Browse Apps
Integration Documentation
  • Last Updated
    Aug 27, 2024
  • Version
    1.5.2
  • Compatibility
    ThreatQ versions >= 4.58.0

    • GreyNoise CDF

    ThreatQuotient

    greynoise.io

    Overview

    GreyNoise collects, analyzes, and labels data on IPs that saturate security tools with noise. This unique perspective helps analysts waste less time on irrelevant or harmless activity, and spend more time focused on targeted and emerging threats.
    The GreyNoise CDF provides the following feeds:
    • GreyNoise - ingests new, malicious IP Addresses every day. Additionally, a GNQL query can be provided to narrow down the results.
    • GreyNoise Enrichment - queries GreyNoise with IP Addresses from a Threat Collection and enriches those IP Addresses with the data that it ingests.
    The following system object types are ingested by the integration:
    • Indicators
    • Indicator Attributes
    • Tags

    Copyright © 2025, ThreatQuotient, Inc. All Rights Reserved. Privacy Policy