​ThreatSTOP is a network security company offering a cloud-based threat protection service that protects every device and workload on a network from cyberattacks and data theft. It can protect any network, from virtual cloud networks to branch LANs to the largest carrier networks. The service leverages market-leading threat intelligence to deflect inbound and outbound threats, including botnet, phishing and ransomware attacks, and prevents data exfiltration. 

DNS Defense Cloud

ThreatSTOP’s DNS Defense Cloud is a cloud-based DNS security solution that blocks threats before they reach your network. It deploys in under five minutes with no additional hardware or software required, providing immediate security benefits while ensuring regulatory compliance.

How It Works:

  • Threat Intelligence: Powered by over 1,000 curated threat feeds and 25 million active indicators, DNS Defense Cloud provides industry-leading protection against malware, phishing, and data exfiltration.
  • Automated Policy Updates: Threat intelligence is continuously updated and enforced through your DNS firewall, blocking harmful communications before damage occurs.
  • Advanced Reporting & Visibility: Gain full insight into blocked DNS queries, threat categories, and infected devices to streamline remediation.
  • Seamless Integration: Works with existing security tools, from SIEM to NGFW, to enhance network visibility and control.

By disrupting attackers' ability to communicate, DNS Defense Cloud ensures proactive security across all users and devices, reducing malware-related help desk tickets by 90% and allowing IT teams to focus on critical tasks.

IP Defense

ThreatSTOP’s IP Defense provides automated, cloud-controlled protection for routers, firewalls, switches, load balancers, and IDPS. Powered by over 1,000 real-time threat intelligence feeds, it proactively blocks malicious IPs before they can breach your network, preventing unauthorized communication with threat actors.

  • Preemptive Threat Blocking: Instantly drop or redirect malicious IPs or entire CIDR ranges to neutralize threats before they cause harm.
  • Continuous Threat Intelligence Updates: 24/7 policy enforcement ensures your security is always up to date with human- and machine-curated feeds.
  • Automated Security Gateways: Transform your IP-based devices into active security layers, stopping ransomware, phishing, and DDoS attacks.
  • Advanced Visibility & Reporting: Gain insight into blocked threats, identify infected hosts, and analyze network security through SIEM integrations.

By preventing malware from communicating with command-and-control servers and reducing attack surface visibility, IP Defense strengthens your network security while minimizing endpoint infections and operational disruptions.

DNS Defense Roaming

DNS Defense Roaming (formerly known as MyDNS) brings enterprise-grade DNS security to individual endpoints, ensuring seamless protection on and off the corporate network. This lightweight agent for Windows and macOS enforces DNS policies locally, keeping requests private and eliminating reliance on VPNs or unsecured Wi-Fi. With advanced threat intelligence, real-time reporting, and seamless scalability, DNS Defense Roaming provides powerful, efficient security for remote workers, branch offices, and roaming devices—without compromising performance.

CheckIOC Subscription

Enhance your cybersecurity research with CheckIOC, a powerful, cloud-based tool designed for ease of use and rapid deployment. Built on a vast database with over 24 million indicators of compromise (IoCs), CheckIOC provides passive DNS and metadata analysis to strengthen your security posture.

Key Features:

  • Comprehensive Threat Intelligence – Continuously updated database for real-time threat coverage.
  • Cloud-Based & Fast Deployment – No new hardware or software needed; set up in under an hour.
  • Customizable Security Policies – Tailor block and allow lists for adaptable protection.
  • User-Friendly Interface – Access directly or automate checks with an optional API service.

Protect your network with enterprise-grade threat intelligence—integrate CheckIOC seamlessly into your security workflow today.


ThreatSTOP Managed Rules for AWS WAF

ThreatSTOP’s Managed Rules for AWS WAF deliver real-time, continuously updated threat intelligence to protect web applications from malicious traffic. Designed to block attacks before they can exploit vulnerabilities, ThreatSTOP’s AWS WAF solutions enhance security by leveraging curated intelligence feeds and automated enforcement.

