Get Started with Silent Push

Updated
  • Updated on Nov 4, 2025
  • Published on Nov 3, 2025
  • 3 minute(s) read
Next

Silent Push is the industry-leading platform for preemptive intelligence and proactive cyber defense. Because cyber threats evolve rapidly, Silent Push empowers organizations to stay ahead of attackers by preemptively neutralizing risks, safeguarding brand integrity, and securing digital footprints.

This guide serves as a step-by-step roadmap for getting started. Whether you're using the Enterprise or Community Edition, we’ll walk you through the signup process, your first login, and quick wins to help you outpace threats. You’ll learn to leverage IOFA™ (Indicators of Future Attack, which are early warnings of bad infrastructure), advanced queries, and monitoring to hunt threats like a pro.

Silent Push shifts cybersecurity from reactive responses to proactive, data-driven threat hunting. Our mission is to neutralize attacker setups before they strike, using first-party data from daily scans of the entire IPv4 and IPv6 space. We combine Threat Intelligence Management, Brand Impersonation Protection, Attack Surface Mapping, Observable Enrichment, and Monitoring to deliver actionable insights against breaches, phishing, ransomware, and more.

Quick overview of our core engine

At the heart is our proprietary scanning and active resolution engine — think of it as a tireless robot patrolling the internet. It enriches DNS records, IPv4/IPv6 addresses, and URLs with risk scores and context to identify IOFA™, enabling early detection of suspicious infrastructure, such as phishing sites or command servers.

Sourced from diverse feeds, this gives you full visibility into domains, IPs, and URLs. With over 250 API endpoints, it seamlessly integrates with your tools to create custom workflows.

Key solutions at a glance

Solution

What it does

Quick win example

Threat Intelligence Management

Centralize threat feeds, score reputation, and enrich data in one console. Export to your tools.

Ingest a feed and score 1,000 domains in minutes.

Brand Impersonation

Scans for fake domains copying your brand (e.g., typo squats like “paypa1.com”)—Detects certificate exploits and spoofs.

Alert on lookalike sites mimicking your logo.

Attack Surface Mapping

Maps your exposed assets (e.g., forgotten servers) and flags vulnerabilities, such as DNS gaps or shadow IT (unauthorized technology).

Discover hidden subdomains in under five minutes.

Observable Enrichment

Dives into 70+ attributes (e.g., DNS records, JARM fingerprints for server types, favicon) to assess risk.

Enrich an IP to reveal its shady history.

Monitoring

Tracks changes daily (e.g., new subdomains) and sends email/Slack alerts.

Set a monitor for your domain and get instant phishing notifications.

Configure Access

This is where new users start.

Create and log in to your account

  • Sign up for the Community Edition: Head to silentpush.com/community, click Sign Up, enter your email, and create a password. Confirm the email link.

  • Log in: Go to silentpush.com/login and use your email/password.

    • Enable 2FA for Security: On first login, scan the QR code with your Authenticator app (e.g., Google Authenticator).

    • Enterprise Users: Set up SSO (single sign-on) by contacting your Account Manager.

  • First View: You’ll land on the dashboard. The left navigation has quick menus, the center is your search bar.

Search interface for domain and IP lookup with various shortcut options displayed.

Integrate with your tools (optional)

Silent Push works well with your stack: SIEM (e.g., Splunk for logging), SOAR (e.g., Palo Alto XSOAR for automation), and TIPs (e.g., ThreatConnect for intel sharing). Enterprise gets higher API limits and custom automations.

Easy integrations

  • Data Export: From the left navigation menu, download CSVs/JSONs like IOFA feeds. Use our Python snippets: pip install silentpush , then sp.export (‘sofa_dailycsv’).

  • Connect Platforms:

    • SOAR: From your user icon, select Organization, paste your API key from Palo Alto XSOAR.

    • SIEM: Forward exports to Sumo Logic via webhook.

    • TIP: Sync with ThreatQ using our feed URLs.

  • API Setup:

    • Log in as an Organizational Admin.

    • From your user icon, select Organization > API Keys > +Add New API Key.

      • Use it for lookups: curl -H "Authorization: Bearer YOUR_KEY" https://api.silentpush.com/v2/search?query=domain:example.com.

Take action — threat hunt

Now the fun part: Use the search bar to query threats. We'll use "grands sofa.site" (a fake shady domain) as an example.

Overview of grandsofa.site's threat assessment and web scan highlights.

Start with Total View

  1. In the search bar, type grands sofa.site and click Total View.

  2. Explore highlights: The top section displays the risk score (e.g., 100/100 High) and tags like Part of IOFA Feed. Click the pie chart for breakdowns.

  3. Dive deeper:

    • PADNS infrastructure: See DNS records (A, AAAA, CNAME, etc.)

    • Web Search highlights: Check favicon, title (e.g., “Creating Comfort & Elegance”), and screenshot.

    • Threat intelligence: Scroll to “Alert TrafficGate All Web Domains” for associated IPs/domains. Filter by tags like “maladvertising”.

  4. Act: Click the blue data points (pivots) for pop-ups. Use Domain Wide View to expand to subdomains. Click Monitor to track changes.

Tips

  • Web Search (Historical data): From shortcuts craft queries like favicon_murmur3 = 309020573 AND domain != "PayPal.com" (hashes similar logos). Use the Query Constructor for no-code building or Command Line Interface (CLI) for scripts.

  • Live scan (Real time): Enter a URL like suspect url.com and click Live Scan. This article clearly explains the differences between the two.