The Nozomi Networks Threat Feed is a data feed of the latest emerging threat data from across the industry that can be used outside or independent of our Guardian and Vantage platforms with other third-party security platforms.

This data feed is comprised of Nozomi Networks' operational technology (OT) Indicators of Compromise (IOCs). It can be used by any security platform that can ingest Industry-compliant Structured Threat Intelligence eXpression (STIX 2.0) Objects. The content is hosted on Nozomi Networks Trusted Automated eXchange of Intelligence Information (TAXII) server in the cloud and can be accessed globally.

TI feeds provide information on attacks, including zero-day attacks, malware, botnets and other security threats. TI feeds are vital components of security infrastructure, which help identify and prevent security breaches. Threat intelligence can be used to implement more granular security policies, as well as to identify potential characteristics or behaviors associated with that threat. The new Threat Feed is consistent with the Nozomi Networks Threat Intelligence subscription, which is solely for use in Nozomi Networks' own Guardian and Vantage products but allows other platforms to leverage the research and intelligence on recent and emerging threat indicators and how they are spreading. It does not include more sophisticated Nozomi Networks packet rules or YARA rules. Threat Feed allows other platforms to leverage Nozomi Networks research and intelligence on recent and emerging threat indicators and how they are spreading. The feed delivers a single, unified source of data, including malicious IP addresses or URLs, new indicators of compromise (IOC) signatures, threat sources, malware hashes, and methods and tactics to gain system access, all of which can serve to accelerate incident response and enhance security operations.