The threat landscape, in one place.
Malveine aggregates millions of malicious indicators, thousands of active malware campaigns, the complete known-exploited-vulnerability catalog and global attack telemetry — continuously scored and ready for your SOC.
What's inside the dataset
Every layer of the threat picture, normalised and cross-linked — from raw indicators to the campaigns and vulnerabilities behind them.
Malware campaigns
Ranked, continuously scored campaigns with churn trends, sightings timelines and the indicators that define them.
Indicators of compromise
Millions of IPs, domains and file hashes — confidence-scored, geo-attributed and enriched with hosting ASN context.
Known exploited vulnerabilities
The full CISA KEV catalog, cross-linked to the live indicators and campaigns actively weaponising each CVE.
MITRE ATT&CK mapping
Adversary techniques mapped to observed activity, so every signal lands in a framework your team already speaks.
Global telemetry
Source-country and ASN breakdowns reveal where threats originate and which networks carry the most malicious traffic.
Ready-to-use feeds
Export the dataset as STIX 2.1 bundles or plain-text blocklists (EDL) — drop straight into your existing stack.
Start exploring the intelligence
Create an account in seconds and open the full Malveine console — campaigns, indicators, KEV and live feed health in a single overview.