Bandura Platform Integrations

With over 50 Integrations, the Bandura Platform Puts Best-in-Class Intelligence at Your Fingertips

Our Integrations Range from Over 30M Out-of-the-Box Threat Indicators Premium Threat Intelligence Feeds Available as Add-Ons Built-In Integrations to the World's Best Threat Intelligence Providers Common Connectors to Integrate and IP or Domain-Based Source


Logo for Bambenek Consulting
Premium

Commercial

Bambenek Consulting

Well-Fed Threat Intelligence is produced by Bambenek Consulting, LTD. Bambenek is a leading cybersecurity threat intelligence and data science firm led by industry veteran John Bambenek. Bambenek’s Well-Fed Intelligence products are used by thousands of organizations all over the world to better protect themselves from cyber threats.

Learn More
Logo for Cyjax
Premium

Commercial

Cyjax

Cyjax’s mission is to be the preeminent supplier of threat intelligence for enterprises, SMEs and governments around the world. Established in 2012, Cyjax has built a reputation for producing world-class cyber threat intelligence across a broad range of sectors.

Learn More
Logo for DomainTools

Commercial

DomainTools

DomainTools is a leader in domain name and DNS-based cyber threat intelligence. Bandura offers a Domain Hotlist and IP Hotlist powered by DomainTools. These lists protects users from phishing, malware, and spam threats.

Learn More
Logo for Intel 471
Premium

Commercial

Intel 471

Intel 471 is the premier provider of cybercrime intelligence for leading intelligence, security, and fraud teams. Its adversary intelligence is focused on infiltrating and maintaining access to closed sources where threat actors collaborate, communicate, and plan cyber-attacks. Its malware intelligence leverages its adversary intelligence and underground capabilities to provide timely data and context on malware and adversary infrastructure.

Learn More
Logo for IP2Location

Commercial

IP2Location

This plugin enables users of IP2Location’s IP2Proxy data feed to integrate this threat intelligence into the Bandura platform. IP2Proxy provides protection from Anonymizing VPN services, TOR Exit Nodes, Public Proxies, and Web Proxies.

Learn More
Logo for IPinfo.io

Commercial

IPinfo.io

IPinfo is a leading provider of Geo-IP and ASN data

Learn More
Logo for Malware Patrol
Premium

Commercial

Malware Patrol

Malware Patrol specializes in real-time threat intelligence that protects enterprise users and valuable assets. The highly refined and continuously updated indicators identify malware/ransomware samples and distribution points, command and control (C2) servers, phishing sites, DGAs, crypto-miners and other threats.

Learn More
Logo for Proofpoint
Premium

Commercial

Proofpoint

A premium threat feed provided by Proofpoint ET Intelligence, the industry’s most timely and accurate source of threat intelligence. Dedicated threat researchers and analytics systems at Proofpoint ET Labs provide 100% originally sourced threat intelligence on malware delivery, command and control, botnets, credential phishing, ransomware and coin-mining, attack spread and exploit kits.

Learn More
Logo for Webroot

Commercial

Webroot

Webroot’s BrightCloud IP Reputation Service is powered by the Webroot® Platform, which uses a big data architecture to provide the most comprehensive and accurate threat intelligence available today, including up-to-the-minute intelligence on millions of emerging threats.This intelligence is used to block traffic from TOR nodes, proxies, botnets, and other malicious actors.

Learn More
Logo for Abuse|ch

Open Source

Abuse|ch

Enables users to easily integrate the Abuse.c Botnet SSL Command & Control Tracker into Bandura. This threat feed consists of IP addresses that are associated with malicious SSL connections used by botnet command & control servers enabling you to block infected machines from communicating with them.

Learn More
Logo for Alien Vault

Open Source

Alien Vault

OTX is one of the largest open threat intelligence communities with over 100,000 global participants contributing over 19 million threat indicators daily. OTX is free for anyone to join. Our OTX plugin enables users to easily integrate OTX threat intelligence into Bandura.

Learn More
Logo for Blocklist.de

Open Source

Blocklist.de

Blocklist.de is an open source threat feed that is based on data from servers that are often attacked via SSH-, Mail-Login-, FTP-, Webserver- and other services. Blocklist.de sees more than 70,000 attacks every 12 hours in real time.

