Shadowserver works with national governments, network providers, enterprises, financial and academic institutions, law enforcement agencies, and others, to reveal security vulnerabilities, expose malicious activity and help remediate victims.

National CSIRTs Industry Sectors Law Enforcement
National CSIRTs

National CSIRTs

We help National CSIRTs understand the big picture 
of what’s happening on the networks they’re responsible for.

How we serve National CSIRTs »
  • Reporting
  • Data analysis
  • Training
  • Investigation support
Industry Sectors

Industry Sectors

We work with business and tech firms, financial institutions and academia, ISPs and hosting companies, to improve network security, enhance product capability, and advance threat research.

How we serve Industry Sectors »
  • Reporting
  • Data-sharing partnerships
  • Educational conferences
  • Training
Law Enforcement Agencies

Law Enforcement Agencies

We partner with law enforcement to help protect victims, take down global cybercrime infrastructures and prevent attacks before they occur.

How we serve Law Enforcement »
  • Investigation support
  • Data analysis
  • Training
  • Reporting
145 million

sinkhole connections per day

3.7 billion

IPv4 addresses scanned on 148 ports each per day (1.07 billion IPv6 on 77 ports). 381 million hosts respond

848,000

Malicious domains sinkholed & blocked in a single botnet takedown operation, 2.5M over 4 years.