Grey Noise

GreyNoise is excited to officially announce the emergence of GreyNoise Labs and Labs API. Check out this post to learn more.

This post recaps our recent webinar "How MSSPs Can Leverage Automation to Reduce Alerts & Maximize their Analysts." Check it out to see key takeaways related to their automation journey.

GreyNoise Labs introduces their new greynoiselabs CLI tool to work with cutting edge, experimental APIs that expose planetary scale internet honeypot and scan data to help defenders stay one step ahead of adversaries.

GreyNoise tags come from extremely talented humans who painstakingly craft detection rules for emergent threats that pass our “100%” test every time. Last week was bonkers when it comes to the number of tags (7) our team cranked out. Check out this blog to see why.

Many traditional threat intelligence solutions used by MSSPs can have an unintended consequence of creating more noise for your security operations center (SOC) – GreyNoise changes that. In this post, we will take a deeper look at exactly HOW existing GreyNoise MSSP customers are realizing these benefits.

The GreyNoise Labs team is proud to have hosted the GreyNoise NoiseFest 2023 CTF - who knows if we will do it again, but we had fun, so here’s a walkthrough on how and why we did it.

In this post we break down some of the broader themes from Black Hat and DEF CON 2023 and pull out some recurring themes across each that would cause some consternation for CISOs, CIOs, CEOs, and board members.

The Managed Security Service Provider (MSSP) and Managed Detection and Response (MDR) markets continue to face significant challenges in handling a large number of security alerts and vulnerabilities across multiple client environments. In this blog post you'll discover how GreyNoise helps these organizations reduce costs, improve scalability, and beat the adversary.

As we roll through the summer, GreyNoise is back from its July two-week shutdown with a bunch of fresh new improvements, including 63 new tags and a bunch of exciting new data insights for our customers to explore in our Labs API. We’ve also updated our integrations to add support for our IP Similarity and Timeline for our Palo Alto customers. Check out all our product updates for June and July.

Citrix has disclosed CVE-2023-3519, a remote code execution vulnerability, but further scrutiny reveals multiple vulnerabilities.

During our latest webinar we discussed some common use cases using GreyNoise with other SOAR platforms. The main goal of using GreyNoise with other SOAR platforms is to more quickly identify either opportunistic attacks, get better insight into how infrastructure is being used, as well as enriching alerts using RIOT data to IP's associated with common business services.

Artificial Intelligence and Machine Learning can provide extreme value to your product and workflows, but they are not trivial to introduce. With some care and simple guidelines, you can implement these in a way that helps your users without creating additional burden or ambiguity. 

GreyNoise researchers have identified active exploitation for a remote code execution (RCE) vulnerability in Citrix ShareFile (CVE-2023-24489)

GreyNoise researchers have released tags for critical vulnerabilities in Adobe ColdFusion and Citrix software.

In today's world, where networks generate an overwhelming amount of data, security analysts often find themselves struggling to separate the real threats from the noise. Their days are spent in a constant reactive mode, leaving little room for proactive measures due to limited time and resources. In this blog post, we'll delve into how GreyNoise empowers security analysts and transforms their daily work by cutting through the noise and providing invaluable insights

GreyNoise researchers have created a detection for and identified mass-scan attempts for the recent VMWare Aria Operations for Networks (CVE-2023-20887) Vulnerability

In this blog we teach you about text embedding, why it’s useful, and a couple ways to do it yourself to make your pet project just a little bit better or get a new idea off the ground. And a little bit about how we use it at GreyNoise...

In this blog you'll discover powerful and practical ways to leverage GreyNoise data inside your Splunk environment right now.

GreyNoise today announced that it achieved SOC 2 Type 2 compliance in accordance with American Institute of Certified Public Accountants (AICPA) standards for Systems and Organizational Controls (SOC). Achieving SOC 2 compliance with unqualified opinion serves as third-party industry validation that companies provide best-in-class enterprise-level security for their customers’ data.

May brought more product enhancements to user workflows, data coverage… and of course, more interesting tags! Twenty four to be exact, as we continue to improve our product to help our customers monitor emerging threats and identify benign actors. We improved our sensor coverage to include coverage in the country of Ghana, plus we made some helpful improvements to our bulk analysis, RIOT dataset, and APIs.