Integrations
A Note From GreyNoise on Integrations
GreyNoise wants to make it as easy as possible to integrate into your favorite security tools. Below is a list of tools with integrations today, but we are always looking to expand. If you work with a tool that GreyNoise should be integrated with, please contact us at [email protected].
Current Integrations
Below are some of our most popular integrations.
AI/ML Focused Tools
| Company | Product | Link | Enterprise API | Feed | Community API | Maintained By |
|---|---|---|---|---|---|---|
| Microsoft | Copilot for Security | Plugin Details | ✅ | ❌ | ✅ | Jointly |
SIEM
| Company | Product | Link | Enterprise API | Feed | Community API | Maintained By |
|---|---|---|---|---|---|---|
| Elastic | Logstash | Logstash GitHub | ✅ | ❌ | ❌ | GreyNoise |
| Graylog | Graylog | Graylog Docs | ✅ | ❌ | ❌ | Vendor |
| SecOps | Google SecOps Integrations | ❌ | ✅ | ❌ | GreyNoise | |
| IBM | QRadar | IBM App Exchange | ✅ | ❌ | ❌ | GreyNoise |
| Microsoft | Azure Sentinel - Enrichment Playbooks | ## Sentinel GitHub - Enterprise## Sentinel GitHub - CommunityBlog Post | ✅ | ❌ | ✅ | Vendor |
| Microsoft | Azure Sentinel - TI Feed | Azure Marketplace | ✅ | ✅ | ❌ | GreyNoise |
| Panther | Panther | Panther Lookup Table | ❌ | ✅ | ❌ | Vendor |
| Splunk | Splunk | SplunkBase | ✅ | ✅ | ❌ | GreyNoise |
| SumoLogic | Cloud SIEM | SumoLogic Docs | ✅ | ❌ | ❌ | Vendor |
XDR
| Company | Product | Link | Enterprise API | Feed | Community | Maintained By |
|---|---|---|---|---|---|---|
| Hunters | Hunters XDR | Hunters Integrations | ✅ | ❌ | ✅ | Vendor |
SOAR
| Company | Product | Link | Enterprise API | Feed | Community API | Maintained By |
|---|---|---|---|---|---|---|
| Chronicle (Siemplify) | Chronicle SOAR (Siemplify) | Chronicle SOAR Marketplace | ✅ | ❌ | ✅ | GreyNoise |
| Cisco | SecureX | Cisco Github | ❌ | ❌ | ✅ | Vendor |
| Fortinet | FortiSOAR | FortiSOAR Connector | ✅ | ❌ | ✅ | GreyNoise |
| IBM | Resilient | IBM App Exchange | ✅ | ❌ | ❌ | Vendor |
| Palo Alto | XSOAR (formerly Demisto) | Cortex XSOAR Marketplace | ✅ | ✅ | ✅ | GreyNoise |
| Rapid7 | Insight Connect | Extension Library | ✅ | ❌ | ✅ | GreyNoise |
| Splunk | SOAR (formerly Phantom) | SplunkBase Playbook Downloads | ✅ | ❌ | ✅ | GreyNoise |
| StackStorm | StackStorm | StackStorm Exchange | ✅ | ❌ | ❌ | GreyNoise |
| SumoLogic | SOAR (IncMAN) | SumoLogic SOAR Integrations List | ✅ | ❌ | ❌ | Vendor |
| Swimlane | Swimlane | Swimlane Apphub | ✅ | ❌ | ✅ | Vendor |
| Tines | SOAR Platform | Tines Story Library | ✅ | ❌ | ✅ | Vendor |
| Torq | Torq | Torq Integrations Docs | ✅ | ❌ | ❌ | Vendor |
| Shuffle | Shuffle SOAR | Shuffle Greynoise API | ✅ | ❌ | ✅ | Vendor |
TIP
| Company | Product | Link | Enterprise API | Feed | Community API | Maitained By |
|---|---|---|---|---|---|---|
| Analyst1 | Analyst1 Platform | Analyst1 Integrations | ✅ | ❌ | ✅ | Vendor |
| Anomali | ThreatStream Enrichment | Anomali Marketplace | ✅ | ✅ | ✅ | GreyNoise |
