Silent Push App for Splunk

The new Silent Push App for Splunk allows Splunk users to unlock the power of Silent Push’s threat intelligence and threat hunting capabilities within Splunk. Whether you want to stay ahead of emerging threats by correlating logs with our Indicators of Future Attack or want to proactively get more context on indicators through our daily internet-scale collection, the experience in our Splunk app has you covered. FEATURES: Correlation Dashboard - Correlate indicators in a Splunk index of your choice with our Indicators of Future Attack to generate Notable Events and get the earliest warnings of potential breaches using either raw search or Splunk datamodels Indicators Dashboard - Review and analyze both Indicators of Future Attack feeds or custom Filter Profiles, receiving daily updates as new malicious infrastructure gets detected PADNS - Query all of Silent Push’s PADNS data, accessing all record types as well as proprietary enriched context metrics like IP Diversity Reputation - Investigate the reputation and history of indicators including ASNs, nameservers, and subnets Enrichment - Get enriched context on domain names, IPv4, and IPv6 - Bulk enrichment via custom commands Web Scanner & Live Scan - Search against historical IP scanning data or initiate a live on-demand scan to get current metadata and screenshot