How It Works:

  • Comprehensive Threat Intelligence: Aggregates data from over 800 curated threat feeds, providing dynamic protection against emerging threats.
  • Targeted Protection: Offers specialized rule sets to defend against HTTP-based attacks, malicious bots, compliance risks (ITAR & OFAC), and core cyber threats.
  • Automated Updates: Ensures policies are continuously refreshed with the latest threat indicators, reducing manual intervention.
  • Seamless AWS Integration: Deploys natively within AWS WAF for effortless protection without additional hardware or software.
  • Actionable Security Insights: Provides detailed logging and reporting to help security teams identify, analyze, and respond to threats effectively.

By leveraging ThreatSTOP Managed Rules, organizations can proactively mitigate risks, enhance compliance, and ensure web application security without added complexity.

 

ThreatSTOP ThreatLIST SIEM Integration

ThreatSTOP’s ThreatLIST provides powerful SIEM enrichment, enabling security, network, and incident response teams to enhance threat detection, forensic analysis, and correlation of network activity. By integrating real-time threat intelligence into SIEM platforms like Splunk, QRadar, ArcSight, and LogRhythm, ThreatLIST helps organizations identify and mitigate threats more efficiently.

How It Works:

  • Comprehensive Threat Intelligence: Continuously updated database of malicious IP addresses and domains, delivering critical context on potential threats.
  • Seamless SIEM Integration: Enriches SIEM logs with curated threat data, improving detection and response capabilities.
  • Customizable Threat Feeds: Select security policy categories relevant to your environment to tailor threat intelligence to your needs.
  • Advanced Forensic Capabilities: Correlates network traffic with known indicators of compromise (IOCs) for improved attack attribution and analysis.
  • DDoS ThreatLIST Feature: Provides dedicated IP threat intelligence to detect and mitigate DDoS attack sources.

With ThreatSTOP ThreatLIST, organizations gain actionable intelligence to strengthen security posture, streamline incident response, and proactively defend against emerging threats.


ThreatSTOP API

ThreatSTOP offers two REST APIs—Platform API and Partner API—to provide seamless integration for account configuration, policy management, and automated provisioning. These APIs enable customers and partners to streamline security operations, manage ThreatSTOP services programmatically, and enhance automation.

ThreatSTOP Platform API

The ThreatSTOP Platform API allows customers to manage their security configurations through an automated interface, mirroring the functionality of the ThreatSTOP Admin Portal.

Key Features:

  • Account Management: Configure global settings, users, and roles.
  • Device & Policy Management: Automate the configuration of security policies and device settings.
  • Custom Lists: Define and update custom block and allow lists.
  • SIEM Integration: Manage security event settings for log correlation and analysis.
  • Check IOC Feature: Query real-time threat intelligence for IPs and domains.

Seamless Admin Portal Integration: Any changes made through the API are immediately reflected in the ThreatSTOP Admin Portal and vice versa.

ThreatSTOP Partner API

The ThreatSTOP Partner API is designed for ThreatSTOP partners to provision and manage end-user accounts efficiently. This API is independent from the Platform API and is used for account creation, subscription management, and feature provisioning.

Key Features:

  • End-User Account Provisioning: Create and manage customer accounts.
  • Subscription Management: Assign and update product SKUs based on contract terms.
  • Real-Time Synchronization: Accounts and features are reflected in the ThreatSTOP Platform within seconds.
  • Flexible Deployment: Use the API or the web-based ThreatSTOP Partner Portal for account provisioning.

Use Cases:

  • Platform API: Organizations looking to automate security settings, device configurations, and policy enforcement.
  • Partner API: MSPs, resellers, and distributors managing multiple end-user accounts and service subscriptions.

With ThreatSTOP’s APIs, customers and partners can enhance automation, improve operational efficiency, and maintain real-time control over their security configurations.

 

Sorry. There no results for your search at this time. If you feel you have received this in error, please call 800.262.4DLT (4358) or visit https://www.tdsynnex.com/na/us/td-synnex-public-sector/contracts/.