ELLIO: Threat List/Feed

Real-time streaming updates

ELLIO: Feed | Threat Info for your IP API
ELLIO: Threat List | External threat list tailored to each network perimeter

ELLIO: Threat List/Feed compared to open IP lists

The matrix displays IP Threat Lists overlap, showing the shared entry percentages. For example, CESNET Medium Confidence list shares 6% of addresses with ELLIO Medium Confidence. ELLIO Technology makes the ELLIO Medium and High Confidence lists, others are public. Comparison used ELLIO's honeypot data on July 28.

IP Data Resellers & Internet Service Provider

ELLIO: Feed
Your source for IP address data

Explore the possibility of partnering with us and benefit from:

IP Data Enrichment: Offer your customers enriched IP data, complete with detailed insights into attack sources, port scans, and other relevant information.
Network Perimeter Protection: Our commercial list can be effortlessly integrated with both FOSS and Enterprise routers and firewalls, achieving a level of automation that's nearly set-and-forget.
Custom Solutions: Leverage the commercial version of our feed for your clients, custom-fitted to meet the specific needs of MSSP, MSP, CSP, and ISP entities.
Loading...
Attacks in last 24 hours
Managed Service Provider

Handling perimeters for multiple companies

If you manage network security for multiple companies, ELLIO: Threat List provides you with the flexibility to create separate workspaces for each company. Each workspace can be customized to the specific network perimeter, including its own billing rules, product tier, update frequency, and team roles.

Multiple workspaces available

You have the flexibility to create and manage multiple workspaces simultaneously with different settings and teams within a single account. Each workspace can be customized to a network perimeter, with its own deployments and settings such as billing, update frequency, and team roles.

Networks with various router or firewall vendors

ELLIO: Threat List is also suitable for managing multiple networks with different firewall and router vendors. We are compatible with major vendors such as pfSense, Palo Alto Networks, and Fortinet.

Convenient administration

A clear and user-friendly interface enables you to quickly navigate and comfortably administer all your workspaces. You can easily modify settings, create new deployments, or manage team roles in just a few minutes. For effortless creation of new deployments, our dynamic installation guide, customized for each router or firewall individually, will assist you in achieving fast, reliable, and seamless process.

Compatibility with

Small IT teams

Boost your firewall's efficiency: quickly, reliably, effortlessly

ELLIO: Threat list is an external dynamic list of IP addresses and network entities anticipated to pose threats to corporate networks in the near future.

ELLIO: Threat list is updated automatically, be it every hour, every five minutes, or in real time, thereby mirroring the present threats and security risks relevant to your network perimeter.‍
See Plans & Pricing
Customized protection tailored to your network perimeter
Seamless integration with major firewall/router vendors, free of system crash risks
Compatible with:
Swift and effortless integration and maintenance within just 30 minutes for a stress-free experience
Helpful tutorials crafted by IT specialists for IT specialists

No need for extra IT
personnel

Expertise in cybersecurity not required

Minimized manual IT intervention

95,6%
ELLIO: Threat List covers 95,6% of ipsum6 list

What is a firewall list and why is it important?

A firewall list is essential for network security as it helps identify and block potential threats targeting your network. It is a set of rules or configurations within a firewall that govern the traffic flow and access control for a network based on criteria such as source IP addresses, destination IP addresses, port numbers, protocols, and other packet attributes.
By keeping your firewall list updated and tailored to the needs of your network, it ensures that your firewall can successfully block harmful network traffic. This, in turn, minimizes the chances of unauthorized access, data breaches, and other cybersecurity incidents from occurring.

Why is ELLIO: Threat List a good choice?

ELLIO: Threat List is dynamically updated on an hourly, five-minute, or even real-time basis, ensuring it reflects the latest threats and security risks that are relevant to your network's specific requirements. By focusing on relevant threats, we eliminate unnecessary resource usage on irrelevant risks. Your firewall list remains up to date, utilizes resources effectively, and enhances network performance.

ELLIO: Threat List is also suitable for managing multiple networks with different firewall and router vendors. You have the flexibility to create separate workspaces for each network with its own setup and team management.

Who is ELLIO: Threat List intended for?

ELLIO: Firewall Threat List is designed for IT and security teams who need to enhance their cybersecurity posture without the need for additional IT specialists, time-consuming daily maintenance, or extensive cybersecurity knowledge and experience.

It is also suitable for IT Integrators and Managed Service Providers (MSPs) who manage networks of multiple companies using different firewall and router vendors.

How challenging is the integration and maintenance?

ELLIO: Threat List is seamlessly integrateed into your current firewall or router setup, requiring only 30 minutes.* With regular automatic updates, it simplifies maintenance tasks, resulting in a significant reduction in time and effort required for maintenance. A clear and user-friendly interface enables you to navigate quickly and administer all your workspaces comfortably. You can easily modify settings, create new deployments, or manage team roles in just a few minutes.

To facilitate effortless creating new deployments, our dynamic installation guide, customized for each router or firewall vendor individually, will assist you in achieving fast, reliable, and seamless deployment implementation. ELLIO: Threat List is compatible with major firewall and router vendors - PfSense, Palo Alto, and Fortinet.