| Cyware | CTIX | Cyware | ✅ | ❌ | Vendor | |
| EclecticIQ | EclecticIQ Intelligence Center | EclecticIQ Integration | ✅ | ✅ | ✅ | Vendor |
| MISP | MISP | MISP Github | ✅ | ✅ | ✅ | GreyNoise |
| OpenCTI | Connector | OpenCTI Github | ✅ | ✅ | ❌ | GreyNoise |
| Recorded Future | SIP | Recorded Future Integrations | ✅ | ❌ | ❌ | GreyNoise |
| ThreatConnect | TIP | ThreatConnect Marketplace | ✅ | ❌ | ❌ | Vendor |
| ThreatQ | TIP | ThreatQ MarketPlace | ✅ | ✅ | ✅ Enrichment Only | Vendor |
| Vertex | Synapse | ## Synapse Power-UpsGreyNoise Power Up | ✅ | ❌ | ✅ | Vendor |
Firewall
| Company | Product | Link | Blocklist Support | Maintained By |
|---|---|---|---|---|
| Sophos | Third-Party Feeds | Sophos Documentation | ✅ | Vendor |
Other
| Company | Product | Link | Enterprise API | Community API | Maintained By |
|---|---|---|---|---|---|
| Axonius | Cybersecurity Asset Management | Axonius Docs | ✅ | ❌ | Vendor |
| Arkime | Cont3xt | Cont3xt | ❌ | ✅ | Vendor |
| Cribl | Stream | Cribl Packs | ✅ | ❌ | GreyNoise |
| Datadog | Worfklow Automation | Actions Catalog | ✅ | ❌ | Vendor |
| ZScaler | Deception | ZScaler Deception Docs | ✅ | ❌ | Vendor |
Analyst Tools / OSINT
| Company | Product | Link | Enterprise API | Community API | Maintained By |
|---|---|---|---|---|---|
| Gigasheet | Gigasheet | Gigasheet | ✅ | ❌ | Vendor |
| Harpoon | CLI Tool | Harpoon Github | ✅ | ✅ | Vendor |
| The Hive | Cortex Analyzer | TheHive Github | ✅ | ❌ | GreyNoise Contributes |
| Maltego | Maltego | Transform Hub | ✅ | ✅ | GreyNoise |
| Outcome Security | Kaleidoscope | Kaleidoscope | ✅ | ✅ | Vendor |
| Polarity | Polarity | Polarity GitHub | ✅ | ✅ | Vendor |
| pOSINT | pOSINT | pOSINT Github | ✅ | ❌ | Vendor |
| Spiderfoot | Spiderfoot | Spiderfoot GH | ✅ | ✅ | GreyNoise Contributes |
| Sputnik | Browser Extension | Sputnik GitHub | Uses GreyNoise Visualizer Only | Uses GreyNoise Visualizer Only | Vendor |
Other Community Contributed Integrations
| Author | Product | Link | Enterprise API | Community API |
|---|---|---|---|---|
| Cowrie | Cowrie | Cowrie GitHub | ❌ | ✅ |
| CyberGordon | CyberGordon | CyberGordon | ❌ | ✅ |
| AndrewPla | GreyNoisePS | GreyNoisePS GitHub | ✅ | ✅ |
| hrbrmstr | GreyWatch | GreyWatch GitHub | ❌ | ✅ |
| IntelOwl | IntelOwl | IntelOwl GitHub | ✅ | ✅ |
| matamorphosis | Scrummage | Scrummage GitHub | ❌ | ✅ |
| HurricaneLabs | Machinae | HL Github | ❌ | ✅ |
| Sage | Canary-GreyNoise-Community-Threat-Intel-Report via Thinkst | Thinkst Canary GH | ❌ | ✅ |
| Sage | Canary-GreyNoise-Enterprise-Threat-Intel-Report via Thinkst | Thinkst Canary GH | ✅ | ❌ |
| Ninoseki | Mihari | Ninoseki Github | ✅ | ❌ |
| Ninoseki | Mitaka | Ninoseki Github | ✅ | ✅ |
| ThreatDudes | GreyNoise Discord Alerts | ThreatDudes Github | ✅ | ❌ |
| Backchannel Inc. | GreyNoise Cloudflare Worker | Backchannelinc Github | ❌ | ✅ |
| Brex HQ | Substation | Substation Docs | ✅ | ✅ |
Updated 1 day ago