GreyNoise

About Sift

Suggest Edits

Introduction

The Sift feature in GreyNoise offers users a powerful way to analyze and understand payload data, providing valuable insights for threat intelligence analysts and detection engineers. By leveraging machine-generated context and analysis, Sift enables users to efficiently identify patterns, anomalies, and potential threats within vast amounts of payload data.

Why Sift?

GreyNoise users often deal with large volumes of payload data without a streamlined method to cluster and analyze it effectively. Traditional approaches rely on manual processing or basic list formats, leading to time-consuming and inefficient investigations.

  • Users can access AI insights on payloads, facilitating the identification of relevant attacks or anomalies.
  • Customers can seamlessly integrate Sift data into their preferred platforms via API or browse it through the GreyNoise UI.
  • Users receive a daily intelligence report based on the last 24 hours of HTTP payload data, generated using the GreyNoise Data Science Sift process. An API is provided to fetch the Sift daily report, allowing seamless integration into threat intelligence or automation platforms. Sift reports are also accessible via the GreyNoise UI, offering users a convenient way to explore and analyze the data. GreyNoise tagging rules applicable to the data are returned, providing users with insights into potential detections.

📘

Early Access Only

Sift is currently in early access and is available for user that are testing GreyNoise sensors for their own data collection. To get trial access to Sift, please request access from your current early access representative.

Getting Started with Sift

To start using the Sift feature effectively, follow these steps:

  • A user’s workspace must have at least one sensor running to generate daily Sift reports
  • Navigate to the GreyNoise UI under the “Sensors” section to view the Sift tab for daily reports.
  • The provided API may also be used to access daily Sift reports.
  • Review machine-generated context and analysis provided in the Sift reports to identify patterns and anomalies.
  • Integrate Sift data into your preferred platforms or workflows using the provided API.

FAQs

Coming Soon!

Updated 14 days ago

What’s Next