hero image

Untangle Labs

Introducing Untangle Labs

We’re the research and development team here at Untangle, and we’ve been working hard to provide a brand new way to share data about threats we see in the wild—on actual Untangle NG Firewall deployments—worldwide.


We’ve developed a cyber intelligence platform, ScoutIQTM, that delivers detailed threat analysis across all traffic types seen on today’s networks, inspecting data at the application level, to provide insights across every port, protocol, and application, including SSL-encrypted traffic. By synthesizing intelligence information in the cloud, ScoutIQ can provide superior protection against unknown and emerging threats to Untangle NG Firewall subscribers globally and seamlessly.


Known threats are blocked onsite at the gateway between the local network and the internet by Untangle’s award-winning NG Firewall. By natively integrating with ScoutIQ, NG Firewall is able to pinpoint zero day, never-before-seen malware––and block it before it ever enters the network. This protection capability is then shared to all NG Firewall customers globally.


ScoutIQ aggregates anonymous telemetry information across files, URLs, and IPs observed across NG Firewall deployments. Unlike the traditional security industry threat feeds, ScoutIQ provides real-world visibility into the threats that are actually seen in the wild by our global network.


Untangle Labs provides aggregated statistics on a number of dimensions associated with malware distribution. These include geo-distribution (source and origin), transmission protocols, historical incidence and more.