Blog

Today we're announcing an integration with Tenzir that moves URL enrichment out of the SIEM and into the security data pipeline — where it can actually change outcomes. Most SIEM threat enrichment strategies share the same flaw: they start after data has already...

Your DNS filter sees every query your network generates. But seeing a query and understanding it are two different things. Most URL classification systems were built around a specific assumption: the host being queried is a website, and the website has content worth...

🔍 Want to look up an IP reputation score right now? Enter any IP address into threatYeti and get a full reputation score, threat breakdown, and infrastructure context — no account required. Free, instant, no rate limit for manual lookups. Every security product that...

**Updated for 2026 to include new categories: DNS Over HTTPS, Local/Non-Routable, Network Access/Captive Portal. If you manage a firewall rule-set, write secure-web-gateway policies, wrangle CASB shadow-IT reports, or simply lose sleep over which URLs your workforce...

Not all domain extensions carry equal risk. Some TLDs are dominated by legitimate commerce and communication. Others have become reliable infrastructure for phishing campaigns, malware distribution, and scam operations — so reliably that blocking them by namespace is...

Threat intelligence platforms are only as good as the intel flowing into them. You can have the cleanest workflow, the sharpest analysts, and the most elegant investigation UX — but if your IOC data is stale, incomplete, or stripped of context, you're making decisions...