Malware Patrol Enterprise CTI

Malware Patrol Enterprise CTI provides threat intelligence feeds for security teams, cybersecurity companies, and technology providers. The platform offers multiple data feeds including malicious domains, URLs, IPs, command and control servers, cryptojacking indicators, DGA domains, malware hashes, ransomware URLs, phishing data, and newly registered domains. The service operates on a flexible licensing model where organizations can purchase individual feeds, custom-built solutions, or comprehensive packages. The Big Data package includes all available feeds plus newly developed feeds released during the subscription term. Feeds are delivered in multiple formats including CSV, JSON, NGFW, SIEM, TIP, and DNS RPZ zone files. Update frequencies range from hourly to daily depending on the feed type. Command and control server feeds include MITRE ATT&CK technique mappings for TTP-based detection. Expanded intelligence options include malware binaries for reverse engineering, phishing screenshots and HTML for AI/ML training, unsanitized URLs with malware filenames, and DNS-over-HTTPS resolver catalogs. The platform also provides a free Risk Indicators feed containing OSINT-based data including high-risk IPs, threat-related IOCs, and active Tor exit nodes. Custom intelligence options allow organizations to tailor feeds to specific format, filtering, or delivery preferences to match existing security workflows and data pipelines.