Talos’ Reputation Center provides access to expansive threat data and related information.
Talos’ IP and Domain Data Center is the world’s most comprehensive real-time threat detection network. The data is made up of over 100TB of daily security intelligence across over 1.6 million deployed Web, Email, Firewall and IPS appliances. Talos detects and correlates threats in real time using the largest threat detection network in the world spanning web requests, emails, malware samples, open source data sets, endpoint intelligence, and network intrusions. The Email and Web Traffic Reputation Center is able transform some of Talos's data into actionable threat intelligence and tools to improve your security posture.
The Cisco Talos Intelligence Group maintains a reputation disposition on billions of files. This reputation system is fed into the AMP, FirePower, ClamAV, and Open-Source Snort product lines. The tools below allow you to do casual lookups against the Talos File Reputation system. This system limits you to one lookup at a time, and is limited to only hash matching. This lookup does not reflect the full capabilities of the Advanced Malware Protection (AMP) system.
Cisco's Advanced Malware Protection (AMP) solutions protect organizations before, during, and after an attack. AMP is built on an extensive collection of real-time threat intelligence and dynamic malware analytics supplied by Talos, and AMP Threat Grid intelligence feeds. The AMP Naming Conventions Guide provides a sample of the naming convention patterns of threats collected in AMP to help with threat analysis. This list is not exhaustive and is subject to change at any time without notice.
The IP Blacklist is automatically updated every 15 minutes and contains a list of known malicious network threats that are flagged on all Cisco Security Products. This list is estimated to be 1% of the total Talos IP Reputation System.
The AWBO Exercises are practice for exploit developers to help familiarize them with Advanced Windows Buffer Overflows. The exercises include a walk-through primer to help set up the necessary environment for the exercises, guidelines, needed shellcode and cheat sheet, and four test exercises.