Splunk users just gained another edge in the constant battle against cyber threats. Now, Splunk customers can have access to Sixgill’s Darkfeed™, the automated intelligence stream of indicators of compromise (IOCs).
Together with Splunk Enterprise Security, enterprises gain contextual and actionable insights in real-time to enhance security and protect against threats.
“ Manual threat intelligence can take days, while criminals operate by the hour. Darkfeed delivers automated insights in real-time so security teams can react instantly and stay ahead of threats,” said Sharon Wagner, CEO of Sixgill. “It gives unmatched intelligence for maximum performance and delivers added value through frictionless integration with Splunk.”
For users of the Splunk Enterprise Security, the integration leverages Sixgill’s power to supercharge threat research and incident response with access to real-time threat intelligence. With Darkfeed, security teams receive early warnings of new malware threats, empowering them to hunt for malicious indicators of compromise on corporate networks, better understand trends in the criminal underground, and block items that threaten their organizations.
Darkfeed monitors IOCs and notifies customers whenever one of the indicators, including domains, URLs, hashes, and IP addresses, is mentioned on the dark web. Darkfeed relies on Sixgill’s vast data lake of deep and dark web sources to provide automated, advanced, and actionable warnings about new cyberthreats.
To learn more and to download Sixgill’s Darkfeed, visit Splunkbase integration.