Saturday, July 13, 2024

ELLIO and ntop partnership to boost high-speed network traffic monitoring with real-time data on opportunistic scans, botnets, and mass attacks

ELLIO, a provider of real-time, highly accurate intelligence for filtering of unwanted network traffic and cybernoise, and ntop, a provider of open-source and commercial high-speed traffic monitoring applications, have announced a partnership to enhance visibility into malicious traffic originating from opportunistic scans and attacks within the network traffic monitoring tool ntopng.

By integrating a highly accurate and real-time ELLIO: Feed, ntopng’s users gain deeper insights into their network traffic through real-time information on sources of mass exploitation, botnet activity and opportunistic attacks, even before traditional rule-based detections are available.

In modern cybersecurity traffic analysis, the challenge is to anticipate problems before they happen. Blocklists are effective for blocking attackers, but they require high-quality, frequently updated data that is immune to False Positives.

“We’ve been using the ELLIO: Feed in live production, and it has proven highly effective at spotting threats. Compared to other security solutions such as IDSs, ELLIO doesn’t require constant supervision and handles zero-day attacks better.

Thus, we’ve partnered with ELLIO to bring their technology to the ntop user community,” said Luca Deri, ntop founder”Obtaining reliable and up-to-date information about mass exploits, botnets, and other widespread attacks is crucial for cybersecurity. These attacks easily disrupt normal network operations, affect service availability and performance, and overwhelm security teams,” said Vlad Iliushin, CEO at ELLIO.

Free trial for all ntopng users

ntopng users with the latest version can enjoy a 30-day free trial of ELLIO: Feed integration by visiting this address:

ELLIO: Feed improves visibility into malicious traffic originating from opportunistic scans and attacks within ntopng traffic monitoring tool

ELLIO: Feed is a threat list that is dynamically updated every minute and contains an average of up to 200,000 IP addresses currently associated with attackers, scans, and other malicious mass exploitation activities on the Internet. This database is constantly regenerated to ensure users have the most up-to-date information on emerging threats. ELLIO’s threat feed is supported by a powerful combination of an extensive internet sensor network operated by ELLIO, advanced ML algorithms, and real-time data processing. This mechanism enables highly reliable and fully automated threat detection delivery.

ntopng is a network traffic monitoring tool that provides a web-based interface for real-time analysis and visualization of network usage. It helps users understand network performance, detect issues, and improve security by offering insights into traffic patterns, protocols, and active hosts.

About ntop

ntop is an engineering-driven company that provides software for network traffic analysis, capture-to-disk and traffic generation applications optimizing the performance of Commercial Off-The-Shelf (COTS) hardware. As a recognized leader in its field, ntop has become an industry-standard application, serving a diverse customer base that spans from individuals to key players in networking. For more information, users can visit


ELLIO Technology is a cybersecurity company, streamlining cybersecurity teams’ focus on critical incidents by eliminating alerts from generic attacks and cybernoise distractions. With its extensive network of internet sensors and honeypots, ELLIO collects and analyzes internet traffic, identifies attack data while tagging exploits and vulnerabilities. Through their advanced ML engine, real-time data processing and in-depth research, ELLIO enables organizations to gain a clearer picture of cyber security attacks and incidents. ELLIO provides reliable and fully automated filtering of cyber noise and generic attacks at the network perimeter. It helps reduce “alert fatigue,” the overload caused by too many alerts and events in SIEM and SOAR tools. For more information, users can visit


PR Relationships
Jana Tom
[email protected]


Latest articles

mSpy Data Breach: Millions of Customers’ Data Exposed

mSpy, a widely used phone spyware application, has suffered a significant data breach, exposing...

Advance Auto Parts Cyber Attack: Over 2 Million Users Data Exposed

RALEIGH, NC—Advance Stores Company, Incorporated, a prominent commercial entity in the automotive industry, has...

Hackers Using ClickFix Social Engineering Tactics to Deploy Malware

Cybersecurity researchers at McAfee Labs have uncovered a sophisticated new method of malware delivery,...

Coyote Banking Trojan Attacking Windows Users To Steal Login Details

Hackers use Banking Trojans to steal sensitive financial information. These Trojans can also intercept...

Hackers Created 700+ Fake Domains to Sell Olympic Games Tickets

As the world eagerly anticipates the Olympic Games Paris 2024, a cybersecurity threat has...

Japanese Space Agency Spotted zero-day via Microsoft 365 Services

The Japan Aerospace Exploration Agency (JAXA) has revealed details of a cybersecurity incident that...

Top 10 Active Directory Management Tools – 2024

Active Directory Management Tools are essential for IT administrators to manage and secure Active...
Kaaviya Balaji
Kaaviya Balaji
Kaaviya is a Security Editor and fellow reporter with Cyber Security News. She is covering various cyber security incidents happening in the Cyber Space.

Free Webinar

Low Rate DDoS Attack

9 of 10 sites on the AppTrana network have faced a DDoS attack in the last 30 days.
Some DDoS attacks could readily be blocked by rate-limiting, IP reputation checks and other basic mitigation methods.
More than 50% of the DDoS attacks are employing botnets to send slow DDoS attacks where millions of IPs are being employed to send one or two requests per minute..
Key takeaways include:

  • The mechanics of a low-DDoS attack
  • Fundamentals of behavioural AI and rate-limiting
  • Surgical mitigation actions to minimize false positives
  • Role of managed services in DDoS monitoring

Related Articles