Bandura Platform Integrations

With over 50 Integrations, the Bandura Platform Puts Best-in-Class Intelligence at Your Fingertips

Our Integrations Range from Over 30M Out-of-the-Box Threat Indicators Premium Threat Intelligence Feeds Available as Add-Ons Built-In Integrations to the World's Best Threat Intelligence Providers Common Connectors to Integrate and IP or Domain-Based Source

Logo for DomainTools

Out of the Box

DomainTools

DomainTools is a leader in domain name and DNS-based cyber threat intelligence. Bandura offers a malicious domain blocklist powered by DomainTools. This block list protects users from phishing, malware, and spam threats. The list typically has over 20 million domain indicators that have DomainTools Risk Scores of 99 and higher out of 100.

Learn More
Logo for Webroot

Out of the Box

Webroot

Webroot’s BrightCloud IP Reputation Service is powered by the Webroot® Platform, which uses a big data architecture to provide the most comprehensive and accurate threat intelligence available today, including up-to-the-minute intelligence on millions of emerging threats.This intelligence is used to block traffic from TOR nodes, proxies, botnets, and other malicious actors.

Learn More
Logo for Blocklist.de

Out of the Box

Blocklist.de

Blocklist.de is an open source threat feed that is based on data from servers that are often attacked via SSH-, Mail-Login-, FTP-, Webserver- and other services. Blocklist.de sees more than 70,000 attacks every 12 hours in real time.

Learn More
Logo for ET Block IPs

Out of the Box

ET Block IPs

This is an open source block list that includes spam nets identified by Spamhaus, Top Attackers listed by DShield and Abuse.ch.

Learn More
Logo for ET Compromised IPs

Out of the Box

ET Compromised IPs

This open source block list consists of hosts that are known to be compromised by bots, phishing sites, etc, or known to be spewing hostile traffic. These are significantly infected and hostile hosts.

Learn More
Logo for Feodo

Out of the Box

Feodo

Feodo Tracker is an open source block list representing botnet C&C servers associated with the Feodo malware family (Dridex, Emotet/Heodo).

Learn More
Logo for Open DBL Tor List

Out of the Box

Open DBL Tor List

This list consists of IPs designated as Tor exit nodes. While the Tor network is not malicious itself, bad actors can use it for malicious activities.

Learn More
Logo for Talos IP RBL

Out of the Box

Talos IP RBL

Provided by Cisco Talos Intelligence Group, the IP Blacklist is automatically updated every 15 minutes and contains a list of known malicious network threats that are flagged on all Cisco Security Products.

Learn More
Logo for COVID-19-DomainTools

Out of the Box

COVID-19-DomainTools

This domain blocklist is a curated list of high-risk COVID-19-related domains identified by DomainTools.

Learn More
Logo for CINS Army List

Out of the Box

CINS Army List

The CINS Army List is a subset of the CINS Active Threat Intelligence and is based on activity from Sentinel IPS customers. It consists of IP addresses that have poor scores and have not yet been identified by the cybersecurity community as being malicious.

Learn More
Logo for DHS Information Sharing

Out of the Box

DHS Information Sharing

This list comes from the Department of Homeland Security’s Cyber Information Sharing and Collaboration Program (CISCP) and consists of malicious IP indicators that have been vetted by DHS security analysts.

Learn More
Logo for State of Missouri SOC

Out of the Box

State of Missouri SOC

A list of malicious IPs provided by the State of Missouri’s Office of Cyber Security. This list is managed and vetted by their SOC analysts as they investigate incidents. The hosts within these lists are actively blocked within the states enterprise security stack and should be practically free of false positives. More often than not, these hosts are unknown to major security vendors at the time of the addition to the blacklists and could provide you minutes/hours of additional protection within your security defenses.

Learn More
Logo for Microsoft

Out of the Box

Microsoft

An automated allowed list consisting of known good IPs for Microsoft services. This includes four service areas: Common, Exchange, SharePoint, and Skype.

Logo for Google

Out of the Box

Google

An automated allowed list consisting of known good IPs for Google services like G Suite.

Logo for Github

Out of the Box

Github

An automated allowed list consisting of known good IPs for GitHub services.

Logo for Pingdom

Out of the Box

Pingdom

An automated allowed list consisting of known good IPs for Pingdom servers that are used to measure website availability and performance.

Logo for Zoom

Out of the Box

Zoom

An automated list of known IPs for Zoom that users can enable as an automated allowed list or an automated blocklist.

Logo for DocuSign

Out of the Box

DocuSign

An automated allowed list consisting of known good IPs for DocuSign’s e-signature service.

Logo for Mailchimp

Out of the Box

Mailchimp

An automated allowed list consisting of known good IPs for Mailchimp’s marketing platform service.

Logo for Apple

Out of the Box

Apple

An automated allowed list consisting of known good IPs for Apple.

Logo for SurveyMonkey

Out of the Box

SurveyMonkey

An automated allowed list consisting of known good IPs for SurveyMonkey.

Logo for Abuse.ch

Out of the Box

Abuse.ch

Enables users to easily integrate the Abuse.c Botnet SSL Command & Control Tracker into Bandura. This threat feed consists of IP addresses that are associated with malicious SSL connections used by botnet command & control servers enabling you to block infected machines from communicating with them.

Learn More
Logo for Proofpoint Emerging Threats IP Reputation

Premium Add-On

Proofpoint Emerging Threats IP Reputation

A premium threat feed provided by Proofpoint ET Intelligence, the industry’s most timely and accurate source of threat intelligence. This IP Reputation feed combines actionable information, including up-to-the minute IP reputation from a database of globally observed threats and malware analysis. Dedicated threat researchers and analytics systems at Proofpoint ET Labs provide 100% originally sourced threat intelligence on malware delivery, command and control, botnets, credential phishing, ransomware and coin-mining, attack spread and exploit kits.

