Skip to content
Close
SEARCH
Contact
Contact
Whalebone
products
Our user-centric, no-installation security products provide people across the globe with an uninterrupted digital life, free from the fear of emerging threats.
Aura menu-min
Immunity menu picture-min
Peacemaker menu picture-min
Can’t find what you are looking for? Contact us

Whalebone Threat Intelligence: Real-Time Protection Powered by Unparalleled Insights

Our Unmatched Local, Regional, and Global Insights


Cyber threats evolve by the second. New attack vectors, malware strains, and phishing campaigns target everything from individual users to national infrastructures – so we know that you need more than just static threat feeds or bulk updates.

Built on visibility into DNS traffic across hundreds of networks (including telcos and ISPs), continuously refined by machine learning and collaboration with academic research institutions, and validated by independent testing, Whalebone’s Threat Intelligence is the AI-powered foundation of protective DNS (PDNS) for millions of users worldwide – across governments, telcos, ISPs, and other enterprises responsible for critical infrastructure.

Get a copy of our Threat Intelligence White Paper

Take a deep dive into the threat intelligence engines that provide superior protection to millions of users globally.

threat-intelligence-banner-lp (1)
Threat Intelligence White Paper

Comprehensive Threat Intelligence for Unmatched Protection

TI dlaždice 1-min

Best Combination of Sources

We combine our own proprietary research, telemetry from hundreds of networks, and trusted global feeds to ensure complete, continuously updated coverage.

TI dlaždice 2-min

Unique Position

With the highest number of telco consumer cybersecurity deployments on the market and hundreds of global ISP and enterprise customers, we have visibility into enormous volumes of live Internet traffic.

TI dlaždice 3-min

Tireless Pursuit of  Excellence

We continuously fine-tune our algorithms as we see changes in real-world traffic patterns. Each refinement reduces false positives and enhances detection precision – to give us among the lowest false positive rates on the market.

TI dlaždice 4-min

Artificial Intelligence

We collaborate with leading academic and research institutions to develop advanced AI and machine learning models for detecting anomalies and previously unseen attack behaviors.

TI dlaždice 5-min

Real-Time Updates

Instead of waiting for batch data imports, we propagate every verified update instantly across our Whalebone DNS Resolvers, keeping users protected at all times.

TI dlaždice 6-min

Regional Threat Intelligence

We work directly with CERTs, national agencies, and local telco teams, and others to identify region-specific threats, to ensure the best regional Threat Intelligence on the market.

Whalebone Threat Intelligence Performance

To ensure the highest quality of our Threat Intelligence, we continuously benchmark Whalebone’s Threat Intelligence against global cybersecurity vendors using impartial, independently verified data.

In collaboration with AV-TEST GmbH, an independent German research institute for IT security, our systems consistently achieve superior detection accuracy and minimal false positives – validating the reliability of our approach – and our continuous performance testing ensures the highest standards for protection and quality.

 

UVOZOVKY
Whalebone is continuously delivering reliable protection with a near-perfect false positive rate.

AV test logo 1

 

Aura CTA background-min

Read a detailed benchmarking report here.

Read now

FAQ

What is Threat Intelligence?
  • Threat Intelligence consists of collecting, analyzing, and interpreting data about current and potential cyber threats. This information is used to understand and anticipate cyberattacks. It enables proactive defense measures, allowing organizations and individuals to stay one step ahead of attackers and mitigate risks before they cause harm. In essence, threat intelligence transforms raw data into meaningful information that enhances cybersecurity readiness and response.
How often do you update the threat intelligence database?
  • We update our threat intelligence database in real time. Our systems continuously analyze data and propagate updates instantly to ensure the most current protection against new and evolving threats.
How would your Threat Intelligence target local threats in our country?
  • We collaborate with regional experts, such as local CERTs and internal security teams of telcos, to enhance our understanding of localized threats. This allows us to tailor our threat intelligence to address specific regional threats effectively.
How do you score the domains?
  • We use a combination of network traffic analysis, machine learning, metadata and historical data to evaluate the maliciousness of domains. Our scoring algorithms consider various factors to determine whether a domain should be blocked, ensuring high accuracy with minimal false positives.
Do you have honeypots or your own telemetry?
  • Both. We use our own telemetry and deploy honeypots to gather data on potential threats. This proactive approach helps us detect and analyze malicious activities before they can impact the end-customers.
Do you work with user traffic? Anonymized or full?
  • We analyze anonymized user traffic to ensure privacy while still gathering valuable data for threat detection. This approach helps us enhance our threat intelligence without compromising user confidentiality.
What does the "AI" in your detection engine do?

  • Our AI-driven detection engine leverages machine learning and neural networks to identify and predict threats more efficiently than traditional methods. It mimics human analysis, evaluates domain behavior, and predicts future malicious activities to stay ahead of cybercriminals. You can read more about our AI modules in our Threat Intelligence White Paper.
Do you cluster botnets/campaigns?
  • Yes, we identify and cluster related botnets, phishing and malware campaigns.. By understanding these connections, we can more effectively combat coordinated attacks and disrupt the operations of cybercriminal networks.
Can you stop newly observed domains? How?
  • Our system can block newly observed unknown domains in real time by analyzing patterns, metadata, and behaviors that are indicative of malicious activity. Our algorithms and AI models assess these factors to prevent potential threats proactively.
How is this better than a PiHole?

  • While PiHole blocks ads and known malicious domains, Whalebone's Threat Intelligence offers advanced, real-time threat detection, machine learning capabilities, and regional threat analysis. Our solution provides a more comprehensive approach to cybersecurity than traditional methods, protecting against a wider range of threats with greater accuracy and up-to-date intelligence. Moreover, our products focus on user-centricity that allows mass adoption globally and hence protection of millions of everyday Internet users, while usage of tools such as PiHole is limited to more experienced users.

 

Application Whalebone Product Powered by Whalebone Threat Intelligence to...

Telcos

Aura

Secure millions of subscribers with network-based protection driven by live global threat data.

ISPs

Peacemaker

Strengthen DNS-layer defense and reduce attack surface using continuously updated intelligence feeds.

Critical Infrastructure Enterprises

Immunity

Safeguard essential systems against emerging and targeted cyber threats through predictive detection.

Government & Public Sector

DNS4GOV

Provide sovereign, resilient DNS protection tailored to national and public-sector needs.

EU Public Service

DNS4EU

Support Europe’s digital sovereignty initiative with privacy-respecting, real-time threat blocking.

 

Learn More

If you want to learn more about Whalebone's unique approach to local, regional, and global threat intelligence, the following resources can take you deeper:

 

We are thrilled with the performance of Whalebone Threat Intelligence. Our team has witnessed a number of instances where the service has quickly and effectively prevented phishing campaigns.”
 
–Pelle Jensen | Security Analyst, Nuuday

 

Would you like to discuss our Threat Intelligence with an expert?


 

threat-intelligence@whalebone.io

#ConnectedMeansProtected