- 12 Aug 2024
- 1 Minute to read
- Print
- DarkLight
View third-party feeds
- Updated on 12 Aug 2024
- 1 Minute to read
- Print
- DarkLight
Silent Push Enterprise subscribers have access to a range of feeds provided by third-party vendors, that can be used to track attacker activity and fed into an existing security stack.
The Feeds
screen is the central management console for all third-party threat feeds.
Navigate to
Threat Intelligence Management > Feeds
to view a list of available vendor feedsUse the slider to enable or disable a vendor feed in the
Threat Ranking
screen(Optional) Use the
All
,Global
,Organization
andMy Feeds
buttons to change the type of feed displayed:All
- All feeds that are available within Silent PushGlobal
- All feeds that are made available by Silent Push to Enterprise users onlyOrganization
- Feeds that are shared throughout your organizationMy Feeds
- Feeds that have been created by the current logged-in user
(Optional) Use the slider to toggle the feed in the
Threat Ranking
screen(Optional) Click the column headers to arrange feeds by
Name
,IOC Type
,Data Source
, andVendor
The
Count
column shows how many observables the feed containsThe
Status
column provides insight into the current state of the ingestion process(Optional) Click the
View
button to load the feeds observables on theThreat Ranking
screenFeed
Tags
are assigned by Silent Push to indicate specific observable types such as region-specific operations, attack vector and various C2 frameworks among other categories