robcowart
commented
3 years ago Currently there is not. The primary source of data was badips.com which is no longer active as of a few months ago.
There are some users who have created their own IP reputation DB. It is just a YAML file, and as long as the provided key is an IP address, and the value is a comma-separated list of tags, you can make your own from whatever source you can find.
For the all new ElastiFlow Unified Flow collector we have partnered with RiskIQ to provide a threat feed. We are just beginning to add users for that integration. If you want to try out the new collector and the RiskIQ integration, you can get started here... https://www.elastiflow.com/get-started
Hi
Is there a way to update the ip reputation database?