--- title: "D3 Security" slug: "d3-security" updated: 2026-01-08T16:58:53Z published: 2026-01-08T16:58:53Z canonical: "help.silentpush.com/d3-security" --- > ## Documentation Index > Fetch the complete documentation index at: https://help.silentpush.com/llms.txt > Use this file to discover all available pages before exploring further. # D3 Security Silent Push integrates with D3 Security’s SOAR platform to deliver proactive threat intelligence and automated response capabilities. Silent Push continuously monitors and analyzes internet-facing infrastructure to identify emerging threats before attacks occur. When integrated with D3, this intelligence automatically triggers playbooks, enriches incident data, and prioritizes response actions based on real-time threat context. ## Key Features The Silent Push Connector for D3 includes the following actions: - Domain and IP Enrichment - Domain and IP Info - Risk Score - Whois Data - IPv4 and IPv6 Reputation and Reputation History - Passive DNS Lookups - IOFA Feed Retrieval - Live URL Scanning and Screenshot Capture - Custom SPQL Queries against Scan Data ## Benefits - Enrich incidents and trigger playbooks automatically using Silent Push intelligence. - Deep contextual data (risk scores, reputation history, PADNS) directly inside D3 events. - Indicator of Future Attack (IOFA) driven early warning and preemptive blocking. - Export enriched results for reporting and compliance. ## Requirements - Silent Push API Key ## Installation 1. In D3 Security, navigate to **Configuration > Integration**. 2. Search for and install the **Silent Push Application**. 3. Click **+Connection** and enter your Silent Push API Key. 4. Configure connection parameters and save. The integration is now ready to use in D3 playbooks and automation workflows. See the complete guide: [D3 Security](https://docs.d3security.com/integration-docs/integration-docs/silent-push) The human-readable name (e.g., example.com) associated with an indicator of compromise (IoC) or network resource, used to identify and access websites or services in threat intelligence analysis. Publicly available data collected during domain registration or DNS updates, used to analyze domain ownership and history. A curated stream of threat intelligence data containing indicators of compromise (IoCs), such as malicious IPs or domains, used to monitor and mitigate cyber threats. Host scanning data retrieved through enrichment queries, including details like certificates, open directories, or favicons, used to validate and analyze potential threats. The process of augmenting threat intelligence data with real-time lookups from sources like WHOIS records, nameserver history, and public threat feeds to provide deeper insights into indicators of compromise (IoCs). A predictive threat signal derived from Silent Push’s analysis of attacker behavior and infrastructure, enabling proactive mitigation of potential cyberattacks before they occur.