Blueliv is Europe’s leading cyberthreat intelligence provider, headquartered in Barcelona, Spain. Blueliv’s mission is to empower our customers with a collaborative, automated and targeted threat intelligence, to fight the cybercrime and help them manage their digital risk as quickly as the threat landscape changes.

Covering the broadest range of threats on the market, a pay-as-you-need modular architecture means customers receive streamlined, cost-effective intelligence delivered in real-time, backed by our world-class in-house analyst team. Intelligence modules are scalable, easy to deploy and easy to use, maximizing security resource while accelerating threat detection, incident response performance and forensic investigations.

Blueliv is recognized across the industry by analysts including Gartner and Forrester, and has earned multiple awards for its technology and services including ‘Security Company of the Year 2019’ by Red Seguridad, Enterprise Security and Enterprise Threat Detection 2018 category winners by, in addition to holding affiliate membership of FS-ISAC for several years.


Please leave a few contact details and one of our team will get back to you.

Introducing Threat Compass from Blueliv

Targeted threat intelligence saves time and maximizes security resource while accelerating threat detection, incident response performance and investigation.

Comprehensive, Modular Cyberdefense

Each Threat Compass module can be acquired and used individually. You only need to buy modules delivering threat intelligence most relevant to your business.

Threat Context – Threat Hunting

Threat Context provides security teams with continuously updated and intuitive information around threat actors, campaigns, IOCs, malware, attack patterns, tools, signatures and CVEs. A database of 200 million+ items offers graphical interrelationships so analysts can rapidly gather enriched, contextualized information before, during and after an attack. Blueliv has collected and made available more than ten years of historical threat data which is constantly updated, offering the broadest threat collection to its customers.

Dark Web

Boost your awareness of what’s going on in the underground, observe malicious activities targeting your organization and proactively prevent future attacks. Gain an advantage by putting an eye in the enemy camp: become better informed about criminals targeting your organization; proactively prepare countermeasures; find stolen user credentials and
assets in real-time.


Find actionable intelligence around leaked, stolen and sold user credentials. We locate them in real-time on the open, deep and dark web, along with information about relevant malware used to steal the information. Blueliv’s sinkholes, honeypots, crawlers and sensors are continuously searching for your stolen credentials from leaks, in forums and in real-time from targeted malware, helping eliminate serious attack vectors and fraudulent actions in minutes rather than in months.

Data Leakage

Discover if your organization’s sensitive documents and source code have been leaked on the internet, deep web or P2P networks, intentionally or not, such as with shared internal documents with poorly-secured file sharing providers.

Credit Cards

Dig deep enough and you can find all sorts of credit card data online. This module can dramatically reduce losses from theft and fraud of credit cards. We retrieve stolen credit card data and provide relevant information to help organizations mitigate the damage.


Our targeted module allows you to detect malware seeking to steal sensitive information or commit fraud. The aggressive solution proactively hunts down targeted malware and ‘Man in the Browser’ attacks, aimed specifically at your organization. Through robust and continuous analysis of millions of samples per month, we provide forensic reporting on malware behavior targeting your systems.


Monitor global hacktivism activity on social networks and the open and dark web that can affect your infrastructure. Using an advanced early warning system and active geolocator, the module generates targeted threat intelligence to shield against potential attack vectors.

Mobile Apps

Malicious and illegal applications are hiding in plain sight in non-official marketplaces, luring your customers away and even stealing their data. Our module specializes in detecting applications claiming affiliation to your organization or using company assets without authorization to protect your brand and reputation.

Social Media

Monitor your organization’s digital footprint on social networks and search engines. Find websites not authorized to use your brands, logos, assets claiming partnership affiliation assets and more, so you can take proactive steps to shut them down.

Domain Protection

Fraudulent domains are a risk to your organization and your end customers, with the goal of stealing information or damaging your brand. Combat phishing and cybersquatting by proactively detecting attacks and take countermeasures.

Customized to your needs

Threat Compass provides a central point of control for automated operational, tactical and strategic threat intelligence


Blueliv automates threat data collection from multiple sources and in multiple formats.

Correlation & enrichment

Threat Compass provides powerful information categorization, honey client direct side validation, and sandbox analysis and scoring. We also investigate data collected from across third-party feeds to identify common attack vectors and actors.

Actionable intelligence

Blueliv’s powerful visualization tools represent targeted, actionable threat intelligence intuitively. Use the information to create your own YARA rules, gain a tactical advantage, and create strategic cyberthreat response capabilities.

Threat data integration

Plugins are available for the most common SIEMs, SOAR platforms and TIPs. Blueliv supports STIX/TAXII for easy information sharing between different data formats.

Collaboration is key

Share relevant information across your internal groups and with trusted third parties.

Enable a single  user to collect threat data of specific interest and easily share relevant, timely, accurate Indicators of Compromise about emerging or ongoing cyberattacks to avoid breaches or minimize damage from an important attack.

Accelerated, adaptive

By automating targeted threat intelligence collection and presentation, you gain greater visibility into threats and reduce incident response times.

Big data analytics capabilities quickly deliver actionable information with minimal false positives in a single dashboard view – with context and underlying detail – for faster decision-making.

Maximize limited resource

Eliminate the need to sort through thousands and thousands of alerts, and let your team focus on targeted threat intelligence with sophisticated analysis capabilities.

Follow Us