Learn More
Logo for CINS Army

Open Source

CINS Army

The CINS Army List is a subset of the CINS Active Threat Intelligence and is based on activity from Sentinel IPS customers. It consists of IP addresses that have poor scores and have not yet been identified by the cybersecurity community as being malicious.

Learn More
Logo for Emerging Threats Block IPs

Open Source

Emerging Threats Block IPs

This is an open source block list that includes spam nets identified by Spamhaus, Top Attackers listed by DShield and Abuse.ch.

Learn More
Logo for Emerging Threats Compromised IPs

Open Source

Emerging Threats Compromised IPs

This open source block list consists of hosts that are known to be compromised by bots, phishing sites, etc, or known to be spewing hostile traffic. These are significantly infected and hostile hosts.

Learn More
Logo for Feodo Tracker

Open Source

Feodo Tracker

Feodo Tracker is an open source block list representing botnet C&C servers associated with the Feodo malware family (Dridex, Emotet/Heodo).

Learn More
Logo for Open DBL Tor List

Open Source

Open DBL Tor List

This list consists of IPs designated as Tor exit nodes. While the Tor network is not malicious itself, bad actors can use it for malicious activities.

Learn More
Logo for Talos

Open Source

Talos

Provided by Cisco Talos Intelligence Group, the IP Blacklist is automatically updated every 15 minutes and contains a list of known malicious network threats that are flagged on all Cisco Security Products.

Learn More
Logo for E-ISAC

Industry

E-ISAC

Enables energy and utility providers that are members of the Electricity Information Sharing and Analysis Center (E-ISAC) to create automated IP and domain blocklists based on industry-specific threat intelligence.

Learn More
Logo for FS-ISAC

Industry

FS-ISAC

Enables financial services organizations and other organizations that are members of the Financial Services Information Sharing and Analysis Center (FS-ISAC) to create automated IP and domain blocklists based on industry-specific threat intelligence.

Learn More
Logo for H-ISAC

Industry

H-ISAC

Enables healthcare providers that are members of the Health Information Sharing and Analysis Center (H-ISAC) to create automated IP and domain blocklists based on industry-specific threat intelligence.

Learn More
Logo for MS-ISAC

Industry

MS-ISAC

Enables state, local, tribal, and territorial government organizations that are members of the Multi-State Information Sharing & Analysis Center to create automated IP and domain blocklists based on MS-ISAC threat intelligence.

Learn More
Logo for Texas Bankers ISAO

Industry

Texas Bankers ISAO

Enables banks that are members of Texas Bankers Association ISAO to create automated IP and domain blocklists based on industry-specific threat intelligence.

Learn More
Logo for DHS CISA

Government

DHS CISA

This list comes from the Department of Homeland Security’s Cyber Information Sharing and Collaboration Program (CISCP) and consists of malicious IP indicators that have been vetted by DHS security analysts.

Learn More
Logo for Infragard

Government

Infragard

InfraGard is a partnership between the Federal Bureau of Investigation (FBI) and members of the private sector for the protection of U.S. Critical Infrastructure. Through seamless collaboration, InfraGard connects owners and operators within critical infrastructure to the FBI, to provide education, information sharing, networking, and workshops on emerging technologies and threats.

Learn More
Logo for State of Missouri SOC

Government

State of Missouri SOC

A list of malicious IPs provided by the State of Missouri’s Office of Cyber Security. This list is managed and vetted by their SOC analysts as they investigate incidents. The hosts within these lists are actively blocked within the states enterprise security stack and should be practically free of false positives. More often than not, these hosts are unknown to major security vendors at the time of the addition to the blacklists and could provide you minutes/hours of additional protection within your security defenses.

Learn More
Logo for Apple

Web Services

Apple

An automated allowed list consisting of known good IPs for Apple.

Logo for DocuSign

Web Services

DocuSign

An automated allowed list consisting of known good IPs for DocuSign’s e-signature service.

Logo for Fastly

Web Services

Fastly

An automated allowed list consisting of known good IPs for Fastly's CDN.

Logo for Github

Web Services

Github

An automated allowed list consisting of known good IPs for GitHub services.

Logo for Google

Web Services

Google

An automated allowed list consisting of known good IPs for Google services like G Suite.

Logo for Mailchimp

Web Services

Mailchimp

An automated allowed list consisting of known good IPs for Mailchimp’s marketing platform service.

Logo for Microsoft

Web Services

Microsoft

An automated allowed list consisting of known good IPs for Microsoft services. This includes four service areas: Common, Exchange, SharePoint, and Skype.

