Silent Push threat data now available in Splunk

Splunk Logo

We’re thrilled to announce the Silent Push Splunk Add-On. The add-on is intended to collect prioritized observables from the Silent Push App then make them directly available in a Splunk Enterprise instance.

Additionally, the Silent Push app can be fully integrated into existing cyber security systems, strengthening the capabilities of existing cyber security teams.

Key Benefits

  • Exposing high-risk and hard-to-detect attacker infrastructure in an easy-to-consume API, including live infrastructure of top access brokers.
  • Enrichment of existing CTI feeds; scored and ranked by importance.
  • Silent Push-generated feeds focused on threats that specifically affect your organization.
  • A variety of groundbreaking security tools, including the explore tool for finding similar and related infrastructure and the ability to save prioritized indicators suitable for specific security tools such as email security services or firewalls.

The Silent Push Threat Intelligence – Splunk Add-On is available immediately. Contact [email protected] for general inquiries. There’s also a tutorial video here: