Threat research platform with enriched data.

See what we provide for Threat Feed & IoC Management.

Request Demo

SOCRadar’s Threat Feed & IoC Management module helps cybersecurity teams to research cyber threats with enriched data backed up by easy-to-use dashboards. Cybersecurity professionals can customize the feeds and stay up-to-date with recent threats, search for indicators-of-compromise (IoCs), and integrate with the company systems with TAXII protocol.

Threat Feed & IoC Management

Threat trends

Threat Feed & IoC Management module provides daily threat trends and indicators of the latest malicious incidents. All feeds can be filtered by source or country.

Custom collections

Custom collections allow users to collect related malicious data feeds into one place. The collections are available via the SOCRadar TAXII server that helps organizations easily exchange threat feeds.

Popular feed sources

SOCRadar gathers data from widely popular and reputable malicious feeds. With reliability metrics and details about the sources, users can see how trusted they are.

Threat actors

Attacker information is provided from many sources. SOCRadar’s dashboards provide attacker IoC information where the users can easily search or filter by source or companies.

Bad reputation

Millions of IP addresses are blacklisted due to being part of malware propagation, becoming a part of a botnet, sending malicious traffic, etc. SOCRadar’s Bad Reputation feed helps organizations to identify these IP addresses.

Hacked websites

Besides external sources, SOCRadar also owns its private hacked website feeds.

Botnets and malware

What are the IoCs for botnet and malware command and control centers? SOCRadar’s Botnets & Malware Feed provides this information for cybersecurity professionals.

APT feed

Well-organized Advanced Persistent Attack (APT) groups leave breadcrumbs behind them. These breadcrumbs help organizations identify the APT group that may target their organizations.

DDoS attackers

Denial of Service (DoS) attacks harm organizations by disrupting their operations. The IoCs provided by DDoS attackers feed give valuable information to organizations to become the next victim.


Ransomware groups threaten organizations from many different industries and, once attacked, it is very difficult to mitigate consequences. SOCRadar Ransomware feed give organizations a chance to prevent ransomware attacks.


Thousands of phishing websites targeting both customers and employees are registered every day. SOCRadar Phishing feed enables security professionals to instantly be aware of those malicious websites.

More SOCRadar modules

SOCRadar combines external attack surface management, digital risk protection, and threat intelligence capabilities to improve your security posture.