Announced at ESET World 2025, the expansion of threat intelligence services makes available advanced features such as new feeds, personalized reports and access to AI Advisor also for SMEs and companies with diversified needs
ESET, the global European leader in the cybersecurity market, has announced the extension of the functionality of its award-winning Cyber Threat Intelligence services, with the introduction of new APT (Advanced Persistent Threat) feeds and reporting levels. ESET's offering responds to current cybersecurity needs with features such as APT monitoring, threat hunting and AI integration to automate threat analysis. Presented on the occasion of ESET World 2025 in Las Vegas, the new offering was developed to support companies of all sizes, which today consider threat intelligence a fundamental element of a next-generation cybersecurity strategy, based on the prevention first.
“ESET continues to expand its cyber threat intelligence offering to accelerate incident response and reduce the impact of data breaches — providing a comprehensive view of threat actors, attack vectors, indicators of compromise and malware behavior,” said Juraj Malcho, Chief Technology Officer at ESET. – Because cyberattacks know no borders, many organizations combine multiple threat intelligence services to gain global visibility and leverage the best capabilities available. ESET's broad visibility in Europe and Asia gives businesses a real advantage in preventing sophisticated threats and protecting their most critical assets."
New feeds
ESET has expanded its Cyber Threat Intelligence from eight to 15 threat feeds, providing actionable, curated, metadata-rich and detailed data to help defend against current threats such as ransomware, malicious email attachments, cryptocurrency scams, phishing URLs, smishing, SMS scams and more. In threat intelligence, quality matters more than quantity. Instead of having to analyze massive raw external datasets, ESET telemetry is filtered to eliminate duplicates and delivered in real time — allowing security analysts to intervene early and quickly identify emerging business risks and previously unknown threats.
Additional levels of APT reporting
ESET is enhancing its reporting on advanced persistent threats, introducing new layers to make this vital intelligence accessible to SMEs too. The proposed formats are designed to meet the needs of different company roles. SOC or threat intelligence analysts can rely on Technical Analysis and Activity Summary reports to gain in-depth details on attacks and post-compromise activity, along with information on attacks, indicators of compromise (IoC), YARA rules, Snort rules, Shodan queries, Censys queries and more. In addition to IoCs, reports offer context and guidance from experts. For a high-level strategic view, CISOs can consult the Monthly Overviews or Digests.
The APT Report Advanced and APT Report Ultimate levels include access to ESET AI Advisor, an AI-powered generative chatbot that can answer security questions, provide APT summaries, collect IoCs and TTPs, and generate YARA rules for rapid threat understanding and prevention. Leveraging ESET's more than 20 years of AI and machine learning expertise, AI Advisor enables security and intelligence leaders to better analyze and address emerging threats with SOC-level support. Finally, organizations that choose the APT Report Ultimate tier have direct access to ESET analysts, with the ability to resolve issues and collaborate directly with the company's front-line threat hunters.
Integrations
The development of ESET's API gateway, ESET Connect, has enabled the company to strengthen integrations and collaborations within the ecosystem, helping customers simplify cybersecurity management, increase visibility across a wide range of attack surfaces, and drive convergence among key industry players within shared architectures. ESET Cyber Threat Intelligence is highly interoperable and is already integrated with several leading vendors, including Microsoft Sentinel, IBM QRadar, Elastic, MISP, OpenCTI by Filigran, Threat Quotient, Stellar Cyber and others.
"ESET Cyber Threat Intelligence is built on our core strength: ESET researchers active in 11 research and development centers around the world,” said Jean-Ian Boutin, Director of Threat Research at ESET. “ESET does not purchase data from third parties: it generates it internally. Our primary source is the large user base of ESET security solutions — over 110 million users in more than 190 countries. Samples collected via ESET telemetry are subjected to analysis behavioral and structural insights, producing additional actionable indicators that enrich our threat intelligence and thus provide a more complete understanding of the threat landscape. By aligning with the MITER ATT&CK framework, ESET threat intelligence users can operationalize their visibility and response capabilities.”
Knowledge and information sharing are fundamental elements in cybersecurity. ESET researchers have developed a multi-level detection engine that analyzes further 300,000 new unique malware samples every day. Key research and findings are regularly presented at major international industry events, such as RSA and Black Hat. Additionally, ESET shares information on new threats and campaigns with the public and security enthusiasts through its flagship blog, welivesecurity.com, cited by authoritative media such as BBC, CNBC, The Washington Post, Forbes, The Guardian, TechRadar, Wired and others.
For more information, visit the page ESET Cyber Threat Intelligence.
