How It Works

ThreatSTOP's technology lives in the cloud and provides a list of active bad IP addresses to your existing firewalls that is updated in near real time via a patented distribution mechanism. When a Bot or other malware attempts to "call home," ThreatSTOP prevents this from happening by blocking the communication to the criminals' computers.

ThreatSTOP's detection engine maintains an active database of untrustworthy
IP addresses
The current ThreatSTOP database is downloaded onto your firewall regularly.
Malware makes an attempt to "call home."
Bad IP addresses are blocked by your firewall preventing communication.
Since there is no possibility of communication, the criminals in the outside world are unable to see the network.
The firewall sends its logs back to ThreatSTOP resulting in:
  • Intelligent actionable reports showing infected internal hosts for easy remediation.
  • A closed-loop system where each user becomes part of a defense community by sharing the collected data.