Integrations
A Note From GreyNoise on Integrations
GreyNoise wants to make it as easy as possible to integrate into your favorite security tools. Below is a list of tools with integrations today, but we are always looking to expand. If you work with a tool that GreyNoise should be integrated with, please contact us at [email protected].
Current Integrations
Below are some of our most popular integrations.
AI/ML Focused Tools
Company | Product | Link | Enterprise API | Feed | Community API | Maintained By |
---|---|---|---|---|---|---|
Microsoft | Copilot for Security | Plugin Details | ✅ | ❌ | ✅ | Jointly |
SIEM
Company | Product | Link | Enterprise API | Feed | Community API | Maintained By |
---|---|---|---|---|---|---|
Elastic | Logstash | Logstash GitHub | ✅ | ❌ | ❌ | GreyNoise |
Graylog | Graylog | Graylog Docs | ✅ | ❌ | ❌ | Vendor |
SecOps | Google SecOps Integrations | ❌ | ✅ | ❌ | GreyNoise | |
IBM | QRadar | IBM App Exchange | ✅ | ❌ | ❌ | GreyNoise |
Microsoft | Azure Sentinel - Enrichment Playbooks | ## Sentinel GitHub - Enterprise## Sentinel GitHub - CommunityBlog Post | ✅ | ❌ | ✅ | Vendor |
Microsoft | Azure Sentinel - TI Feed | Azure Marketplace | ✅ | ✅ | ❌ | GreyNoise |
Panther | Panther | Panther Lookup Table | ❌ | ✅ | ❌ | Vendor |
Splunk | Splunk | SplunkBase | ✅ | ✅ | ❌ | GreyNoise |
SumoLogic | Cloud SIEM | SumoLogic Docs | ✅ | ❌ | ❌ | Vendor |
XDR
Company | Product | Link | Enterprise API | Feed | Community | Maintained By |
---|---|---|---|---|---|---|
Hunters | Hunters XDR | Hunters Integrations | ✅ | ❌ | ✅ | Vendor |
SOAR
Company | Product | Link | Enterprise API | Feed | Community API | Maintained By |
---|---|---|---|---|---|---|
Chronicle (Siemplify) | Chronicle SOAR (Siemplify) | Chronicle SOAR Marketplace | ✅ | ❌ | ✅ | GreyNoise |
Cisco | SecureX | Cisco Github | ❌ | ❌ | ✅ | Vendor |
Fortinet | FortiSOAR | FortiSOAR Connector | ✅ | ❌ | ✅ | GreyNoise |
IBM | Resilient | IBM App Exchange | ✅ | ❌ | ❌ | Vendor |
Palo Alto | XSOAR (formerly Demisto) | Cortex XSOAR Marketplace | ✅ | ✅ | ✅ | GreyNoise |
Rapid7 | Insight Connect | Extension Library | ✅ | ❌ | ✅ | GreyNoise |
Splunk | SOAR (formerly Phantom) | SplunkBase Playbook Downloads | ✅ | ❌ | ✅ | GreyNoise |
StackStorm | StackStorm | StackStorm Exchange | ✅ | ❌ | ❌ | GreyNoise |
SumoLogic | SOAR (IncMAN) | SumoLogic SOAR Integrations List | ✅ | ❌ | ❌ | Vendor |
Swimlane | Swimlane | Swimlane Apphub | ✅ | ❌ | ✅ | Vendor |
Tines | SOAR Platform | Tines Story Library | ✅ | ❌ | ✅ | Vendor |
Torq | Torq | Torq Integrations Docs | ✅ | ❌ | ❌ | Vendor |
Shuffle | Shuffle SOAR | Shuffle Greynoise API | ✅ | ❌ | ✅ | Vendor |
TIP
Company | Product | Link | Enterprise API | Feed | Community API | Maitained By |
---|---|---|---|---|---|---|
Analyst1 | Analyst1 Platform | Analyst1 Integrations | ✅ | ❌ | ✅ | Vendor |
Anomali | ThreatStream Enrichment | Anomali Marketplace | ✅ | ✅ | ✅ | GreyNoise |
