Splunk users just gained another edge in the constant battle against cyber threats. Now, Splunk customers can have access to Cybersixgill’s Darkfeed™, the automated intelligence stream of indicators of compromise (IOCs).
Together with Splunk Enterprise Security, enterprises gain contextual and actionable insights in real-time to enhance security and protect against threats.
For users of the Splunk Enterprise Security, the integration leverages Cybersixgill’s power to supercharge threat research and incident response with access to real-time threat intelligence. With Darkfeed, security teams receive early warnings of new malware threats, empowering them to hunt for malicious indicators of compromise on corporate networks, better understand trends in the criminal underground, and block items that threaten their organizations.
Darkfeed monitors IOCs and notifies customers whenever one of the indicators, including domains, URLs, hashes, and IP addresses, is mentioned on the dark web. Darkfeed relies on Cybersixgill’s vast data lake of deep and dark web sources to provide automated, advanced, and actionable warnings about new cyberthreats.