Improve Email Threat Protection with Abusix Guardian Intel: Now Available in ThreatStream
Abusix Guardian Intel is now available to trial and activate in the ThreatStream APP Store, enabling security teams to correlate Guardian Intel with other intelligence sources in ThreatStream.
About Abusix Guardian Intel
Abusix Guardian Intel delivers live, actionable threat data sourced from a global sensor network monitoring abuse, spam, phishing, and malware infrastructure. Guardian Intel is particularly effective for email threat protection through the identification of compromised IPs via specialized mechanisms and monitoring of high volumes of malicious email to determine responsible IPs. Key sources of data include:
- Honeypots - deceptive systems designed to attract and log malicious activity
- Spamtraps - email addresses that should never receive legitimate mail
- Sinkholes - network resources configured to capture traffic intended for malicious or defunct systems
- SMTP Transaction Feeds - real-time and batch data collected from mail server interactions
- Policy Blocklist Scanners & Welcomelists - tools that actively validate server behavior against policy expectations
- Partners, ISPs, and Customer Contributions - data provided directly from trusted partners, ISPs, and customers
While many threat intelligence providers begin from network traffic or endpoint telemetry, Abusix Guardian Intel focuses on email protection. This gives Guardian Intel early visibility into phishing campaigns, spam runs, botnet proliferation, and malware distribution infrastructure, often before it hits broader discovery. For more information, check out the Guardian Intel documentation.
Activating the Abusix Feed in ThreatStream
Activating the Abusix feed in ThreatStream allows CTI teams to correlate Guardian Intel with other active intelligence sources in ThreatStream. Anomali provides additional context about the severity/confidence of potential threats, deduplicates any indicators of compromise (IoCs) that are present in other active intelligence feeds, and can seamlessly distribute this intelligence to other security tools.
Activating the feed in ThreatStream requires an active subscription for Abusix Guardian Intel, though a free trial is available and can be requested via the ThreatStream APP Store. To enable the feed, users must click on the “Abusix Threat Intelligence” tile within the ThreatStream APP Store and submit their credentials provided by Abusix.
Get Started with Anomali ThreatStream
If you’d like to see how Anomali ThreatStream can help to contextualize, enrich, deduplicate, and distribute Abusix's Guardian Intel along with 200+ other intelligence feeds available in the ThreatStream APP Store, request a demo today.
Discover More About Anomali
Get the latest news about cybersecurity, threat intelligence, and Anomali's Security and IT Operations platform.
Propel your mission with amplified visibility, analytics, and AI.
Learn how Anomali can help you cost-effectively improve your security posture.
