Block AI attackers at the network level. Feed your firewall with our real-time threat intelligence.
Important: AI Threat Feed is a complement to Prompt Guard. Blocklist IPs come from Prompt Guard detections. Requires an active Pro or Enterprise subscription.
Prompt Guard detects an attack and records the attacker's IP
The IP is added to the Threat Feed within seconds
Your firewall pulls the list and blocks automatically
# Attaquant tente injection → Prompt Guard BLOQUE → IP enregistrée # # Firewall poll toutes les 5 min: GET /api/v1/firewall/blocklist?vendor=paloalto&severity=high,critical # # Réponse: # 203.0.113.42 # 198.51.100.17 # 192.0.2.88 # # → Attaquant bloqué au périmètre réseau ✓
Native integration with all major firewall vendors via External Dynamic Lists (EDL).
PAN-OS EDLExternal Threat FeedIntelligence FeedThreat FeedIntelligence FeedDynamic AddressAddress ObjectIP ListAttackers are blocked at the network level, before even reaching your application.
New malicious IPs added within seconds of detection.
3 layers of protection: API (Prompt Guard) + SIEM + Network (Threat Feed).
An attacker blocked once cannot retry for 30 days.
Configure your firewall to pull the blocklist every 5 minutes. One endpoint, universal format.
1 IP per line, compatible with all firewalls
Block only HIGH and CRITICAL
IPs from last 24h, 48h or 7 days
# Palo Alto EDL
curl -H "Authorization: Bearer YOUR_API_KEY" \
"https://api.adlibo.com/v1/firewall/blocklist?vendor=paloalto"
# Fortinet with severity filter
curl -H "Authorization: Bearer YOUR_API_KEY" \
"https://api.adlibo.com/v1/firewall/blocklist?vendor=fortinet&severity=high,critical"
# JSON format for custom integration
curl -H "Authorization: Bearer YOUR_API_KEY" \
"https://api.adlibo.com/v1/firewall/blocklist?format=json"AI Threat Feed is included in all paid plans. No additional cost.