Malicious Detailed Detection Feed™ (MDDF) | In Depth Malicious Intelligence

Identify, Confirm, and Enrich Intelligence on Malicious URLs and Files

Part of the zveloCTI™ family of Cyber Threat Intelligence feeds, the Malicious Detailed Detection Feed™ (MDDF) delivers curated malicious intelligence data which identifies, confirms, and enriches malicious URLs with a range of metadata attributes pertaining to both the malicious URLs as well as malicious files associated with those URLs.  The rich metadata reveals Indicators Of Compromise (IOC) which can be used for further analysis and enrichment.  Metadata includes attributes like full-path URLs, date created and/or expired, domain history, malware family, file hashes, and numerous other intelligence attributes.

  • Unique Malicious URL Detections
  • Metadata Attributes for Context of Identified Threats
  • Observe Malicious Trends Over Time
  • Real-Time, Continuous Updates
  • Massive Clickstream Traffic From 600+ Million Users and Endpoints 
  • Curated 3rd Party Feeds + zvelo Proprietary Data
  • High Veracity and Low False Positives
  • Part of zveloCTI’s Family of Cyber Threat Intelligence Feeds

Unrivaled Intelligence for Defending Against Malicious Threats 

Malicious Detailed Detection Feed Maximizes Your Protection Against Malicious URLs and Files

zvelo’s proprietary AI-based threat detection and categorization technologies, combined with curated domains, threat and other data feeds, plus clickstream traffic from its partners’ 600+ million users, provide unmatched visibility, coverage, reach and accuracy for powering applications which protect users and devices from malicious threats.

malicious detection for blocking and threat research

Unique Malicious Detections

Advanced AI-based, proprietary technology detects unique malicious URLs earlier and more accurately than other providers, to neutralize emerging threats when they are most dangerous.

Global Clickstream

Massive Clickstream Traffic

URLs from text, SMS, email, and surfing traffic of more than 600 million users supplies continuous and comprehensive visibility into the global clickstream.

Rich Metadata Attributes

Metadata Attributes for Context

Rich metadata accompanies full-path malicious URLs, plus the associated malicious files, so you can communicate the context of malicious threats like created date, domain history, malware family, and file hashes.

Real-Time Detections

Real-Time Malicious Detection

Newly identified malicious threats immediately propagate to global database deployments to  maximize protection against emerging threats.

Curated Malicious Intelligence

Curated Malicious Intelligence

The Malicious Detailed Detection Feed leverages massive clickstream traffic, along with other sensor-based data streams and proprietary data sources to identify, validate and enrich intelligence collected on malicious threats.

Real-Time Continuous Updates

Real-Time, Continuous Updates

zvelo’s global AI-based network continuously monitors and analyzes ActiveWeb traffic and proprietary data sources to identify new malicious threats as they mutate and change.

Break the Kill Chain and Block Adversaries with Malicious Detailed Detection Feed

Protect Your Users and End Points Against Malicious Threats

zvelo’s Malicious Detailed Detection Feed delivers highly curated malicious intelligence to defenders, cybersecurity analysts, and vendors seeking to include premium defensive layers into their threat intelligence and malicious detection solutions. MDDF delivers the insights and actionable malicious URL intelligence required to block adversaries at the initial access point, as well as to break the kill chain in various places for robust and comprehensive protection against malicious URLs and files.

  • Web Filtering & Parental Controls
  • DNS Filtering & DNS RPZ
  • Malicious Threat Analysis
  • Malicious Intelligence Reporting
  • Antivirus Software
  • Next-Generation Firewalls
  • Managed Detection and Response (MDR)
  • Endpoint Security/Endpoint Detection and Response (EDR)
  • Enterprise Network Administration
  • Ideal for ISPs, Telcos, CASBs, MSSPs, SIEM, IPS, UTM Vendors, and more…

Power Your Threat Protection with zveloCTI™

Maximum Precision, Efficacy, and Protection Against Evolving and Emerging Threats

The Malicious Detailed Detection Feed is one of several Cyber Threat Intelligence feeds in the zveloCTI product family, and is uniquely positioned to identify, confirm, and enrich the intelligence collected on malicious URLs for direct action by defenders and analysts.  For comprehensive protection against a broader range of other threats and exploits, zveloCTI offers additional Threat Intelligence feeds for further enrichment and analysis.

Phishing Detection for Blocking and Threat Research


The PhishBlockList feed delivers curated phishing intelligence for comprehensive protection against active phishing threats in the wild.  More than just detections, PhishBlockList is enriched with additional metadata attributes like date detected, targeted brand, and other crucial data points.

Malicious Detection for Blocking and Threat Research

Malicious Detailed Detection Feed

Malicious Detailed Detection Feed delivers curated malicious intelligence data which identifies, confirms, and enriches malicious URLs with a range of metadata attributes such as date detected, malware family, and many key intelligence attributes which can be used for further analysis and enrichment.

zveloCTI Suspicious New Registrations Feed

Suspicious New Registrations Feed

Identify Indicators Of Compromise (IOC) and potential threats before they can impact victims. zvelo’s Suspicious New Registrations Feed enriches new domain registration data with highly valuable metadata like DGA score, registration and/or expiration dates, ASN info, and more.

Explore zveloCTI
Have Questions? Ready To Start An Evaluation?

Send Us A Message