Skip to main content

Sixgill Darkfeed - Marketplace Subscription (Enterprise)

This edition of Sixgill Darkfeed is intended for marketplace customers with 10K - 30K employees, who will use their points to consume the Darkfeed on a monthly basis. Get contextual and actionable insights to proactively block underground threats in real-time with the most comprehensive, automated stream of IOCs.

Learn about Private Offer

The Sixgill Darkfeed™ is a stream of malicious indicators of compromise, including domains, URLs, hashes, and IP addresses.

It relies on Sixgill’s vast collection of deep and dark web sources, and it provides unique and advanced warnings about new cyberthreats.

It is automated, meaning that IOCs are extracted and delivered in real-time, and it is actionable, meaning that its consumers will be able to receive and block items that threaten their organizations.

Darkfeed™ and pre-built playbooks can automate your key SOC use cases such as Threat Hunting and Malware protection.

The Darkfeed content pack includes the stream of indicators, a customized dashboard and three playbooks that:

  • Automatically download malicious files from a Darkfeed IOC, detonate them in automated sandboxes, and extract and block any additional indicators and files.
  • Automatically discover and enrich indicators with the same actor and source as the triggering IOC. Search for and isolate any compromised endpoints and proactively block IOCs from entering your network.

Additional Information:
Darkfeed Intro
Darkfeed Website
Solution Brief
Darkfeed Content Pack
Case Study

Note: This pack subscription includes an API key generated by a 3rd party partner. The partner will directly email the end user within 24 hrs instructions for obtaining the key. The user then simply pastes the key into the Sixgill Darkfeed configuration to allow it to function. If you need help or did not receive the key, please contact This pack may or may not have additional content (e.g. playbooks, dashboards) but will still function. Deleting or unsubscribing from this pack will invalidate the API key/access at the end of the month.




Cortex XSOAR


CertificationRead more
Supported ByPartner
CreatedDecember 17, 2020
Last ReleaseDecember 17, 2020
Threat Intelligence Management
Incident Response

Content packs are licensed by the Publisher identified above and subject to the Publisher’s own licensing terms. Palo Alto Networks is not liable for and does not warrant or support any content pack produced by a third-party Publisher, whether or not such packs are designated as “Palo Alto Networks-certified” or otherwise. For more information, see the Marketplace documentation.