This article has been indexed from DZone Security Zone
The pervasiveness and increasing sophistication of cyber attacks call for additional data points that can help users make sense of security incidents. Contextualizing cyber alerts generated by cybersecurity tools, for instance, can help security teams prioritize responses. One critical contextual data source is IP geolocation data, which includes the following data points for every IP address:
- Country
- Region
- City
- Latitude
- Longitude
- Postal code
- Time zone
- Internet service provider (ISP)
- Connection type
In some consumption models, IP geolocation data also includes Autonomous System (AS) details and related domain names.
Read the original article: Bulk IP Lookup: Integrating IP Geo Data Into Cybersecurity Development