Cyware | CTIX | Cyware | ✅ | ❌ | Vendor | |
EclecticIQ | EclecticIQ Intelligence Center | EclecticIQ Integration | ✅ | ✅ | ✅ | Vendor |
MISP | MISP | MISP Github | ✅ | ✅ | ✅ | GreyNoise |
OpenCTI | Connector | OpenCTI Github | ✅ | ✅ | ❌ | GreyNoise |
Recorded Future | SIP | Recorded Future Integrations | ✅ | ❌ | ❌ | GreyNoise |
ThreatConnect | TIP | ThreatConnect Marketplace | ✅ | ❌ | ❌ | Vendor |
ThreatQ | TIP | ThreatQ MarketPlace | ✅ | ✅ | ✅ Enrichment Only | Vendor |
Vertex | Synapse | ## Synapse Power-UpsGreyNoise Power Up | ✅ | ❌ | ✅ | Vendor |
Firewall
Company | Product | Link | Blocklist Support | Maintained By |
---|---|---|---|---|
Sophos | Third-Party Feeds | Sophos Documentation | ✅ | Vendor |
Other
Company | Product | Link | Enterprise API | Community API | Maintained By |
---|---|---|---|---|---|
Axonius | Cybersecurity Asset Management | Axonius Docs | ✅ | ❌ | Vendor |
Arkime | Cont3xt | Cont3xt | ❌ | ✅ | Vendor |
Cribl | Stream | Cribl Packs | ✅ | ❌ | GreyNoise |
Datadog | Worfklow Automation | Actions Catalog | ✅ | ❌ | Vendor |
ZScaler | Deception | ZScaler Deception Docs | ✅ | ❌ | Vendor |
Analyst Tools / OSINT
Company | Product | Link | Enterprise API | Community API | Maintained By |
---|---|---|---|---|---|
Gigasheet | Gigasheet | Gigasheet | ✅ | ❌ | Vendor |
Harpoon | CLI Tool | Harpoon Github | ✅ | ✅ | Vendor |
The Hive | Cortex Analyzer | TheHive Github | ✅ | ❌ | GreyNoise Contributes |
Maltego | Maltego | Transform Hub | ✅ | ✅ | GreyNoise |
Outcome Security | Kaleidoscope | Kaleidoscope | ✅ | ✅ | Vendor |
Polarity | Polarity | Polarity GitHub | ✅ | ✅ | Vendor |
pOSINT | pOSINT | pOSINT Github | ✅ | ❌ | Vendor |
Spiderfoot | Spiderfoot | Spiderfoot GH | ✅ | ✅ | GreyNoise Contributes |
Sputnik | Browser Extension | Sputnik GitHub | Uses GreyNoise Visualizer Only | Uses GreyNoise Visualizer Only | Vendor |
Other Community Contributed Integrations
Author | Product | Link | Enterprise API | Community API |
---|---|---|---|---|
Cowrie | Cowrie | Cowrie GitHub | ❌ | ✅ |
CyberGordon | CyberGordon | CyberGordon | ❌ | ✅ |
AndrewPla | GreyNoisePS | GreyNoisePS GitHub | ✅ | ✅ |
hrbrmstr | GreyWatch | GreyWatch GitHub | ❌ | ✅ |
IntelOwl | IntelOwl | IntelOwl GitHub | ✅ | ✅ |
matamorphosis | Scrummage | Scrummage GitHub | ❌ | ✅ |
HurricaneLabs | Machinae | HL Github | ❌ | ✅ |
Sage | Canary-GreyNoise-Community-Threat-Intel-Report via Thinkst | Thinkst Canary GH | ❌ | ✅ |
Sage | Canary-GreyNoise-Enterprise-Threat-Intel-Report via Thinkst | Thinkst Canary GH | ✅ | ❌ |
Ninoseki | Mihari | Ninoseki Github | ✅ | ❌ |
Ninoseki | Mitaka | Ninoseki Github | ✅ | ✅ |
ThreatDudes | GreyNoise Discord Alerts | ThreatDudes Github | ✅ | ❌ |
Backchannel Inc. | GreyNoise Cloudflare Worker | Backchannelinc Github | ❌ | ✅ |
Brex HQ | Substation | Substation Docs | ✅ | ✅ |
Updated about 1 month ago