Get APT reports you can act on – quickly and accurately

    With APT Reports, you get:

  • Access to private, in-depth technical analysis
  • APT activity summary reports
  • A monthly summary for your C-level executives
  • Direct access to an ESET cybersecurity professional 
  • Access to our MISP server
Contact sales
APT reports sample

Putting our best research at your fingertips

Our research team is well known in the digital security environment, thanks to our award-winning We Live Security blog. Their great research and APT activity summaries are available, with much more detailed information at your disposal.

Actionable, curated content

Reports provide a great deal of context to what is going on and why. Thanks to this, organisations can prepare in advance for what might be coming. It’s not just the reports themselves – they are curated by our experts who put them in a human-readable format.

Make crucial decisions fast

All this helps organisations to make crucial decisions and provides a strategic advantage in the fight against digital crime. It brings an understanding of what is happening on the ‘bad side of the internet’ and provides crucial context, so that your organisation can make internal preparations quickly.

Access to ESET Analyst

Every customer ordering the APT Reports PREMIUM package will have also access to an ESET analyst for up to four hours each month. This provides the opportunity to discuss topics in greater detail and help resolve any outstanding issues.

In-depth analysis

The package includes in-depth technical analysis reports describing recent campaigns, new toolsets and related subjects, and activity summary reports. A monthly overview combines information from all Technical Analysis and Activity Summary reports released in the previous month into a shorter and more digestible form. 

Integrate ESET Threat Intelligence into your system

  • Integrating ESET telemetry is simple and will enrich your TIP, SIEM or SOAR.
  • We have a comprehensive API with full documentation.
  • We supply data in standardised formats - such as JSON and STIX feeds via TAXII – so that integration into any tool is possible.

We have step-by-step integration manuals for fast and easy implementation and we're continually adding others:

  • IBM QRadar
  • Anomali
  • MS Azure Sentinel
  • OpenCTI
  • ThreatQuotient

    With ESET feeds, you get:

  • Highly curated data
  • Actionable content
  • Low false positives
  • Frequent updates
  • Comprehensive API
Contact sales
Domain feed

Block domains which are considered malicious including domain name, IP address, and the date associated with them. The feed ranks domains based on their severity, which lets you adjust your response accordingly, for example to only block high-severity domains.

Botnet feed

Based on ESET's proprietary botnet tracker network, Botnet feed features three types of sub-feeds – botnet, C&C and targets. Data provided includes items such as detection, hash, last alive, files downloaded, IP addresses, protocols, targets and other information.

URL feed

Similar to Domain feed, the URL feed looks at specific addresses. It includes detailed information on data related to the URL, as well as information about the domains which host them. All the information is filtered to show only high confidence results and includes human-readable information on why the URL was flagged.

IP feed

This feed shares IPs considered to be malicious and the data associated with them. The structure of the data is very similar to that used for the domain and URL feeds. The main use-case here is to understand which malicious IPs are currently prevalent in the wild, block those IPs which are of high severity, spot those that are less severe, and investigate further, based on additional data, to see if they have already caused harm.

Trustpilot