Learn How to Identify Cyberthreats and Stop Bad Traffic – Both Inbound and Outbound

Neustar has just launched UltraThreat Feeds. This new service provides near-real-time threat data to help you identify and stop cyberthreats before they can do damage to your organization.

UltraThreat Feeds help you identify:

  • Malicious DGAs: When domains are created by algorithms in malware and enable infected hosts to connect back to command and control servers (C2)
  • Suspicious DNS Tunneling Attempts: When domains leverage the DNS protocol to create a “tunnel” to exfiltrate data past your security measures
  • Newly Observed/Published/Recently Deactivated Domains: When a newly observed domain with little or no history, or when a deactivated domain suddenly becomes active
  • Domain Updates (Nameserver or Hosting IP Address): When there are indications that a domain has been hijacked
  • Anonymous Proxies: Identification of proxies to uncover users who are attempting to hide their location and/or activity

Neustar’s UltraThreat Feeds service is informed by our own unique data assets, including DNS data exhaust collected from the more than 100 billion queries we receive from 30 globally distributed nodes every day. With insight gained from our globally distributed authoritative and recursive DNS network, Neustar OneID, IP Intelligence geolocation and risk data, we provide a powerful proprietary view of global threats to help you identify and stop bad traffic. 

Let Neustar help you keep your organization safe from threats hiding in the shadows.



We use cookies to optimize your experience, enhance site navigation, analyze site usage, assist in our marketing efforts. Privacy Policy