By GreyNoise Intelligence
GreyNoise Transforms for Maltego
GreyNoise is a cybersecurity platform that collects and analyzes Internet-wide scan and attack traffic. This data is made available through SIEM, SOAR, TIP integrations, command-line tool, bulk data, visualizer, Enterprise API, and community API so users can contextualize existing alerts, filter false positives, identify compromised devices, and track emerging threats.
With the help of Greynoise datasets, analysts can recognize events not worth their attention. Indicators in GreyNoise are likely associated with opportunistic internet scanning or common business services, not targeted threats. This context helps analysts focus on what matters most.
The Community API provides community users with a free tool to query IPs in the GreyNoise dataset and retrieve a subset of the full IP context data returned by the IP Lookup API.
The GreyNoise Community API Transform provides users with the basic insight of an indicator, using a subset of the GreyNoise datasets. It is available for a free trial to users without registration, and with a limited number of lookups per day.
Unlimited access to the Community API is available to all users with their GreyNoise account API key. Register here to get started.
- Query an IP via the Community API and see basic information about that IP such as the organization name that owns the IP, if the IP has been observed scanning the internet in the last 90 days etc.
- Gain a comprehensive perspective of investigations by pivoting across other disparate data sources available on the Transform Hub, all in one single UI
- Incident response
- Threat Intelligence
- Cyber and Digital Forensics
Pricing & Access
Pricing Tier: Free
Hub Type: Commercial Hub
Requirements: Maltego One, Classic, and XL license
- Free Trial
- Instant access on Maltego Client
- No Registration required
- No API Key required
- For Commercial Maltego licenses, 100 Transform Runs/day
- Unlimited access to community API
- Registration required. Sign up here for an API key
- Install the Hub Item, and enter your API to get started
Reach out to us to learn more about this data integration and how to access it.
About GreyNoise Intelligence
GreyNoise helps security analysts save time by revealing which events they can ignore. We do this by curating data on IPs that saturate security tools with noise. This unique perspective helps analysts confidently ignore irrelevant or harmless activity, creating more time to uncover and investigate true threats. This data is delivered through our SIEM, SOAR, and TIP integrations, API, command-line tool, bulk data, and visualizer.
For more information, visit https://greynoise.io/