Sixgill is proud to announce the inclusion of our content pack for Darkfeed, a preemptive stream of malicious indicators of compromise, in the newly released Cortex XSOAR Marketplace, the industry’s most comprehensive security orchestration marketplace. The Cortex XSOAR Marketplace gives you access to an array of orchestration and automation tools from vendors and service providers, allowing you to:
Leverage industry experts to solve your toughest security use-cases: Deploy turn-key content packs that span integrations, playbooks, dashboards, and reports with a single click.
Discover highly rated, validated content packs: Identify the best SOAR content packs recommended by your peers and validated by the world’s leading cybersecurity company.
Stay up to date with innovations in security automation: Continuously extend Cortex XSOAR with proven use-cases contributed by SecOps users and SOAR partners in the largest SOAR community in the industry.
Sixgill’s agile cyber threat intelligence methodology calls for an integrated ecosystem - which is exactly what the Cortex XSOAR marketplace achieves. The ability to proactively block items that threaten your organization is possible only through real-time, integrated data, processes, and workflows from a single platform. Besides using obsolete M.Os, one of the biggest hurdles security teams must overcome is siloed activity. Sixgill has had tremendous success in breaking organizational silos bringing different departments together - especially in the banking/insurance/financial services industry.
According to our data, every minute there are 83 credit cards offered for sale in the deep and dark web. That’s a little over 3.5 million stolen/leaked credit cards each month. By harnessing Sixgill’s vast data lake, Cortex XSOAR customers gain access to the broadest, real-time collection of underground sources, enabling security teams to automate advanced warnings and trigger the right playbooks - uniting security and fraud teams endeavors under one intelligence picture to better protect their organization.
Sixgill Darkfeed™ is a stream of malicious indicators of compromise, including domains, URLs, hashes, and IP addresses. It relies on Sixgill’s vast collection of deep and dark web sources, and it provides unique and advanced warnings about new cyberthreats. Darkfeed is automated, meaning that IOCs are extracted and delivered in real-time, and it is actionable, meaning that its consumers will be able to receive and block items that threaten their organizations.
Watch this short video to learn more about Sixgill Darkfeed for Cortex XSOAR:
Darkfeed™ and pre-built playbooks can automate your key SOC use cases such as Threat Hunting and Malware protection. The Darkfeed content pack includes the stream of indicators, a customized dashboard and three playbooks that:
Automatically download malware from new Darkfeed IOCs and run them through the "Darkfeed IOC detonation and proactive blocking" playbook
Download malicious files from a Darkfeed IOCs, detonate them in automated sandboxes, and extract and block any additional indicators and files.
Automatically discover and enrich indicators with the same actor and source as the triggering IOC. Search for and isolate any compromised endpoints and proactively block IOCs from entering your network.