Darkfeed - powered by the broadest automated collection from the deep and dark web - is the most comprehensive, automated IOC enrichment solution available on the market today. By enriching ServiceNow IOCs with Darkfeed, customers can gain unparalleled context and essential explanations in order to accelerate their incident prevention and response and stay ahead of the threat curve.
Provide an extra layer of security by harnessing Sixgill’s Investigative Portal in tandem with the ServiceNow platform or VM to further probe threat actors and contexts and perform root-cause analysis.
List of actions
Enrich IP - C&C server IP addresses for most prevalent malware and for servers involved in botnets, DDoS attacks, proxy anonymization, compromised RDP addresses and more.
Enrich Domain - Compromised site to which access is sold on the dark web. Suspicious domains that are for sale on the dark web.
Enrich Hash - Proactively analyst and investigate hashes of malware as they emerge on the dark web, including malware undetected by AV vendors.
Enrich URL - Identify, investigate, and download malware shared on the hosted underground file-sharing/paste sites.
Powered by the broadest automated collection from the deep and dark web, Sixgill Darkfeed is an IOC enrichment solution. By enriching ServiceNow IOCs with Darkfeed, security teams gain unparalleled context and essential explanations to accelerate their incident prevention and response and stay ahead of the threat curve.
- Automatically enrich ServiceNow IOCs (machine to machine) via Darkfeed
- Block threats and enrich endpoint protection in real-time from the ServiceNow dashboard
- Gain contextual and actionable insights with essential explanations of ServiceNow IOCs.
- Security Incident Response
- Threat Intelligence
- Threat Intelligence Support Common
- Security Support Orchestration
- Security Support Common
- Security Integration Framework