Learn More
Logo for Proofpoint Emerging Threats Domain Reputation

Premium Add-On

Proofpoint Emerging Threats Domain Reputation

A premium domain blocklist powered by Proofpoint ET Intelligence, the industry’s most timely and accurate source of threat intelligence. This blocklist is derived from Proofpoint ET Intelligence’s Domain Reputation feed.

Learn More
Logo for Anomali

Integrations

Anomali

Our Anomali integration enables mutual customers to automatically integrate IP and domain indicators from Anomali ThreatStream into the Bandura platform.

Learn More
Logo for IntSights

Integrations

IntSights

Our IntSights integration enables mutual customers to automatically integrate IP and domain indicators from IntSights External Threat Protection Suite into the Bandura platform.

Learn More
Logo for Recorded Future

Integrations

Recorded Future

Our Recorded Future integration enables mutual customers to automatically integrate IP and domain indicators from Recorded Future into the Bandura platform. This includes Recorded Future’s IP and domain-based Security Control Feeds.

Learn More
Logo for ThreatConnect

Integrations

ThreatConnect

Our ThreatConnect integration enables mutual customers to automatically integrate IP and domain indicators from ThreatConnect into the Bandura platform.

Learn More
Logo for ThreatSTOP

Integrations

ThreatSTOP

Our threatstop integration enables mutual customers to automatically integrate IP and domain indicators from threatstop into the Bandura platform.

Learn More
Logo for ThreatQuotient IPv4 Address List

Integrations

ThreatQuotient IPv4 Address List

Our ThreatQ integration enables mutual customers to easily integrate and take action using threat intelligence from ThreatQ blocking connections to / from known malicious IPs and domains before they hit your network

Learn More
Logo for Fortinet | Enterprise Security Without Compromise

Integrations

Fortinet | Enterprise Security Without Compromise

Fortinet secures the largest enterprises, service providers, and government organizations around the world by empowering its customers with intelligent, seamless protection across the expanding attack surface. Together, the Bandura + Fortinet integration provides a layered approach to network security that significantly strengthens cyber defense.

Learn More
Logo for IBM QRadar

Integrations

IBM QRadar

Our Bandura IBM QRadar App automates the process of integrating Bandura log data into IBM QRadar and provides pre-built dashboards that visualize log activity from one or more Bandura ThreatBlockr appliances. The App also enables QRadar users to automatically block malicious IPs in Bandura.

Learn More
Logo for Splunk

Integrations

Splunk

The Bandura for Splunk App automates the process of integrating Bandura log data into Splunk Enterprise and provides pre-built dashboards that visualize log activity from one or more Bandura ThreatBlockr appliances in Splunk Enterprise and Splunk Enterprise Security.

Learn More
Logo for Gravwell

Integrations

Gravwell

Bandura and Gravwell collaborated to develop the Bandura Cyber Kit for Gravwell. The Bandura Cyber Kit for Gravwell automates the process of integrating Bandura log data into the Gravwell platform and provides pre-built dashboards that visualize log activity from one or more Bandura ThreatBlockr appliances.

Learn More
Logo for AlienVault Open Threat Exchange (OTX)

Integrations

AlienVault Open Threat Exchange (OTX)

OTX is one of the largest open threat intelligence communities with over 100,000 global participants contributing over 19 million threat indicators daily. OTX is free for anyone to join. Our OTX plugin enables users to easily integrate OTX threat intelligence into Bandura.

Learn More
Logo for IP2Proxy

Integrations

IP2Proxy

This plugin enables users of IP2Location’s IP2Proxy data feed to integrate this threat intelligence into the Bandura platform. IP2Proxy provides protection from Anonymizing VPN services, TOR Exit Nodes, Public Proxies, and Web Proxies.

Learn More
Logo for E-ISAC

ISAC/ISAO

E-ISAC

Enables energy and utility providers that are members of the Electricity Information Sharing and Analysis Center (E-ISAC) to create automated IP and domain blocklists based on industry-specific threat intelligence.

Learn More
Logo for FS-ISAC

ISAC/ISAO

FS-ISAC

Enables financial services organizations and other organizations that are members of the Financial Services Information Sharing and Analysis Center (FS-ISAC) to create automated IP and domain blocklists based on industry-specific threat intelligence.

Learn More
Logo for H-ISAC

ISAC/ISAO

H-ISAC

Enables healthcare providers that are members of the Health Information Sharing and Analysis Center (H-ISAC) to create automated IP and domain blocklists based on industry-specific threat intelligence.

Learn More
Logo for MS-ISAC

ISAC/ISAO

MS-ISAC

Enables state, local, tribal, and territorial government organizations that are members of the Multi-State Information Sharing & Analysis Center to create automated IP and domain blocklists based on MS-ISAC threat intelligence.

Learn More
Logo for Basic IPv4 Address List

Connector

Basic IPv4 Address List

This connector enables users to create automated IPv4 denied and allowed lists by importing IP addresses stored single line in text files located on a web server.

Logo for STIX/TAXII IPv4 Address List

Connector

STIX/TAXII IPv4 Address List

This connector enables users to create automated IPv4 denied and allowed lists by importing IP addresses stored single line in text files located on a web server.

Want to Learn More? Contact Us.

Bandura Cyber welcomes your questions. Please fill out the Contact Form and a Bandura Cyber team member will reply within one business day.

Get in Touch