The creation of AbuseHQ stems from the idea that for anyone trying to manage network abuse originating on a network with lots of “unmanaged” end-users on it, data is key. More data, always more data.
Among other benefits, additional data serves as corroboration of issues when there are reports from multiple sources; it provides context about the cause when sources provide malware identification, and it aids in choosing priorities for different issues.
One of the most powerful features of AbuseHQ is hidden to most of our users: it is the set of 450+ parsers – that together consume 1500+ different formats.
In AbuseHQ, you deal with cases that are aggregations of events. It’s our parsers that take incoming data from the stream of traffic to your abuse@ address, from feedback loops and from projects like Shadowserver, and turn them into events.
No longer do you maintain your own set of scripts to consume X-ARF messages, no longer do you have to keep up with changes to reports from different reporters that are incompatible; no longer do you have to get time from your developers to keep up with what’s coming in.
AbuseHQ’s engineering team monitors traffic into your instance to discover new and updated reports, and adjusts where needed. When one of our customers starts receiving reports in a new format, they will start seeing those reports in their AbuseHQ – and so will you!
All of this is included in all AbuseHQ subscriptions. So go out and [sign up for more data], resting assured that it will be immediately useful!