This document provides an overview of how the GreyNoise Intelligence integration for Maltego helps investigators enables security teams to quickly filter out internet background noise from investigations and identify emerging threats actively exploiting CVEs in the wild.
GreyNoise is a cybersecurity platform that collects and analyzes Internet-wide scan and attack traffic. This data is made available through SIEM, SOAR, TIP integrations, command-line tool, bulk data, visualizer, Enterprise API, and community API so users can contextualize existing alerts, filter false positives, identify compromised devices, and track emerging threats.
This GreyNoise Transforms allow users to identify and correlate activity that is related to mass-internet scanning. Enriching IPs with GreyNoise helps to provide insight on what activity an IP has been observe performing on sections of the internet.
Download this PDF solution brief and read more about how investigators use GreyNoise Transforms in Maltego.