Integration process:
1/ Register at ellio.tech and create your workspace/s.
2/ Specify the IP addresses of the perimeter/s you need to protect.
3/ Set up or activate a dynamic firewall on your router or firewall.
4/ Integrate your personalized ELLIO: Threat List by pasting the provided URL into your firewall or router. Follow our step-by-step interactive installation guide for an effertless and swift integration process.

* Based on average results observed during early beta testing

Compatible with:

Is this solution also suitable for advanced security teams?

For larger and advanced security teams utilizing complex security solutions such as SIEM, SOAR, and more, we offer
ELLIO: Intelligence. This ML-based solution helps teams reduce alert overload and improve incident response time by filtering out random irrelevant internet noise and generic attacks from serious incidents. The solution provides real-time automated analysis, categorization, and prioritization of all incoming incidents, enabling teams to focus on high-risk and targeted threats efficiently.

Contact us

Choose the threat list that best fits your needs

Billing monthly
Annually
Save 33%
Billing monthly
Annually
Save 33%

Tier 1

Tier 2

Top Choice

Enterprise

IP Limit per deployment

Up to 1 IP

Up to 2 IPs

Unlimited

Update time

Hourly

Every 5 minutes

Real-time updates

Perimeter re-evaluation trigger

Web portal (up to once per day)

Web portal (up to once per day)

Web portal (up to once per day), Web hook, API

Automatic re-evaluation

Daily

Daily

Hourly

Number of users

1 user

5 users

Unlimited users

Roles

-

Owner, Admin, User

Owner, Admin, User, Guest

Google SSO

-

-

SSO

-

-

SCIM

-

-

16 €

per deployment / month

128 €

per deployment / year
Sign up for BETA

32 €

per deployment / month

256 €

per deployment / year
Sign up for free trial

Tier 1

IP Limit per deployment

Up to 1 IP

Update time

Hourly

Perimeter re-evaluation trigger

Web portal (up to once per day)

Automatic re-evaluation

Daily

Number of users

1 user

Roles

-

Google SSO

-

SSO

-

SCIM

-

Sign up for BETA

32 €

per deployment / month

256 €

per deployment / year

Tier 2

Top Choice
IP Limit per deployment

Up to 2 IPs

Update time

Every 5 minutes

Perimeter re-evaluation trigger

Web portal (up to once per day)

Automatic re-evaluation

Daily

Number of users

5 users

Roles

Owner, Admin, User

Google SSO

-

SSO

-

SCIM

-

64 €

per deployment / month

512€

per deployment / year
Sign up for BETA

Enterprise

IP Limit per deployment

Unlimited

Update time

Real-time updates

Perimeter re-evaluation trigger

Web portal (up to once per day), Web hook, API

Automatic re-evaluation

Hourly

Number of users

Unlimited users

Roles

Owner, Admin, User, Guest

Google SSO
SSO
SCIM
Prices excluding VAT

How we help with IP address filtering issues

CHANGING IP ADDRESSES

How ELLIO asists | By using our sensor network, we constantly monitor internet activities and analyze behavioral patterns within them. This enables us to selectively filter and prioritize essential traffic whenever required. We possess the capability to detect and filter both regular and exploit-driven traffic originating from IP addresses, including those that have not been linked to any malicious activities before.

BOTNETS

How ELLIO asists | Botnets, which commonly consist of numerous compromised devices with fluctuating IP addresses, can pose challenges for conventional IP filtering techniques. However, dynamic lists offer firewalls the flexibility to adapt their rules and filter traffic by leveraging real-time data, including recognized botnet IPs and behavioral patterns.

FALSE POSITIVES

How ELLIO asists | For SIEM solution users, we assist in reducing false positives by filtering out random, insignificant internet noise from severe, targeted attacks, while ensuring that authentic traffic remains uninterrupted. This increases the effectiveness of firewall rules and reduces the influx of irrelevant incidents reported to your SIEM solution.

CHANGING IP ADDRESSES

Many attackers aim to avoid getting blacklisted by consistently changing their IP address. Criminals may use multiple addresses, enabling them to switch if one gets blocked. These alterations also increase the difficulty of identifying attackers, resulting in less successful detection

BOTNETS

Attackers commonly leverage massive botnets comprising thousands to millions of compromised end users or IoT devices. These botnets, often rented as a service on the dark web, involve a high volume of frequently changing IP addresses. Traditional IP filtering is ineffective against such attacks.

FALSE POSITIVES

False positives are a significant challenge. Today's security systems generate too many alerts, making it difficult for teams to identify and respond to actual threats in a timely manner. Approximately a third of all cybersecurity alerts are determined to be false positives, leading to a huge waste of resources to investigate problems that don’t actually exist. Alert overload can quickly cause major problems such as high staff turnover, low productivity, and financial loss.

Calling all homelabers:
Unleash ELLIO: Feed for free

As a way to support the tech community, we offer homelabers and tech enthusiasts
ELLIO: Feed in its community free version for non-commercial use.

For guidance on how to use it, read the Documentation or check out the Dynamic tutorials.

Product materials

We reduce your cybersecurity risk by adding the latest threats relevant to your network perimeter in time.