Integrations
A Note From GreyNoise on Integrations
GreyNoise wants to make it as easy as possible to integrate into your favorite security tools. Below is a list of tools with integrations today, but we are always looking to expand. If you work with a tool that GreyNoise should be integrated with, please contact us at [email protected].
Current Integrations
Below are some of our most popular integrations.
AI/ML Focused Tools
| Company | Product | Link | Enterprise API | Feed | Community API | Maintained By | 
|---|---|---|---|---|---|---|
| Microsoft | Copilot for Security | Plugin Details | ✅ | ❌ | ✅ | Jointly | 
SIEM
| Company | Product | Link | Enterprise API | Feed | Community API | Maintained By | 
|---|---|---|---|---|---|---|
| Crowdstrike | Falcon NG-SIEM | Crowdstrike Marketplace | ✅ | ✅ | ✅ | GreyNoise | 
| Elastic | ElasticSearch | ✅ | ✅ | ❌ | GreyNoise | |
| Elastic | Logstash | ✅ | ❌ | ❌ | GreyNoise | |
| Graylog | Graylog | ✅ | ❌ | ❌ | Vendor | |
| SecOps | ❌ | ✅ | ❌ | GreyNoise | ||
| IBM | QRadar | ✅ | ❌ | ❌ | GreyNoise | |
| Microsoft | Azure Sentinel - Enrichment Playbooks | ✅ | ❌ | ✅ | Vendor | |
| Microsoft | Azure Sentinel - TI Feed | ✅ | ✅ | ❌ | GreyNoise | |
| Panther | Panther | ❌ | ✅ | ❌ | Vendor | |
| SentinelOne | AI-SIEM | ✅ | ✅ | ❌ | Vendor | |
| Splunk | Splunk | ✅ | ✅ | ❌ | GreyNoise | |
| SumoLogic | Cloud SIEM | ✅ | ❌ | ❌ | Vendor | 
XDR
| Company | Product | Link | Enterprise API | Feed | Community | Maintained By | 
|---|---|---|---|---|---|---|
| Hunters | Hunters XDR | Hunters Integrations | ✅ | ❌ | ✅ | Vendor | 
SOAR
| Company | Product | Link | Enterprise API | Feed | Community API | Maintained By | 
|---|---|---|---|---|---|---|
| Chronicle (Siemplify) | Chronicle SOAR (Siemplify) | ✅ | ❌ | ✅ | GreyNoise | |
| Fortinet | FortiSOAR | ✅ | ❌ | ✅ | GreyNoise | |
| IBM | Resilient | ✅ | ❌ | ❌ | Vendor | |
| Palo Alto | ✅ | ✅ | ✅ | GreyNoise | ||
| Rapid7 | Insight Connect | ✅ | ❌ | ✅ | GreyNoise | |
| Splunk | SOAR (formerly Phantom) | ✅ | ❌ | ✅ | GreyNoise | |
| StackStorm | StackStorm | ✅ | ❌ | ❌ | GreyNoise | |
| SumoLogic | SOAR (IncMAN) | ✅ | ❌ | ❌ | Vendor | |
| Swimlane | Swimlane | ✅ | ❌ | ✅ | Vendor | |
| Tines | SOAR Platform | ✅ | ❌ | ✅ | Vendor | |
| Torq | Torq | ✅ | ❌ | ❌ | Vendor | |
| Shuffle | Shuffle SOAR | ✅ | ❌ | ✅ | Vendor | 
TIP
| Company | Product | Link | Enterprise API | Feed | Community API | Maitained By | 
|---|---|---|---|---|---|---|
| Analyst1 | Analyst1 Platform | ✅ | ❌ | ✅ | Vendor | |
| Anomali | ThreatStream Enrichment | ✅ | ✅ | ✅ | GreyNoise | |
| Cyware | CTIX | ✅ | ❌ | Vendor | ||
| EclecticIQ | EclecticIQ Intelligence Center | ✅ | ✅ | ✅ | Vendor | |
| MISP | MISP | ✅ | ✅ | ✅ | GreyNoise | |
