View third-party feeds

  • Updated on Aug 12, 2024
  • Published on Apr 3, 2023
  • 1 minute(s) read

Silent Push Enterprise subscribers have access to a range of feeds provided by third-party vendors, that can be used to track attacker activity and fed into an existing security stack.

The Feeds screen is the central management console for all third-party threat feeds.

View Third-party Feeds

  1. Navigate to Threat Intelligence Management > Feeds to view a list of available vendor feeds

  2. Use the slider to enable or disable a vendor feed in the Threat Ranking screen

  3. (Optional) Use the All, Global, Organization and My Feeds buttons to change the type of feed displayed:

    1. All - All feeds that are available within Silent Push
    2. Global - All feeds that are made available by Silent Push to Enterprise users only
    3. Organization - Feeds that are shared throughout your organization
    4. My Feeds - Feeds that have been created by the current logged-in user

  4. (Optional) Use the slider to toggle the feed in the Threat Ranking screen

  5. (Optional) Click the column headers to arrange feeds by Name, IOC Type, Data Source, and Vendor

  6. The Count column shows how many observables the feed contains

  7. The Status column provides insight into the current state of the ingestion process

  8. (Optional) Click the View button to load the feeds observables on the Threat Ranking screen

  9. Feed Tags are assigned by Silent Push to indicate specific observable types such as region-specific operations, attack vector and various C2 frameworks among other categories