SLIC Threat Feed

Detect Botnets and Advanced Malware with the SLIC Threat Feed

How SLIC worksThe StealthWatch Labs Intelligence Center™ (SLIC) Threat Feed draws upon global threat intelligence to provide an additional layer of protection from botnets and other sophisticated attacks. Combined with the in-depth, internal network visibility and security context inherent in StealthWatch, the threat feed enables Lancope to uniquely provide information around the full security incident for dramatically improved risk management.

Using covert command-and-control (C&C) techniques, criminals are using infected internal systems as a launch point for conducting reconnaissance, spreading malware and stealing data to exploit and compromise entire enterprises. StealthWatch correlates flow data with global threat information from the StealthWatch Labs Intelligence Center to combine real-time data on attacks from criminal organizations with insight on suspicious network activity. Together, the two provide a more complete picture for early threat detection and fast, effective incident response.

The SLIC Threat Feed offers advanced botnet detection, continuously monitoring customer networks for thousands of known C&C servers and adding new botnets to its radar as they are identified in the wild. From there, StealthWatch generates alarms and Concern Index™ events to flag these communications for administrators so they can be swiftly mitigated.

For more information, see the SLIC Threat Feed Data Sheet.