Use Case: Upload private IoCs
In today’s complex cybersecurity landscape, organizations should not only rely on consuming global threat intelligence. Generating your own threat intelligence also plays a huge role in keeping your organization safe. Internal research, incident investigations, and private honeypots often reveal unique Indicators of Compromise (IoCs) that may not be visible in public threat feeds. These insights are incredibly valuable, but they’re often unstructured, inconsistent, or difficult to operationalize due to their nature of discovery.
The Maltiverse Platform Plan equips your organization with a comprehensive solution to this challenge by offering a dedicated private database where you can upload your own IoCs to be integrated seamlessly into your threat intelligence cycle. This capability allows organizations to go beyond consuming global feeds and start operationalizing their unique, internally generated intelligence so they can elevate their security posture.
By uploading your own IoC, Maltiverse is capable of cleaning, organizing and enriching your IoCs to bridge the gap between raw, unstructured data and high-confidence actionable threat intelligence that directly strengthens detection, prevention, and response.
Key Benefits
- Private and Secure – Your IoCs remain private to your organization, never shared or exposed externally.
- Customizable rules – Define your own expirations, whitelist definitions, and maliciousness criteria to align with your risk model.
- Cleaning process – Cleanses and filters out unusable or noisy IoCs, leaving only reliable, high-quality data.
How It Works
This is a simple and straightforward process done entirely through the Maltiverse Portal.
- Upload IoCs – Manually upload your private indicators.
- Automatic cleansing & enrichment – The platform classifies, and enriches data with contextual information based on your preferences and configurations.
- Customize & refine – Tailor rules, expirations, and classifications to your organization’s needs.
- Operationalize – Create custom Threat Intelligence Feeds with your own IoCs to disseminate them via connectors into your security stack (firewalls, SIEM, EDR).
Why It Matters
By utilizing this feature your organization is capable of having a user-owned, customizable layer of threat intelligence that integrates seamlessly into Maltiverse’s broader ecosystem. Private IoCs can be fed into Dissemination (sharing with security tools and teams) or Hunting (external threat discovery), ensuring that your internal intelligence becomes a force multiplier rather than siloed data.
Related Articles
Use Case: IoC Dissemination
When talking about securing your operations, speed and coverage are two critical aspects in keeping your data safe. Having access to private or global IoCs is valuable, but their real power comes when they are distributed across your security stack. ...Upload Private IoCs via Maltiverse Portal
This feature is only available for the Platform plan users. Maltiverse allows users to upload and manage IoCs directly through the platform. This feature streamlines the process of parsing IoCs from raw text, associating them with relevant metadata, ...Upload Private IoCs via API
This feature is only available for the Platform plan users. The Maltiverse API provides a structured way for users to upload and manage Indicators of Compromise (IoCs) such as IPv4 addresses, hostnames, URLs, and samples (identified by hashes like ...Maltiverse Datasets
Maltiverse processes threat intelligence from multiple sources and classifies it so it can be easily consumed and understood. Each Indicator of Compromise (IoC) is run by the Maltiverse Algorithm to be categorized not only by its type, but also by ...Maltiverse Plans
Maltiverse offers three different subscription plans designed to fit a wide range of security needs, from individuals and small teams just starting with threat intelligence, to large enterprises requiring advanced integrations and full platform ...