In January, 39,542 malicious IPs first uncovered by Augur were later confirmed by external intelligence, demonstrating Augur’s ability to detect emerging threats long before traditional sources.
While some vendors in Preemptive Cybersecurity are focused on catching simple domain typosquatting and lower-impact activity, Augur consistently preempts sophisticated, high-impact attacks, the kind that drive major headline breaches. Augur identifies deeper layers of attacker infrastructure (like C2 servers, staging environments for data exfiltration, and delivery infrastructure), the type of assets set up by state actors, ransomware gangs, and sophisticated criminal groups before an attack begins.
What Augur Saw in January
Here is a small sample of the types of threats Augur identifies and protects against:
If you aren’t already blocking these IP addresses, we highly recommend that you do so.
Malicious IPs Used in Headline Attacks
In the last few months, Augur has identified IPs and domains that were later used in major campaigns that hit the headlines. These include the recent Salesforce/Salesloft, SharePoint, and Taiwanese Semiconductor attacks.
Not all the IPs we identify hit the headlines, but the vast majority of the IPs and domains we identify are eventually used by threat actors to deploy attacks.
How Does Augur Work?
Augur uses ML-powered behavioral modeling to detect the buildup of cybercriminal infrastructure online before attacks. We identify thousands of malicious IPs, IP ranges, and domains every month. Augur identifies threats on average 60 days before they’re first reported by traditional sources. Our predictions are highly accurate, with a near-zero false-positive rate (0.01%), providing organizations using Augur with preemptive protection against cyberattacks, zero-days, and novel threats.
