Threat Sharing

Keepnet’s Threat Sharing technology enables community members to expand their threat intelligence reach by leveraging the collective network knowledge, reducing costs, and accelerating implementation.


Our Phishing Simulator and Awareness Educator modules minimize your employees’ susceptibility, and our Email Threat Simulator module proactively reduces the volume of inbox events. Our Incident Responder module is designed to catch successful phishing attacks! 

Built to extend the capability and effectiveness of our patent-pending Incident Response platform, our Threat Sharing technology acts as an early warning network for all participants. There are three sources of threat sharing data.

Our Keepnet IRP is deployed at each node of the network providing inbox level incident reporting, investigation and response giving users maximum agility and reducing response time.

Want to try Keepnet's Threat Sharing for free?

Click the button and start your free trial today

Intelligence Triggering Investigations

After finding any instances of an attack Keepnet IRP will now automatically share this intelligence to the rest of the community triggering investigations throughout the network.

Peer-to-Peer Sharing

In addition to data from the Keepnet IRP each organisation within the community can create a trust and reputation-based relationship with any other organisation on a decentralised, peer-to- peer basis using the Keepnet Threat Sharing APIs.

Data Sharing Based on Trust

Rules, Workflows and Playbooks are defined on a case by case basis to control how the intelligence from the partner organisation are actioned. High trust relationships can be automated, connections with lower trust scores can require independent verification of the threat analysis before taking action.

Third-Party Intelligence Sources

Another feature of our Threat Sharing APIs is the ability for any member of the network to share threat intelligence obtained via their other cybersecurity products and services.

Various Sandbox Technologies

Using the same peer-to-peer architecture described previously, one organisation using a certain sandbox product can share threat analysis data with another organisation who may be using a different sandbox technology.

Cross referencing

This cross referencing provides a greater detection probability of malicious attacks.