Network Security Research Lab at 360
Security visibility through big data
Threat Intelligence
Leader team in threat intelligence research, we are the major threat intelligence provider of ti.360.net
Threat intelligencegraph
IoCs
CertDB
Sandbox
PassiveDNS
WebDB
WhoisDB
IoCs
Our TI feeds cover Linux,IoT and Windwos platform.
228KDaily increment
58MTotally
57MTotal active iocs
PassiveDNS
We started our passive DNS project in 2014, it is the first and biggest public known PDNS system in China.
50MDaily increment
100BTotally
WhoisDB
Backed by our PDNS system, we operates one of the largest WhoisDB system.
2MDaily increment
4BTotally
300MTotal active whois
CertDB
Certificate library for almost the whole global domains , collect data from multiple different data sources.
3MDaily increment
3BTotally
WebDB
From domain to WEB, automatically crawling and analyzing WEB content, and labeling of malicious content such as gambling, pornography, fraud, etc.
50KDaily increment
3MTotally
Sandbox
Rely on 360 massive sample data and focus on network behavior data of malicious samples.
2MDaily increment
2BTotally
Threat Intelligence Graph
Integrate 360 passiveDNS, Whois, certificates, URLs, sandboxes, honeypot..etc.
Our Research
Botnet research
The worlds top botnet research team, tracking major botnet activities on a global scale
DNS Security Research
We see and analyze 240 billions of DNS requests on a daily basis, generating thousands malicious domains every day using machine leaning and various other methods, and serve more than 20 millions domestic users
240 billions DNS requests per days
Relying on 360 big data infrastructure, we analyze huge amount of DNS traffic (2.8M/second requests)
malicious domain threat feed
Combining AI algorithm with various other processes, we generate thousands of highly active malicious domains every day
Serve 20 millions Chinese users
Delivering malware domain intelligence via 360 public DNS
Commercial Products
Delivering unknown threat detecting, investigating and advanced honeypot
360 DNS Threat Analysis Platform (DTA)
In-depth detection and analysis of enterprise DNS traffic, identification of unknown threats and known threats through a large number of innovation processes, and highquality threat intelligence.
360 Anglerfish Advanced Honeypot
Advanced threat hunting honeypot system, outstanding in advanced threat attack detecting and excellent discovery capabilities of 0-day, 1-day, N-day vulnerabilities.