This week, we’ve launched our new musubu.io site to showcase our IP address API that comes with our practical cyber threat information. With Musubu, network analysts, engineers, and cybersecurity professionals now have an easy way to gather needed network information by IP Address and, at the same time, get actionable info they can use on potential cyber risks. If you’re already using Shodan as a part of your security routine, you’ll find Musubu a great complement to the data you get from their valuable service.

So what does Musubu give you?

  • “Threat Potential” Score
  • Malicious Activity Indicators
  • Types of Malicious Activity
  • Total Measurement of Malicious Activity
  • ISP Name, Network Type, and Group
  • Network Location

It’s great for instantly finding out:

  • Network Information by IP Address
  • How Trustworthy is a Network
  • How Secure Are My Endpoints
  • Location & Registration Info
  • ISP Information

As well, Musubu is different in that it provides enriched information designed to give you a sense of vulnerabilities or threats posed by a network. Also, it ‘s not a simple threat aggregation engine matching IP addresses like many of the solutions available today but is focused on the network of origin in context as well as what threat is posed by the subnet and broader environment of origin.

As such, it helps with other key tasks such as:

False Positive Reduction: A false positive is an error in data reporting in which an IP is incorrectly identified as a potential threat entity. Through “vetted source” analysis and machine learning analytics, Musubu has demonstrated a 40 – 75% reduction in false positives, thus providing a greatly enhanced ability to quickly filter out irrelevant data and increase analyst efficiency. Instead of the traditional single index model used to determine “probability of badness,” the Musubu score is based on three separate scoring indexes: previous observations, the imminent threat posed by past observations, and the network environment itself.

These are measured in the API results via:

threat_potential_score_pct – Numeric threat score between 0-100. The Score is calculated using “blacklist class”, “blacklist neighbors”, number of recent observations and country of origin.

threat_classification – Classification derived from “threat potential score pct”

High – Threat score >70
Medium – Threat score from >40 but
<70
Low – Any IP unlisted with a threat score <20
Nuisance – Threat score
<40

blacklist_class – Field classifying the specific threat vector that has been identified. Contains one of the following values: apache, blacklisted, botnet, botnetcnc, brute force, compromised, ftp, http, imap, mail, malware, phishing, ransomware, shunned, sips, ssh, TOR, worm, zeus

blacklist_class_cnt – Field providing the number of sources which have identified the address as malicious.

blacklist_network_neighbors – Field providing the number of addresses present on the same subnet which have been identified as malicious.

blacklist_observations – Field providing the number of observations (of this IP) in the last 90 days.

Go ahead and give it a try for free today. Just head to our main page, submit your valid email and follow the instructions in your email. We think you’ll make Musubu a part of your daily network security routine.

Got questions? Contact us now.

 

About the Author

Wayne Wheeles

Wayne Wheeles is a serial entrepreneur and is most recently the CEO of Release 2 Innovations LLC. Seasoned by over two decades of experience and results in network forensics, insider threat detection, and information security, Wayne’s work spans multiple disciplines and several technology-related industries. Wayne is a proven practitioner with extensive hands-on experience in the fields of network security thought leadership, client implementation stewardship, and product development direction. Prior to establishing Release 2 Innovations, Wayne served as an industry thought leader who built three of the top cybersecurity practices in the Commercial and Federal industries. Wayne continues to serve as a developer, practitioner, and liaison between commercial and federal clients with the development and sales teams. Wayne has served in a variety of roles and has been recognized for developing and delivering solutions which have yielded measurable results for clients. He has been independently identified and recognized as a thought leader in big data, analytics, and cybersecurity. His merits would include being a member of the Cloudera Champions of Big Data and in consideration for the President’s Council on Cybersecurity. He is a tireless serial entrepreneur who has repeatedly built "future proof" process-oriented commercial and federal cybersecurity teams.

Contact Me