Skip to main content

Sixgill Darkfeed - Annual Subscription

Download With Dependencies

This edition of Sixgill Darkfeed is intended for customers who have a direct annual subscription to Sixgill Darkfeed. Get contextual and actionable insights to proactively block underground threats in real-time with the most comprehensive, automated stream of IOCs For organizations who are currently Darkfeed customers.

The Sixgill Darkfeed™ is a stream of malicious indicators of compromise, including domains, URLs, hashes, and IP addresses.

It relies on Sixgill’s vast collection of deep and dark web sources, and it provides unique and advanced warnings about new cyberthreats.

It is automated, meaning that IOCs are extracted and delivered in real-time, and it is actionable, meaning that its consumers will be able to receive and block items that threaten their organizations.

Darkfeed™ and pre-built playbooks can automate your key SOC use cases such as Threat Hunting and Malware protection.

The Darkfeed content pack includes the stream of indicators, a customized dashboard and three playbooks that:

  • Automatically download malicious files from a Darkfeed IOC, detonate them in automated sandboxes, and extract and block any additional indicators and files.
  • Automatically discover and enrich indicators with the same actor and source as the triggering IOC. Search for and isolate any compromised endpoints and proactively block IOCs from entering your network.




Cortex XSOARCortex XSIAM


CertificationRead more
Supported ByPartner
CreatedJuly 23, 2020
Last ReleaseMay 24, 2023

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.