Indicator of Compromise (IoC) Analyzer & Scoring
Contextual and deterministic evaluation of the severity of IP addresses, domain names, and file signatures, powered by AlienVault OTX Threat Intelligence. Enter your IoC below to get its score instantly.
Indicator Threat Score
-
Evaluation Criteria Breakdown
-
Understanding the Scoring Criteria
The Akuity Score compiles AlienVault OTX threat intelligence in real time and applies a proprietary algorithm based on 4 criteria and a contextual adjustment:
1. Source Trust
Evaluates alert reliability: Direct validation by elite experts (AlienLabs or Google Web Risk) triggers maximum suspicion. Conversely, community reports require consensus from at least 3 distinct authors to be deemed credible.
2. Volume & Visibility
Measures threat ubiquity: The score increases based on the number of active attack campaigns (pulses). In addition, the absence of a domain from the global Top 1M increases suspicion of a dedicated infrastructure for targeted phishing or a command and control (C2) server.
3. Recency & Temporal Freshness
Analyzes the urgency and age of the infrastructure: Threats observed very recently (less than 30 days) receive maximum severity. Similarly, an internet domain created less than 100 days ago is deemed highly suspect as it is potentially ephemeral.
4. Severity & Behavioral Context
Identifies the nature of the danger: The detection of critical threats (Ransomware, C2, Trojan, APT) instantly maximizes the score. Medium-severity activities like phishing, spam, or botnets apply a moderate penalty.
5. Contextual Adjustment & Background Noise
Filters and neutralizes the score based on context: An automatic reputation shield protects web giants (Top 50K, Microsoft, Google) from community noise. In addition, a -15 point penalty is applied if activity is limited to simple harmless automated scans.