier. Maltiverse helps the threat intelligence automation within your company, avoiding analysts’ fatigue and stress when concentrating on alerts manually, and making sure your devices get threat intelligence on time, avoiding IoCs expiration.
Is Maltiverse part of the Cyber Threat Alliance?
Yes, Maltiverse is part of the CTA since July 2022.
Does Maltiverse offer private instances?
Yes. Maltiverse offers public and also private instances.
FAQs Maltiverse Product
Should IoCs have expirations?
Yes. We think IoCs decay must be taken into account, and we deliver a different scoring algorithm for each type of IoC. Since not all the IoCs are the same in nature. IoCs decay term implies that IoCs go into different stages as they decay of relevance.
Do you remove IoCs from your feeds?
No, we never remove them. We have a filed named classification with different thresholds: Malicious, Suspicious, Neutral and Whitelist.
Is your scoring algorithm applied only once?
No. Our scoring algorithm is applied in real time to our IoCs in the database.
What does the Community IoCs mean?
Maltiverse is open to everyone, customers can check their IoCs (Hashes, IP addresses, Domains and URLs) in our database, so when a customer uploads information which Maltiverse does not have in its database, we run our scoring algorithm and we classify it and score this new IoC, making these new IoC unique.
Is your scoring algorithm the same for the different types of IoCs?
No, there is a different scoring algorithm for the different hashes, IP addresses, domains and URLs IoCs we work with.
Can the Maltiverse Threat Intelligence Feeds be distributed when my security stack is in production?
Yes, this is done to ensure that your devices are always updated in real time.
Can Maltiverse be installed on-premise?
No. Maltiverse only offers a SaaS model.
Related Articles
Threat Intelligence Feeds Management
Threat Intelligence feeds on Maltiverse can be used to either be integrated within a wide variety of security tools, or can be downloaded in a variety of formats to be used as needed within your organization. This article goes over both approaches in ...Create Custom Threat Intelligence Feeds
Maltiverse offers the possibility of creating Custom Threat Intelligence Feeds. This feature allows you to carefully select the IoCs you are going to disseminate through your security stack, allowing you to maximize your security posture based on the ...Maltiverse Threat Analyzer
In the Treat Analyzer view you can perform a bulk search for a set of raw IoC’s. This module provides a quick report with the occurrences, typology, geolocation and other relevant information to carry out an investigation. Threat Analyzer demoUpload Private IoCs via Maltiverse Portal
This feature is only available for the Platform plan users. Maltiverse allows users to upload and manage IoCs directly through the platform. This feature streamlines the process of parsing IoCs from raw text, associating them with relevant metadata, ...Getting Started with Maltiverse
Maltiverse by Lumu enhances your cybersecurity stack's Continuous Compromise Assessment by injecting curated threat intelligence feeds, thereby empowering threat detection. This article will guide you through the initial steps to integrate ...