GreyNoise tells security analysts what not to worry about. We do this by curating data on IPs that saturate security
tools with noise. This unique perspective helps analysts confidently ignore irrelevant or harmless activity, creating
more time to uncover and investigate true threats. Includes Actions to allow IP enrichment and GNQL queries via
the GreyNoise API.
What does this pack do?
The playbooks and actions in this pack help you to reduce Internet-Background noise and benign services from your
Incident Response work.
They also help automate repetitive tasks associated with routable IPv4 addresses:
- Query an IP to determine if it is Internet-Background Noise
- Query an IP to determine if it is a Benign Service
- Query the GreyNoise data set for common trends by looking for CVEs, paths, ports or fingerprints
- Pull stats from the GreyNoise data set for threat hunting and identifying emerging threats
- Calculate the severity of the incident using GreyNoise IP reputation data
This Pack Contains two Integrations: GreyNoise and GreyNoise Community
- GreyNoise: is intended for those users that have a Paid GreyNoise subscription
- GreyNoise Community: is intended for those users that use the free GreyNoise Community API
For more information, visit our GreyNoise Developer Documentation
For GreyNoise support, contact GreyNoise Support