Cyware Orchestrate provides two dedicated Silent Push connectors that bring high-fidelity threat intelligence and proactive attacker infrastructure detection into your security workflows:
Silent Push (v1.0.0) – Full enrichment, reputation scoring, DNS intelligence, live scanning, feed management, and more.
Silent Push ThreatCheck (v1.1.0) – Focused on Indicators of Future Attack (IOFA) checking and traffic origin analysis.
Configuration Parameters
Silent Push App
Parameter | Required | Description |
|---|---|---|
API Key | Yes | Your Silent Push API key |
Timeout | No | 15–120 seconds (default: 15) |
Verify SSL | No | Recommended: true |
Silent Push ThreatCheck App
Parameter | Required | Description |
|---|---|---|
Access Key | Yes | Your ThreatCheck access key (found in the Silent Push subscription) |
Timeout | No | 15–120 seconds (default: 15) |
Verify SSL | No | Recommended: true |
Tip: Create separate app instances in Cyware Orchestrate for each connector if you need both full enrichment and IOFA/ThreatCheck capabilities.
Most Commonly Used Actions
Silent Push (Full Enrichment & Intelligence)
Enrich Indicator – Get reputation score + enrichment for a single domain or IP
Bulk Enrich Domains / Bulk Enrich IP Addresses – Process up to 100 indicators at once
Bulk Retrieve Domain Risk Scores – Fast risk scoring for many domains
Run Live Scan – Real-time web page analysis (screenshot, redirects, SSL, risk score)
Get Domain Information / Get IP Information – Detailed passive DNS, ASN, and host data
Get Name Server Reputation, Get ASN Takedown Reputation, Get Infrastructure Reputation
Create Feed + Add Indicators to Feed – Build and populate your own threat feeds
Get Indicators of Future Attack (IOFA) – Pull pre-attack indicators from a feed
Silent Push ThreatCheck
Check Indicator Listing on IOFA Feed – Quickly see if a domain/IP is listed as an Indicator of Future Attack
Get Traffic Origin Data for an Indicator – Understand traffic patterns and origins (new in v1.1.0)
Example Playbook Flow
Receive an alert containing a domain or an IP
Use Enrich Indicator (Silent Push) or Check Indicator Listing on IOFA Feed (ThreatCheck)
If the risk score is high or listed on IOFA → enrich further with Bulk actions, Live Scan, or DNS lookups
Add confirmed malicious indicators to a Silent Push feed using Create Feed + Add Indicators to Feed
Use reputation data to enrich tickets, blocklists, or SIEM events
This integration gives your SOC high-fidelity, real-time visibility into attacker infrastructure — before it is used in active campaigns.
For full technical details, refer to the official Silent Push and Silent Push Threat Check app documentation in Cyware Orchestrate.