Malware prevention requires analysis and mitigation of a complex combination of botnets, proxies, attack vectors, and command and control systems. Identifying and analyzing artifacts quickly is important for malware security, criminal investigations and to “stop the bleeding” with an attack in progress.

Expedite Anti-Malware Investigations & Response

MalNet brings together the industry’s most extensive malware threat information from Proofpoint ET Intelligence with Maltego link analysis capabilities from ShadowDragon. MalNet enables incident responders, threat analysts and law enforcement to identify and visualize malware connections in just seconds to expedite investigations, response, and malware protection.

malnet venn diagram@2x

Visually Explore & Uncover Malware Connections in Seconds

With over a decade of collecting and analyzing threat intelligence data, Proofpoint ET Intelligence™ has the largest and most comprehensive database that identifies malicious IP addresses and domains and delivers actionable malware protection intelligence in context.

Using MalNet and its’ customized transforms, this data can be quickly visualized uncovering points of origin, covert channels, exploits kits, malware hashes, command control systems and more, resulting in robust malware prevention.



Find additional DNS information from malware.

Find additional malware from compromise domain.

Uncover IDS Signatures that key on traffic from malware samples.


Consultant pricing now available for companies that provide cyber security advice and analysis.


Access industry-leading current and historical Proofpoint ET Intelligence.

Visualize malware connections and campaigns into the 1000s of records.

Connect specific attack campaigns to billions of available individual indicators.

Analyze data using 100+ commercially supported transforms.

Search and view attacks and actors in motion all over the world to devise anti-malware strategies.

Top MalNet Commercial Transforms

Domain Information

Malware-requested URLs
Related malware samples
Related IPs


Malware-requested URLs
Related malware samples
Related domains
Related IDS events

Malware Samples

Connection source IP
Connection destination IP
HTTP request source IP
HTTP request destination IP

Signature Information

Related IPs
Related domains
Related malware samples

MalNet Stories

Exposing a Cyber Espionage Apparatus.

ClearSky and Trend Micro exposed CopyKittens as an active cyber espionage actor who has targeted governments and large companies in the United States, Europe and Middle East. MalNet was used to help identify an infrastructure that used known malware and newly uncovered code and tools.

Who’s Targeting Israel Electric Company?

From 2016 – 2017, attackers used malware in continual attempts to breach IEC – Israel’s largest source of electrical power. Clearsky Security is investigating the attribution behind these attacks, using MalNet to support their process and attribute artifacts.


  • Cyber Threat Intelligence relating to malware artifacts
  • C2 infrastructure identification
  • IOC correlation
  • IDS to malware hash relationships
  • Campaign date correlations


  • MSSP Teams
  • SOC Teams
  • Cyber Threat Intelligence

Free Dossier Template: Make a Strong
Presentation of Intelligence

Preparing succinct reports can be a daunting task with data gathered from multiple sources, and a process that is not always linear. To help, we have developed a FREE Dossier Template that facilitates easy report writing and final product that is clear, concise and professional.

Spend less time scanning reports, and more time acting on intelligence.

Schedule a demo or find out more.

Scroll to Top