| OpenCTI | Connector | ✅ | ✅ | ❌ | GreyNoise | |
| Recorded Future | SIP | ✅ | ❌ | ❌ | GreyNoise | |
| ThreatConnect | TIP | ✅ | ✅ | ❌ | Vendor | |
| ThreatQ | TIP | ✅ | ✅ | ✅ | Vendor | |
| Vertex | Synapse | ✅ | ❌ | ✅ | Vendor | 
Firewall
| Company | Product | Link | Blocklist Support | Maintained By | 
|---|---|---|---|---|
| Sophos | Third-Party Feeds | Sophos Documentation | ✅ | Vendor | 
Other
| Company | Product | Link | Enterprise API | Community API | Maintained By | 
|---|---|---|---|---|---|
| Arctic Security | Arctic Security | Arctic Security | ✅ | ❌ | Vendor | 
| Axonius | Cybersecurity Asset Management | Axonius Docs | ✅ | ❌ | Vendor | 
| Arkime | Cont3xt | Cont3xt | ❌ | ✅ | Vendor | 
| Cribl | Stream | Cribl Packs | ✅ | ❌ | GreyNoise | 
| Datadog | Worfklow Automation | Actions Catalog | ✅ | ❌ | Vendor | 
| ZScaler | Deception | ZScaler Deception Docs | ✅ | ❌ | Vendor | 
Analyst Tools / OSINT
| Company | Product | Link | Enterprise API | Community API | Maintained By | 
|---|---|---|---|---|---|
| Gigasheet | Gigasheet | Gigasheet | ✅ | ❌ | Vendor | 
| Harpoon | CLI Tool | Harpoon Github | ✅ | ✅ | Vendor | 
| The Hive | Cortex Analyzer | TheHive Github | ✅ | ❌ | GreyNoise Contributes | 
| Maltego | Maltego | Transform Hub | ✅ | ✅ | GreyNoise | 
| Outcome Security | Kaleidoscope | Kaleidoscope | ✅ | ✅ | Vendor | 
| Polarity | Polarity | Polarity GitHub | ✅ | ✅ | Vendor | 
| pOSINT | pOSINT | pOSINT Github | ✅ | ❌ | Vendor | 
| Spiderfoot | Spiderfoot | Spiderfoot GH | ✅ | ✅ | GreyNoise Contributes | 
| Sputnik | Browser Extension | Sputnik GitHub | Uses GreyNoise Visualizer Only | Uses GreyNoise Visualizer Only | Vendor | 
Other Community Contributed Integrations
| Author | Product | Link | Enterprise API | Community API | 
|---|---|---|---|---|
| Cowrie | Cowrie | Cowrie GitHub | ❌ | ✅ | 
| CyberGordon | CyberGordon | CyberGordon | ❌ | ✅ | 
| AndrewPla | GreyNoisePS | GreyNoisePS GitHub | ✅ | ✅ | 
| hrbrmstr | GreyWatch | GreyWatch GitHub | ❌ | ✅ | 
| IntelOwl | IntelOwl | IntelOwl GitHub | ✅ | ✅ | 
| matamorphosis | Scrummage | Scrummage GitHub | ❌ | ✅ | 
| HurricaneLabs | Machinae | HL Github | ❌ | ✅ | 
| Sage | Canary-GreyNoise-Community-Threat-Intel-Report via Thinkst | Thinkst Canary GH | ❌ | ✅ | 
| Sage | Canary-GreyNoise-Enterprise-Threat-Intel-Report via Thinkst | Thinkst Canary GH | ✅ | ❌ | 
| Ninoseki | Mihari | Ninoseki Github | ✅ | ❌ | 
| Ninoseki | Mitaka | Ninoseki Github | ✅ | ✅ | 
| ThreatDudes | GreyNoise Discord Alerts | ThreatDudes Github | ✅ | ❌ | 
| Backchannel Inc. | GreyNoise Cloudflare Worker | Backchannelinc Github | ❌ | ✅ | 
| Brex HQ | Substation | Substation Docs | ✅ | ✅ | 
Updated about 1 month ago
