Select your country

Not finding what you are looking for, select your country from our regional selector:


Complimentary access to our Threat Intelligence feed: tackle the evolving cyber threats

This summer, major international events are taking place, bringing joy and shared experiences. However, they will also lead to an upsurge in cybersecurity challenges. Orange Cyberdefense offers, for free until september, a turnkey solution to block the Command-and-Control (C2) channels used by attackers, including well-known ransomware groups such as LockBit.

Threat Intelligence is the DNA of our CERT. We collect data at all operational and strategic levels to continually enrich our Threat Intelligence.


Detect and block attacks before they cause damage

To support you in your protection strategy and fight against malicious actors, we have chosen to make our Threat Intelligence feed available free of charge. Accessible by anyone, anywhere in the world, this feed offers protection against Command-and-Control IP addresses used by attacker groups. It includes high-quality, false-positive-free server intelligence on over 45 different malware families.

Why this solution?

Threat Intelligence feed: a source of exclusive intelligence - our internal Threat Intelligence feed, providing a list of Command-and-Control (C2) server IP addresses for over 45 different types of malware, including CobaltStrike, Metasploit, Sliver, and PlugX, often used by large ransomware groups.

Access & Availability

The solution is accessible via our website during the olympics games period, to support our customers during this critical event. The proposed data feed is created and distributed using our MTI [protect] service, which provides dynamic IOC feeds built for perimeter security solutions. The indicators of compromise, in this case IP addresses linked to C2 servers, can be directly integrated into your security solutions (Check Point, Palo Alto, Fortinet or Cisco).

By filling in the form opposite, you'll receive an email with links to download the IOCs, as well as technical documentation for integrating this data stream into your firewall. Once the configuration is complete, the indicators of compromise are directly integrated into your security solution, and will be automatically updated according to the chosen policy, so as to continuously incorporate new threats: no manual updates are necessary afterwards.

Quality and Reliability

0 false positives: All IPs are pre-tested.

Information based on R&D work carried out by CERT Orange Cyberdefense experts in reverse engineering and CTI.

Benefits and Features

Proactive identification: thanks to reverse-engineering, our experts understand the language used by malware to communicate, enabling them to proactively identify C2 servers on the Internet.

Exclusive intelligence: the CERT of Orange Cyberdefense provides high-quality, exclusive and reliable intelligence.

On average, 25% of the IOCs (indicators of compromise) provided are proprietary, compared with over 400 sources integrated into our Managed Threat Intelligence service [detect].

IOCs are generally supplied 34 hours in advance, compared with our competitors in 75% of cases.

Incident Response Hotline

Facing cyber incidents right now?

Contact our 24/7/365 world wide service incident response hotline.