Splunk users now have access to Sixgill's Darkfeed, enhancing security and threat protection - Help Net Security

Sixgill announced that users of Splunk, the Data-for-Everything platform, will have access to Sixgill’s Darkfeed, the company’s automated stream of indicators of compromise.


By leveraging Darkfeed in Splunk’s analytics-driven SIEM, enterprises gain contextual and actionable insights in real-time to enhance security and proactively protect against threats.


“Manual threat intelligence can take days, while criminals operate by the hour. Darkfeed delivers automated insights in real-time so security teams can react instantly and stay ahead of threats,” said Sharon Wagner, CEO of Sixgill.


“It gives unmatched intelligence for maximum performance, and delivers added value through frictionless integration with Splunk.”


For users of the Splunk Enterprise Security Platform, the integration leverages Sixgill’s power to supercharge threat research and incident response with access to real-time threat intelligence.


Using Darkfeed, security teams receive early warnings of new malware threats, hunt for malicious indicators of compromise on corporate networks, better understand trends in the criminal underground and block items that threaten their organizations.


Darkfeed is an intelligence stream of malicious indicators of compromise (IOCs). It notifies customers whenever one of the indicators, including domains, URLs, hashes, and IP addresses, is mentioned on the dark web.


Darkfeed relies on Sixgill’s vast collection of deep and dark web sources, and it provides unique and advanced warnings about new cyberthreats.


It is automated, meaning that IOCs are extracted and delivered in real-time, and it is actionable, meaning that its consumers will be able to receive and block items that threaten their organizations.