APT C&C Tracking
This section explains how you can view and export a list of dangerous IP addresses using the Kaspersky Threat Intelligence Portal web interface. API method for APT C&C Tracking service is also available.
APT C&C Tracking Service delivers IP addresses of infrastructure connected to advanced threats. This helps security analysts working in CERTs, National SOCs, and National Security Agencies monitoring the deployment of new malware, so that they can take the required measures to mitigate ongoing and upcoming attacks. The service is updated daily with recent findings of the Kaspersky Global Research and Analysis Team who have a proven track record in discovering APT campaigns across the world. For each IP address, there is a name of an APT group, operation, or malware it is associated with, internet service provider, and autonomous system, collection of associated IP addresses hosting information, and dates when this was first and last seen. The IP addresses can be downloaded in a machine-readable format, so you can upload it to existing security solutions to automate detection.
The table below shows comparison of available APT C&C Tracking features depending on the way you work with Kaspersky Threat Intelligence Portal.
Comparison of available APT C&C Tracking features
Feature |
Web interface |
API |
|---|---|---|
View a list of dangerous IP addresses |
|
|
Filter a list of dangerous IP addresses by date |
|
|
Filter a list of dangerous IP addresses by country |
|
|
Export a list of dangerous IP addresses |
|
|
