SAN MATEO, CA, April 8, 2015 – Norse Corporation, the leader in live attack intelligence, today announced Norse ThreatList™, a unique web portal that provides on-demand, instant risk scores with rich context for any IP and URL address of interest. Norse ThreatList features an easy-to-use search portal for human intelligence analysts, as well as a machine-readable threat intelligence (MRTI) RESTful API for easy integration into existing security architectures. Norse ThreatList gives users a continuously-updated window into the massive 7-petabyte Norse Attack Intelligence database, that delivers unmatched visibility into the farthest corners of the Internet, even the darknets. Norse ThreatList can be used to preemptively block dangerous connections or leveraged to accelerate and enhance post-breach forensics.

“Norse combined our best-selling DarkList and DarkViking products into a single offering, and enriched them with even better context data to create the new Norse ThreatList.  New region codes enable geo-based risk blocking, and new service categories let you intelligently flag, throttle or even block content from risky sites, while still allowing normal traffic to pass at line speeds,” said Tommy Stiansen, CTO of Norse.  “Norse ThreatList gives customers a faster, better, easier-to-use portal into Norse’s massive 7-petabyte database of attack intelligence.”

One of the big challenges facing any intelligence operation is minimizing false positives, especially when dealing with traffic from shared hosts, content delivery networks, domain name servers or advertising servers. Norse ThreatList’s new threat categories and richer contextual information helps security professionals filter threats more intelligently: blocking some, throttling and flagging others.  Norse ThreatList also provides more detail on bots and their targets, even bots launched from or targeting embedded systems (the “Internet of Things”).  This lets security teams prioritize bots (or their command-and-control nodes) based on target, velocity or aggressiveness. A new RESTful API allows for broader deployments and faster, more granular parsing of today’s larger threat datasets, filterable by risk score, threat category or timestamp. Data from Norse ThreatList can even be exported in JSON or CSV formats for import and post-processing on other platforms.

Availability and Pricing

Norse ThreatList ships April 20, 2015.  Pricing varies by channel, application and size of networks protected.  For a quote or for more information, email [email protected].

About Norse

Norse is the global leader in live attack intelligence, helping companies block the threats that other systems miss. Serving the world’s largest financial, government and technology organizations, Norse intelligence dramatically improves the performance, catch-rate, and return-on-investment of your existing security infrastructure. The Norse Intelligence Network, a globally-distributed “distant early warning” grid of millions of sensors, honeypots, crawlers, and agents, delivers unmatched visibility into difficult-to-penetrate geographies and darknets, where bad actors operate. Norse processes hundreds of terabytes daily against a 7 petabyte attack history database, and weighs over 1,500 variables to compute real-time risk scores for millions of IP addresses and URLs every day.  For more information, visit

Media and Analyst contact:

Patrick Corman
Corman Communications, LLC

650-465-5973 (mobile)