ARMOR Dynamic Threat Blocking (DTB)

Find Out if Your IP Traffic Is on the Naughty or Nice list

Dynamic threat blocking (DTB)—i.e., IP Reputation Management (IPRM)—is an advanced and automated service of Armor’s threat prevention and response platform. DTB provides the threat intelligence and your team makes the call on whether to block IP addresses that we have determined to be malicious or suspicious from communicating with any layer of your network. The suspicious IP addresses are investigated by the experts in our security operations center (SOC) to determine their threat level. That threat intelligence is then added to our database, allowing it to grow dynamically.

Data Sheets

Dynamic Threat Blocking

Organizations suffer a daily barrage of cyberthreats across IP traffic, from phishing to malware, cryptojacking and cryptomining, to denial of service (DoS) attacks, among many others. Armor’s Dynamic Threat Blocking (DTB) is an IP reputation management (IPRM) service that protects your IT environment from communicating with malicious IP addresses at any layer—network, host, or application.

Amy Bakameyer Image

Amy Bakameyer

DTB protects your cloud, on-premise, and hybrid IT environments from cyberthreats delivered across IP traffic.

Botnets

A network of private computers infected with malicious software and controlled as a group without the owners’ knowledge, e.g., to send spam messages.

Phishing

The practice of obtaining personal information, such as passwords and credit card numbers, by sending emails or using fake websites to collect the information.

Cryptojacking

The unauthorized use of someone else’s computer or resources to mine cryptocurrency.

Malware

Malicious software that is intended to damage, take over, or disable computers, mobile devices, computer systems, or computer networks.

Ransomware

A type of malicious software designed to block access to a computer system until a sum of money is paid.

ARMOR DYNAMIC THREAT BLOCKING DELIVERS TRUSTED, COST-EFFECTIVE SECURITY OUTCOMES:

Enhance protection against malicious and suspicious IP addresses powered by Armor threat intelligence

Go beyond alerting to actively block inbound and outbound traffic tied to malicious and suspect IP addresses

Correlate event information with other security controls under management by Armor, picking up on potentially missed patterns and other related events

Pay only for what you use

Get access to the experts who staff our SOC and monitor your environment 24/7/365

Automate your white- and blacklisting efforts easily through our available API, which provides multi-layer connectivity and simple integration

Receive access to threat intelligence continuously amassed and curated by the Armor Threat Resistance Unit (TRU), our elite threat hunting team

WHY USE ARMOR

Check out why customers trust Armor for threat detection, incident response, and compliance management.

ACTIVE THREAT BLOCKING FOR ANY ENVIRONMENT

Use Cases

DYNAMIC THREAT BLOCKING FOR YOUR ON-PREMISE ENVIRONMENT

Armor DTB can assist financial services firms in protecting their clients’ sensitive cardholder and financial information. DTB provides an extra layer of protection against traffic from in- and outbound suspect and malicious IP addresses. It identifies cardholder transaction attempts tied to a suspect IP address and blocks their connection. It stops suspect communications to the firm’s remaining entities and offices, while monitoring outgoing communications to ensure no systems within the environment are already in contact with malicious IP addresses. An unintentional, yet highly beneficial, outcome is helping the firm reach its compliance goals (e.g., PCI DSS).

DYNAMIC THREAT BLOCKING FOR YOUR CLOUD WORKLOADS

Consider the benefit of Armor’s DTB in the protection of sensitive data for a software-as-a-service (SaaS) provider that caters to the healthcare industry. Our DTB can identify incoming malicious and suspect IP addresses and block them before they can have an impact on the SaaS application deployed in the cloud (i.e., Azure, AWS, Google, etc.). The provider gets enhanced protection from threats—well beyond its own capabilities—with no manual intervention required by staff. And, as mentioned before, one of the outcomes is helping companies become compliant with laws such as HIPAA.

How it works

The Armor DTB service gives you access to Armor’s threat intelligence and an extensive database of malicious IP addresses to strengthen your security defenses. Using Armor’s API, integrate protection from malicious or suspicious IP addresses at the network, host, or application layer to enhance your white- and blacklisting efforts, while reducing the burden on your team to collect and investigate suspicious IP addresses.

Powered By Spartan

Armor’s DTB is powered by the industry’s leading threat prevention and response platform. Our platform integrates advanced analytics, global threat intelligence, and continuous response capabilities into a single solution that bolsters your defenses, uncovers hidden threats, and prevents security breaches. Customers can tap into the power and value of Armor’s platform through the Armor Management Portal (AMP).

PROTECT YOUR NETWORK, HOSTS AND APPLICATIONS FROM MALICIOUS IP ADDRESSES, ANYTIME, ANYWHERE

Armor DTB is designed to allow security teams to identify and automatically block both incoming and outgoing suspect and malicious IP traffic at any layer of their IT ecosystem.

Get Started