Expedite Anti-Malware Investigations & Response

MalNet brings together the industry’s most extensive malware threat information from Proofpoint ET Intelligence with Maltego link analysis capabilities from ShadowDragon. MalNet enables incident responders, threat analysts and law enforcement to identify and visualize malware connections in just seconds to expedite investigations, response, and malware protection.

Visually Explore & Uncover Malware Connections in Seconds

With over a decade of collecting and analyzing threat intelligence data, Proofpoint ET Intelligence™ has the largest and most comprehensive database that identifies malicious IP addresses and domains and delivers actionable malware protection intelligence in context.

Using MalNet and its’ customized transforms, this data can be quickly visualized uncovering points of origin, covert channels, exploits kits, malware hashes, command control systems and more, resulting in robust malware prevention.

Videos & Screenshots

Benefits

  • Visualize malware connections and campaigns into the 1000s of records.

  • Analyze data using 100+ commercially supported transforms.

  • Access industry-leading current and historical Proofpoint ET Intelligence.

  • Connect specific attack campaigns to billions of available individual indicators.

  • Search and view attacks and actors in motion all over the world to devise anti-malware strategies.

  • Easily pivot and drill down with a forensic data trail for incident investigation.

Top MalNet Commercial Transforms

  • Domain
    Information

    • Reputation
    • Malware-requested URLs
    • Related malware samples
    • Related IPs
  • IP
    Information

    • Malware-requested URLs
    • Related malware samples
    • Related domains
    • Related IDS events
  • Malware
    Samples

    • Connection source IP
    • Connection destination IP
    • HTTP request source IP
    • HTTP request destination IP
  • Signature
    Information

    • Related IPs
    • Related domains
    • Related malware samples

MalNet Stories

Exposing a Cyber Espionage Apparatus.

ClearSky and Trend Micro exposed CopyKittens as an active cyber espionage actor who has targeted governments and large companies in the United States, Europe and Middle East. MalNet was used to help identify an infrastructure that used known malware and newly uncovered code and tools.

Who’s Targeting Israel Electric Company?

From 2016 – 2017, attackers used malware in continual attempts to breach IEC – Israel’s largest source of electrical power. Clearsky Security is investigating the attribution behind these attacks, using MalNet to support their process and attribute artifacts.

Uses

  • Cyber Threat Intelligence relating to malware artifacts
  • C2 infrastructure identification
  • IOC correlation
  • IDS to malware hash relationships
  • Campaign date correlations

Supports

  • MSSP Teams
  • SOC Teams
  • Cyber Threat Intelligence

Free Dossier Template: Make a Strong Presentation of Intelligence

Preparing succinct reports can be a daunting task with data gathered from multiple sources, and a process that is not always linear. To help, we have developed a FREE Dossier Template that facilitates easy report writing and final product that is clear, concise and professional.