When you think of IT attacks, you may think of targeted attacks against a company. But a large part of attacks are attackers going from company to company, from server to server, trying to attack everything they can in the hopes of gaining access somewhere, or just to inconvenience and disrupt. These attackers cast a broad net and often reappear across different companies.
To help combat this type of attack, Syspeace has developed the Global Blocklist. Here’s how it works.
The Syspeace Global Blocklist turns detection in one place into pre-emptive blocking in many other places. All Syspeace customers benefit from seeing the combined effort across all Syspeace servers.
Because it is based on real, recently detected intrusion attempts, the Global Blocklist is relevant. Because it includes the IP addresses that are most worth blocking up front right now and excluding attackers that were active last week but aren’t active now, the Global Blocklist is agile. Because it is based on intrusion attempts across multiple customers and multiple servers, it is also highly unlikely to contain false positives.
Syspeace Realtime Blocklist packages a large blocklist based on a wider and longer term look at the same information, for use in a firewall or other external system via our API.