Our Hazard Report, a cybersecurity metrics set, provides both reactive and our highly innovative proprietary proactive approaches.
Regarding the reactive part, we continuously check the IP addresses in the most popular and trusted blacklist sites like blocklist.de, uceprotect.net and Spamhaus.
In addition, we also use our threat detection algorithms and third party sources to detect anonymisers like VPNs and Proxies.
However, the reactive approach cannot detect all the malicious services and is limited to identifying only services that are listed on these websites. It takes a substantial amount of time to detect any newly established malicious services and put them into blacklists, and until then they present a high risk to businesses.
However, noticeable, the vast majority of cyber-attacks come from hosting environments. As not many are risking their own private or corporate networks to mount attacks.
A data centre or more widely speaking hosting IP address originated activities should always be treated with great caution, for example, when placing an e-commerce order or leaving a comment on a blog.
This is where our proactive approach plays an important role.
We utilise our proprietary AI-based technology to examine every IP address globally to estimate a likelihood of the network being assigned to a hosting environment.
We provide the outcome of that assessment in the 'hostingLikelihood' data field with a value of 0 to 10.
Moreover, we also provide a metric to detect if the Autonomous System, which announced the network, is likely to be a hosting provider or not.