Listening to the internet...

This is a special post for us, it marks the release of a big feature for our platform.

For the longest time we have been scanning the internet but a little over a year ago, we decided it was time to start listening to what the internet was sending back our way.

We already had all the pieces in place, our scanner network is, in the end, a distributed system with messaging, queuing, and processing all in place. We built the listening component and let it sit for a while, receiving ips, ports and payloads; we then started to understand the potential uses for this type of data when combined with some machine learning techniques and we started to be able to answer some questions such as:

  • How long before a vulnerability is revealed that we start seeing people scan for it?

  • Are there spikes in certain ports or payloads being scanned?

  • Are there patterns in scanning ? We see sometimes certain payloads that only hit sensors in certain networks or geographic locations.

  • Can we start to automate tagging and classification of certain IP addresses based on what we see them sending onto our sensors?

Today we're happy to release access thit data set via !

We are also giving access to everyone, including free accounts, to all the functionality for a week, after that only the dashboard will remain free.

As usual, providing new tags will be part of the reward system for credits that we discussed on our previous blog.

You also have the ability to the typical searches such as tags:, country:, and free text like "wget"

You can then go into the IP address page and explore in detail the payloads sent.

On the enterprise side, this is now a realtime Data Stream that you can consume.

We hope you enjoy this new data set and features. We are looking to bring in a couple more surprises with this data set in the next few days and weeks!

To discuss with us, and have early previews, join our slack!