Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
CINS (Collective Intelligence Network Security) is a threat intelligence system built around the Sentinel IPS device network. It continuously collects attack alerts from Sentinel units worldwide and combines them with trusted InfoSec community sources to generate a CINS Score for flagged IPs, reflecting how trustworthy or malicious an IP may be. In addition to the score, the system provides WHOIS data, source country, score history, as well as the nature and frequency of attacks and their impact across the Sentinel network.
In terms of protection coverage, CINS mainly focuses on IP reputation, malicious IP identification, and reputation-based blocking rules. Its intelligence can identify malicious IPs with different “profiles,” such as scanners, sources of remote desktop exploit attempts, and botnet C2 infrastructure. CINS Active Threat Intelligence continuously feeds IP rules deemed sufficiently malicious back into the Sentinel network, providing automated protection for Sentinel customers. The publicly available CINS Army list is a subset of this ruleset, containing IPs that have recently received a very poor Rogue Packet score or triggered trusted alerts across multiple Sentinel devices.
The full CINS Score is currently available only to Sentinel customers and is accessed through the Sentinel web interface. The publicly available CINS Army list is a simple text file that network administrators can parse and import into firewall blacklists, or use to build custom IDS/IPS signatures. The page also notes that the list is available through the Emerging Threats open-source community. From a management perspective, the source material emphasizes transparency around scoring reasons, including WHOIS, country, attack type, and history, but does not disclose API availability, SIEM/SOAR integrations, alert delivery, or permission management capabilities.
The source material does not disclose pricing, plans, payment methods, SLAs, or compliance certifications. CINS Score is currently limited to Sentinel customers, while the CINS Army list is more like a community-contributed threat intelligence feed. Support is mainly available by phone and via [email protected], and there is also a channel for reporting false positives. The official material says false positives are rare, but does not provide a committed response time.
Its strengths are that the data comes from real IPS deployments, and the scoring is not just a black-box conclusion—it also includes substantial context. The text format also makes it easy to integrate with existing firewalls and IDS/IPS systems at a low barrier. Its limitations are that the intelligence is concentrated on IPs, the public list is only a subset and capped at 15,000 IPs, and the full value depends on the Sentinel ecosystem. It is suitable for Sentinel customers, network administrators, and SOC teams for perimeter blocking, threat analysis, and rule enhancement.
The source material does not provide information on mainland China access, payment, or localization, so network availability should be considered unknown. As alternatives or supplements, threat intelligence sources such as AbuseIPDB, Spamhaus, AlienVault OTX, Cisco Talos, Emerging Threats, or GreyNoise may be considered.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on ciarmy.com official site.
ciarmy.com is an United States Security provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach ciarmy.com directly.