Reputation Center

Talos’ Reputation Center provides access to expansive threat data and related information.

IP and Domain Reputation Center

Talos’ IP and Domain Data Center is the world’s most comprehensive real-time threat detection network. The data is made up of daily security intelligence across millions of deployed web, email, firewall and IPS appliances. Talos detects and correlates threats in real time using the largest threat detection network in the world spanning web requests, emails, malware samples, open-source data sets, endpoint intelligence, and network intrusions. The Email and Web Traffic Reputation Center is able to transform some of Talos' data into actionable threat intelligence and tools to improve your security posture.

Talos File Reputation

The Cisco Talos Intelligence Group maintains a reputation disposition on billions of files. This reputation system is fed into the Cisco Secure Firewall, ClamAV, and Open-Source Snort product lines. The tools below allow you to do casual lookups against the Talos File Reputation system. This system limits you to one lookup at a time, and is limited to only hash matching.

Secure Endpoint Naming Conventions

Cisco's Secure Endpoint solutions protect organizations before, during, and after an attack. Secure Endpoint is built on an extensive collection of real-time threat intelligence and dynamic malware analytics supplied by Talos, and Cisco Secure Malware Analytics intelligence feeds. The Secure Endpoint Naming Conventions Guide provides a sample of the naming convention patterns of threats collected in Secure Endpoint to help with threat analysis. This list is not exhaustive and is subject to change at any time without notice.

Intelligence Categories

Talos, Cisco’s Security Intelligence and Research Group, constantly tracks a broad set of attributes to evaluate conclusions about a given host. The below tables contain alphabetical listings and descriptions of the standard categories used to classify website content and the standard threat categories used to classify attack types.