The GreyNoise Action Bundle for ThreatQ enables analysts to use GreyNoise Enterprise for automated enrichment and investigations.

The action bundle provides the following actions:

• GreyNoise - IP Quick Check - performs a quick noise check on the IPs of the selected data collection.
• GreyNoise - CVE Enrichment - enriches selected CVEs with GreyNoise data.
• GreyNoise - IP Context - enriches select IPs with GreyNoise's full contextual data.  

The integration is both compatible with and returns IP Address type indicators.  Additionally, the GreyNoise - CVE Enrichment action is also compatible and enriches CVE type indicators and vulnerabilities.  

Note: This action is intended for use with ThreatQ TDR Orchestrator (TQO). An active TQO license is required for this feature.