AWS says it is using a neural network called Mithra, “a massive internal neural network graph model … that uses algorithms for threat intelligence” to identify malicious domains. Mithra has been detected more than 180,000 on a daily basis; it “is also capable of predicting malicious domains days, weeks, and sometimes even months before they show up on threat intel feeds from third parties.” More https://aws.amazon.com/blogs/security/how-aws-tracks-the-clouds-biggest-security-threats-and-helps-shut-them-down/