Logo for SolarWinds Pingdom

Web Services

SolarWinds Pingdom

An automated allowed list consisting of known good IPs for Pingdom servers that are used to measure website availability and performance.

Logo for SurveyMonkey

Web Services

SurveyMonkey

An automated allowed list consisting of known good IPs for SurveyMonkey.

Logo for Zoom

Web Services

Zoom

An automated list of known IPs for Zoom that users can enable as an automated allowed list or an automated blocklist.

Logo for Bulk CSV

Connectors

Bulk CSV

Logo for Domain

Connectors

Domain

This connector enables users to create automated domain denied and allowed lists by importing domains stored single line in text files located on a web server.

Logo for IPv4

Connectors

IPv4

This connector enables users to create automated IPv4 denied and allowed lists by importing IP addresses stored single line in text files located on a web server.

Logo for STIX/TAXII

Connectors

STIX/TAXII

This connector enables users to create automated IPv4 and domain denied and allowed lists by importing IP addresses and domains stored single line in text files located on a web server.

Logo for Anomali

Threat Intel Platforms

Anomali

Our Anomali integration enables mutual customers to automatically integrate IP and domain indicators from Anomali ThreatStream into the Bandura platform.

Learn More
Logo for IntSights

Threat Intel Platforms

IntSights

Our IntSights integration enables mutual customers to automatically integrate IP and domain indicators from IntSights External Threat Protection Suite into the Bandura platform.

Learn More
Logo for Recorded Future

Threat Intel Platforms

Recorded Future

Our Recorded Future integration enables mutual customers to automatically integrate IP and domain indicators from Recorded Future into the Bandura platform. This includes Recorded Future’s IP and domain-based Security Control Feeds.

Learn More
Logo for ThreatConnect

Threat Intel Platforms

ThreatConnect

Our ThreatConnect integration enables mutual customers to automatically integrate IP and domain indicators from ThreatConnect into the Bandura platform.

Learn More
Logo for ThreatQuotient IPv4 Address List

Threat Intel Platforms

ThreatQuotient IPv4 Address List

Our ThreatQ integration enables mutual customers to easily integrate and take action using threat intelligence from ThreatQ blocking connections to / from known malicious IPs and domains before they hit your network

Learn More
Logo for ThreatSTOP

Threat Intel Platforms

ThreatSTOP

Our ThreatSTOP integration enables mutual customers to automatically integrate IP and domain indicators from ThreatSTOP into the Bandura platform.

Learn More
Logo for TruStar

Threat Intel Platforms

TruStar

Our ThreatSTOP integration enables mutual customers to automatically integrate IP and domain indicators from ThreatSTOP into the Bandura platform.

Learn More
Logo for Gravwell

SIEMs

Gravwell

Bandura and Gravwell collaborated to develop the Bandura Cyber Kit for Gravwell. The Bandura Cyber Kit for Gravwell automates the process of integrating Bandura log data into the Gravwell platform and provides pre-built dashboards that visualize log activity from one or more Bandura ThreatBlockr appliances.

Learn More
Logo for IBM QRadar

SIEMs

IBM QRadar

Our Bandura IBM QRadar App automates the process of integrating Bandura log data into IBM QRadar and provides pre-built dashboards that visualize log activity from one or more Bandura ThreatBlockr appliances. The App also enables QRadar users to automatically block malicious IPs in Bandura.

Learn More
Logo for Splunk

SIEMs

Splunk

The Bandura for Splunk App automates the process of integrating Bandura log data into Splunk Enterprise and provides pre-built dashboards that visualize log activity from one or more Bandura ThreatBlockr appliances in Splunk Enterprise and Splunk Enterprise Security.

Learn More
Logo for Fortinet

SOARs

Fortinet

Fortinet secures the largest enterprises, service providers, and government organizations around the world by empowering its customers with intelligent, seamless protection across the expanding attack surface. Together, the Bandura + Fortinet integration provides a layered approach to network security that significantly strengthens cyber defense.

Learn More
Logo for Siemplify

SOARs

Siemplify

This integration enables users of Siemplify's SOAR platform to automatically integrate IP and domain indicators into the Bandura platform

Learn More

Want to Learn More? Contact Us.

Bandura Cyber welcomes your questions. Please fill out the Contact Form and a Bandura Cyber team member will reply within one business day.

Get in Touch