The Sixgill Darkfeed™ is a stream of malicious indicators of compromise, including domains, URLs, hashes, and IP addresses.
It relies on Sixgill’s vast collection of deep and dark web sources, and it provides unique and advanced warnings about new cyberthreats.
It is automated, meaning that IOCs are extracted and delivered in real-time, and it is actionable, meaning that its consumers will be able to receive and block items that threaten their organizations.
Darkfeed™ and pre-built playbooks can automate your key SOC use cases such as Threat Hunting and Malware protection.
The Darkfeed content pack includes the stream of indicators, a customized dashboard and three playbooks that:
- Automatically download malicious files from a Darkfeed IOC, detonate them in automated sandboxes, and extract and block any additional indicators and files.
- Automatically discover and enrich indicators with the same actor and source as the triggering IOC. Search for and isolate any compromised endpoints and proactively block IOCs from entering your network.