centripetal's mission and innovation

Centripetal set out a few years ago with a single mission: to protect organizations from advanced threats.

How we execute on our mission is what's dramatically different about us. We've built a disruptive solution for cyber teams to enable continuous prevention through intelligence-led enforcement.

What's this mean? It means we have invented the Threat Intelligence Gateway, which extrapolates every and any threat intelligence feed and applies advanced packet filtering at the network edge to prevent unwanted traffic from hitting your network. 

We've simplified threat intelligence collection, management, and action - or as we call it, enforcement. We take hundreds of millions of indicators and distill to a finite number of rules to prevent millions of threats, delivering an unprecedented intelligence-led defense.

cleaninternet for enterprise


Manually sifting through packet capture logs, or relying only on sending logs to a SIEM platform does not scale to today's expanding attack surface. And we know firewalls and IPS systems aren't effective at processing hundreds of millions of indcators. 

This is where advanced packet filtering leveraging threat intelligence becomes a critical technology in today's SOC. One major component of our Threat Intelligence Gateway solution is the actual enforcement point, RuleGATE®. The RuleGATE is a physical or virtual appliance, and can be configured to spec to meet speed and scale requirements. 

Our powerful RuleGATE appliances performs essential functions within the CleanINTERNET service:

  • Shielding and Blocking. Upfront, automatic removal of risk-based including targeted geo-blocking, compliance policies, TOR proxy removal, known malicious IPs, malvertizers, and new domain shielding.
  • Event Logging. Inspection of every packet, log and flow, delivering real-time analytics on events inside or outside the network to end users and providers.
  • Threat PCAP. Full packet capture for indicator based hits we can quickly get to a definitive answer on risk. By capturing just threat traffic we've made our technology over hundred times more efficient than other available solutions.


Threat intelligence comes in many forms and flavors. Centripetal's enforcement of threat intelligence is made possible by sublinear filtering and the correlation of a massive amount of threat data. Centripetal has solved the challenge of complex data processing and filtering so customers don't have to take it on. 

In order to prevent hundreds of millions of threats, the curation and correlation of bulk threat data has to convert to policies that instruct what's enforced. The policy construct of our Threat Intelligence Gateway is designed for operating across a risk-based spectrum to optimize and prioritize human analysis and workflow.

Centripetal's intelligence policies are built from complex combinations of static and dynamic rules so that rules and policies can be constructed to filter on any combination of the following elements, which are typically part of the commercial indicator of compromise. Where no other technology is efective? Its not just malicious IP's:

  • Source IP, Destination IP, and IP range (v4 or v6)
  • Port or Port Range
  • Protocol
  • Domain
  • URL
  • FQDN
  • Dynamic, multi-dimensional indicators of compromise


Centripetal has architected its technology to process unprecedented amounts of threat data, and to enforce based on complex policies and rules in real-time. Centripetal's technology stack includes advanced management and analytics for visibility into threats prevented, and those where more intestigation is necessary. 

Centripetal's QuickTHREAT Analytics Manager lets organizations manage dynamic threat intelligence subscriptions, create and manage threat intelligence indicator sets, and build, maintain, and enforce cyber-security policies to meet the needs of the organization.

System administrators gain full visibility into the status and health of their RuleGate® enforement filters deployed, including full control over network infrastructure and high-availability configurations that integrate into SIEM platforms and any SOC tool.

Specific technical capabilities include: 

  • Centralized management of threat intelligence indicator sets and running policies.
  • Visibility into the status and health of dispersed RuleGATE enforcement appliances. 
  • High-availability monitoring can track the status of active ports and other high availability peers.
  • Real-time monitoring of hardware system status, including CPU load, memory usage, power supply status, and critical system temperatures.
  • Maintain accountability with security audit logs ensure all transactions, including policy changes, are tracked and available for review.

how to buy

CleanINTERNET can be deployed across the largest data centers, branch offices and mid-sized organizations for comprehensive protection.

Buy Now/Contact Sales for Quote
Start a 30-day trial Today