GreyNoise is a cybersecurity platform that collects and analyzes internet-wide scan and attack traffic. This data is made available through SIEM, SOAR, TIP integrations, command-line tool, bulk data, visualizer, Enterprise API, and community API so users can contextualize existing alerts, filter false positives, identify compromised devices, and track emerging threats.
GreyNoise helps identify mass-internet background noise and silence it from an analyst's workload.
With the help of GreyNoise datasets, analysts can recognize events not worth their attention. Indicators in GreyNoise are likely associated with opportunistic internet scanning or common business services, not targeted threats. This context helps analysts focus on what matters most.
The Community API provides community users with a free tool to query IPs in the GreyNoise dataset and retrieve a subset of the full IP context data returned by the IP Lookup API.
The GreyNoise Community API Transform provides users with the basic insight of an indicator, using a subset of the GreyNoise datasets. It is available for a free trial to users without registration, and with a limited number of lookups per day.
To read more about GreyNoise visit the Transform Hub data integration page on our website here.
- Instant access on Maltego Client
- No registration required
- No API Key required
- For CE users, 50 Transform runs per day
- For Commercial Maltego licenses, 100 Transform runs per day
Unlimited access to community API
- Registration required. Sign up here for an API key
- Install the Hub Item, and enter your API to get started
IP Lookup [GreyNoise Community]
|Display Name||Setting Type||Default Value||Optional||Popup||Authentication|
Transform Meta Info
|Display Name||IP Lookup [GreyNoise Community]|
|Data Source||GreyNoise Community|
|Input Entities||maltego.IPv4Address, greynoise.noise, greynoise.classification, maltego.Organization|
|Output Entities||Phrase [maltego.Phrase]|