By GreyNoise Intelligence
Query basic IP information such as the owners and its internet scanning activity in the last 90 days.
GreyNoise Transforms for Maltego
GreyNoise is a cybersecurity platform that collects and analyzes Internet-wide scan and attack traffic. This data is made available through SIEM, SOAR, TIP integrations, command-line tool, bulk data, visualizer, Enterprise API, and community API so users can contextualize existing alerts, filter false positives, identify compromised devices, and track emerging threats.
With the help of Greynoise datasets, analysts can recognize events not worth their attention. Indicators in GreyNoise are likely associated with opportunistic internet scanning or common business services, not targeted threats. This context helps analysts focus on what matters most.
The Community API provides community users with a free tool to query IPs in the GreyNoise dataset and retrieve a subset of the full IP context data returned by the IP Lookup API.
The GreyNoise Community API Transform provides users with the basic insight of an indicator, using a subset of the GreyNoise datasets. It is available for a free trial to users without registration, and with a limited number of lookups per day.
Unlimited access to the Community API is available to all users with their GreyNoise account API key. Register here to get started.
- Query an IP via the Community API and see basic information about that IP such as the organization name that owns the IP, if the IP has been observed scanning the internet in the last 90 days etc.
- Gain a comprehensive perspective of investigations by pivoting across other disparate data sources available on the Transform Hub, all in one single UI
- Incident response
- Threat Intelligence
- Cyber and Digital Forensics
Pricing & Access
Available for users with Maltego CE.
- Click-and-Run (CE): Simply install the Hub item on your Maltego Desktop Client and start using it, with a Transform run allowance of 1,500 Transform runs/month.
Users with Maltego One have the following access or purchase options:
- Click-and-Run (Pro): Simply install the Hub item on your Maltego Desktop Client and start using it, with a Transform run allowance of 3,000 Transform runs/month.
- Click-and-Run (Enterprise): Simply install the Hub item on your Maltego Desktop Client and start using it, with a Transform run allowance of 15,000 Transform runs/month.
About GreyNoise Intelligence
GreyNoise helps security analysts save time by revealing which events they can ignore. We do this by curating data on IPs that saturate security tools with noise. This unique perspective helps analysts confidently ignore irrelevant or harmless activity, creating more time to uncover and investigate true threats. This data is delivered through our SIEM, SOAR, and TIP integrations, API, command-line tool, bulk data, and visualizer.
For more information, visit https://greynoise.io/.