Today we will talk about an overview of important tools for monitoring cyber threats in real time. It will focus on describing each of the services, their unique features, the types of monitoring data they collect, and the methods for visualizing that data. Readers will learn about the variety of tools available, from DDoS attack maps to dashboards for tracking botnet and ransomware activity, to help identify and analyze cyber threats from around the world.
ACS TP, open ports sticking out of the base with a breakdown by region.
A comprehensive cyber threat dashboard created by Talos with support from Cisco.
Cyberattack dashboard from Deutsche Telekom, which works on the basis of the open source network of honeypots: T-Pot
A low-information map, notable for displaying attacks recorded by the offensive player WAF Bunkerweb
Live botnet threats Shows the location of the IP addresses of the servers used to manage the infected devices.
Live map of DDoS attacks with a timeline, filters by country and industry, as well as an indication of the strength of the attacks.
Interactive map of DDoS attacks. Allows you to explore historical data in crash reports on a specific day, broken down by country.
Service for checking suspicious files for viruses. Displays statistics on malware detected in different regions of the world.
Internet Hacking Attack Map This map stand out is that it doesn’t visualize the threats themselves, but rather the attack messages. For this purpose, information found in mass media, social networks.
Here you can view summary statistics on cyber attacks for the last hour, day or month, as well as highlight the most attacked countries, the top attack vectors and the most scanned ports.
A dashboard from the European company HTTPCS, which aggregates data on cyber threats detected on the territory of different countries. Registration is required to view most statistics.
The colorful globe is decorated in the best traditions of Hollywood movies about hackers. In fact, it is not the design that makes it useful, but the informative dashboard with statistics collected from the company’s security products.
Global incident map aggregating data on ransomware attacks since 2018. Here you can find out which sectors of the economy were affected by a specific attack, the type of ransomware and even the amount of the ransom. Updated daily.
Shadowserver dashboard The Shadowserver team collects intelligence on a variety of threats, such as DDoS attacks, botnets, port scans, and CVE vulnerability detection. The statistics presented on the maps and charts are updated daily.
Geolocates web threats, spam and malware sources as they are detected by Sophos analysts. The service shows the current level of danger and allows you to see basic statistics on some types of threats.
Informative atlas of cyber threats. It stands out somewhat from the general range of resources presented here, but offers a large amount of analytics by region and the APT groups “working” behind them.
Analytical map, which the authors claim allows predicting the sources of future DDoS attacks. Displays the IP addresses from which repelled attacks were launched, detects botnets that have been actively used.