Whatoblock is a platform that collects and analyzes real internet scanning activity from a distributed sensor network. The goal is to make external threat intelligence simple and practical.
The platform includes a threat search engine, a live global threat map, and an API for enriching alerts and automating blocks. Instead of relying only on shared feeds, we observe raw hostile traffic directly and categorize it into scanners, botnets, and other threat types.
You can search any IP to see what it has been doing, visualize trends, and integrate the data into SIEM or firewall workflows.
I would love feedback on three things:
1. Is the search experience useful for real investigations?
2. What indicators would you need before trusting an IP enough to block it automatically?
3. What integrations would make this more valuable in your daily workflow?
steliosss•2h ago
Whatoblock is a platform that collects and analyzes real internet scanning activity from a distributed sensor network. The goal is to make external threat intelligence simple and practical.
The platform includes a threat search engine, a live global threat map, and an API for enriching alerts and automating blocks. Instead of relying only on shared feeds, we observe raw hostile traffic directly and categorize it into scanners, botnets, and other threat types.
You can search any IP to see what it has been doing, visualize trends, and integrate the data into SIEM or firewall workflows.
I would love feedback on three things:
1. Is the search experience useful for real investigations? 2. What indicators would you need before trusting an IP enough to block it automatically? 3. What integrations would make this more valuable in your daily workflow?
Happy to answer any technical questions.