The Silent Push Sumo Logic integration empowers Sumo Logic customers to identify and respond to emerging threats by enriching security data with Silent Push’s threat intelligence. This integration enables users to search and analyze domains and IPs, providing actionable insights to enhance threat detection and response within the Sumo Logic platform
Key Features
The Silent Push Sumo Logic integration allows users to retrieve and enrich data for the following:
Domain Name: The primary identifier of a website (e.g., "example.com").
Domain Reputation: A numerical score reflecting the trustworthiness of a domain.
Domain Risk Score: A numerical value indicating the risk level associated with a domain.
Top-Level Domain (TLD): The domain’s category extension (e.g., .com, .org, .net).
IP Address: The numerical address of the server hosting the website.
IP Risk Score: A numerical value assessing the risk level of an IP address.
IP Reputation: A numerical score evaluating the trustworthiness of an IP address.
DNS Records: A summary of key DNS records associated with the domain.
WHOIS Information: Publicly available domain registration details.
Benefits
Enhanced Threat Detection: Enriches domain and IP data with risk and reputation scores for faster identification of threats.
Actionable Insights: Provides comprehensive DNS and WHOIS data to support threat analysis and investigations.
Seamless Integration: Embeds Silent Push’s threat intelligence directly into Sumo Logic workflows.
Improved Response: Equips security teams with contextual data to prioritize and respond to emerging threats effectively.
Requirements
For more information about the Sumo Logic integration, like prerequisites, go to Sumo Logic integration.