Integrations
A Note From GreyNoise on Integrations
GreyNoise wants to make it as easy as possible to integrate into your favorite security tools. Below is a list of tools with integrations today, but we are always looking to expand. If you work with a tool that GreyNoise should be integrated with, please contact us at [email protected].
Current Integrations
Below are some of our most popular integrations.
AI/ML Focused Tools
| Company | Product | Link | Enterprise API | Feed | Community API | Maintained By |
|---|---|---|---|---|---|---|
| Microsoft | Copilot for Security | Plugin Details | ✅ | ❌ | ✅ | Jointly |
SIEM
Company | Product | Link | Enterprise API | Feed | Community API | Maintained By |
|---|---|---|---|---|---|---|
Elastic | Logstash | ✅ | ❌ | ❌ | GreyNoise | |
Graylog | Graylog | ✅ | ❌ | ❌ | Vendor | |
SecOps | ❌ | ✅ | ❌ | GreyNoise | ||
IBM | QRadar | ✅ | ❌ | ❌ | GreyNoise | |
Microsoft | Azure Sentinel - Enrichment Playbooks | ## ## | ✅ | ❌ | ✅ | Vendor |
Microsoft | Azure Sentinel - TI Feed | ✅ | ✅ | ❌ | GreyNoise | |
Panther | Panther | ❌ | ✅ | ❌ | Vendor | |
Splunk | Splunk | ✅ | ✅ | ❌ | GreyNoise | |
SumoLogic | Cloud SIEM | ✅ | ❌ | ❌ | Vendor |
XDR
| Company | Product | Link | Enterprise API | Feed | Community | Maintained By |
|---|---|---|---|---|---|---|
| Hunters | Hunters XDR | Hunters Integrations | ✅ | ❌ | ✅ | Vendor |
SOAR
Company | Product | Link | Enterprise API | Feed | Community API | Maintained By |
|---|---|---|---|---|---|---|
Chronicle (Siemplify) | Chronicle SOAR (Siemplify) | ✅ | ❌ | ✅ | GreyNoise | |
Fortinet | FortiSOAR | ✅ | ❌ | ✅ | GreyNoise | |
IBM | Resilient | ✅ | ❌ | ❌ | Vendor | |
Palo Alto | ✅ | ✅ | ✅ | GreyNoise | ||
Rapid7 | Insight Connect | ✅ | ❌ | ✅ | GreyNoise | |
Splunk | SOAR (formerly Phantom) | ✅ | ❌ | ✅ | GreyNoise | |
StackStorm | StackStorm | ✅ | ❌ | ❌ | GreyNoise | |
SumoLogic | SOAR (IncMAN) | ✅ | ❌ | ❌ | Vendor | |
Swimlane | Swimlane | ✅ | ❌ | ✅ | Vendor | |
Tines | SOAR Platform | ✅ | ❌ | ✅ | Vendor | |
Torq | Torq | ✅ | ❌ | ❌ | Vendor | |
Shuffle | Shuffle SOAR | ✅ | ❌ | ✅ | Vendor |
TIP
Company | Product | Link | Enterprise API | Feed | Community API | Maitained By |
|---|---|---|---|---|---|---|
Analyst1 | Analyst1 Platform | ✅ | ❌ | ✅ | Vendor | |
Anomali | ThreatStream Enrichment | ✅ | ✅ | ✅ | GreyNoise | |
Cyware | CTIX | ✅ | ❌ | Vendor | ||
EclecticIQ | EclecticIQ Intelligence Center | ✅ | ✅ | ✅ | Vendor | |
MISP | MISP | ✅ | ✅ | ✅ | GreyNoise | |
OpenCTI | Connector | ✅ | ✅ | ❌ | GreyNoise | |
Recorded Future | SIP | ✅ | ❌ | ❌ | GreyNoise | |
ThreatConnect | TIP | ✅ | ❌ | ❌ | Vendor | |
ThreatQ | TIP | ✅ | ✅ | ✅ | Vendor | |
Vertex | Synapse | ✅ | ❌ | ✅ | Vendor |
Firewall
| Company | Product | Link | Blocklist Support | Maintained By |
|---|---|---|---|---|
| Sophos | Third-Party Feeds | Sophos Documentation | ✅ | Vendor |
Other
| Company | Product | Link | Enterprise API | Community API | Maintained By |
|---|---|---|---|---|---|
| Arctic Security | Arctic Security | Arctic Security | ✅ | ❌ | Vendor |
| Axonius | Cybersecurity Asset Management | Axonius Docs | ✅ | ❌ | Vendor |
| Arkime | Cont3xt | Cont3xt | ❌ | ✅ | Vendor |
| Cribl | Stream | Cribl Packs | ✅ | ❌ | GreyNoise |
| Datadog | Worfklow Automation | Actions Catalog | ✅ | ❌ | Vendor |
| ZScaler | Deception | ZScaler Deception Docs | ✅ | ❌ | Vendor |
Analyst Tools / OSINT
| Company | Product | Link | Enterprise API | Community API | Maintained By |
|---|---|---|---|---|---|
| Gigasheet | Gigasheet | Gigasheet | ✅ | ❌ | Vendor |
| Harpoon | CLI Tool | Harpoon Github | ✅ | ✅ | Vendor |
| The Hive | Cortex Analyzer | TheHive Github | ✅ | ❌ | GreyNoise Contributes |
| Maltego | Maltego | Transform Hub | ✅ | ✅ | GreyNoise |
| Outcome Security | Kaleidoscope | Kaleidoscope | ✅ | ✅ | Vendor |
| Polarity | Polarity | Polarity GitHub | ✅ | ✅ | Vendor |
| pOSINT | pOSINT | pOSINT Github | ✅ | ❌ | Vendor |
| Spiderfoot | Spiderfoot | Spiderfoot GH | ✅ | ✅ | GreyNoise Contributes |
| Sputnik | Browser Extension | Sputnik GitHub | Uses GreyNoise Visualizer Only | Uses GreyNoise Visualizer Only | Vendor |
Other Community Contributed Integrations
| Author | Product | Link | Enterprise API | Community API |
|---|---|---|---|---|
| Cowrie | Cowrie | Cowrie GitHub | ❌ | ✅ |
| CyberGordon | CyberGordon | CyberGordon | ❌ | ✅ |
| AndrewPla | GreyNoisePS | GreyNoisePS GitHub | ✅ | ✅ |
| hrbrmstr | GreyWatch | GreyWatch GitHub | ❌ | ✅ |
| IntelOwl | IntelOwl | IntelOwl GitHub | ✅ | ✅ |
| matamorphosis | Scrummage | Scrummage GitHub | ❌ | ✅ |
| HurricaneLabs | Machinae | HL Github | ❌ | ✅ |
| Sage | Canary-GreyNoise-Community-Threat-Intel-Report via Thinkst | Thinkst Canary GH | ❌ | ✅ |
| Sage | Canary-GreyNoise-Enterprise-Threat-Intel-Report via Thinkst | Thinkst Canary GH | ✅ | ❌ |
| Ninoseki | Mihari | Ninoseki Github | ✅ | ❌ |
| Ninoseki | Mitaka | Ninoseki Github | ✅ | ✅ |
| ThreatDudes | GreyNoise Discord Alerts | ThreatDudes Github | ✅ | ❌ |
| Backchannel Inc. | GreyNoise Cloudflare Worker | Backchannelinc Github | ❌ | ✅ |
| Brex HQ | Substation | Substation Docs | ✅ | ✅ |
Updated 2 months ago