Threats & Botnets
Kentik helps you find traffic from infected or compromised hosts by enriching flow records in KDE with IP reputation data from Spamhaus. The result is two dimensions, Bot Net CC and Threat List Host, that can be used to identify threats to your network such as botnet command and control (CC) servers, malware distribution points, phishing websites, spam sources, etc. (see Threat Feed Dimensions).
Kentik makes these threats known to you via the Botnet & Threat-feed Analysis page, whose visualizations illustrate the extent to which traffic on your network is associated with known risks.
More coming soon…