GreyNoise Reduces Noise with Advanced Intelligence on Unknown IP Addresses

GreyNoise Reduces Noise with Advanced Intelligence on Unknown IP Addresses

By Greg Tavarez

Internet noise, or irrelevant information or data that is disruptive, triggers threat alerts originating from unknown IP addresses attempting to contact an organization’s server; these need to be investigated by security teams daily.

When unknown IP addresses come into play, of course the first thought is that these are malicious. The reality is the majority consist of harmless events that are irrelevant to the organization. The issue, however, is that the information provided by most threat intelligence solutions is incomplete and does not provide enough context to decide or act. And there simply isn’t enough time for security teams to investigate each IP address manually.

The result is alert fatigue, which causes productivity issues and results in missed threats.

GreyNoise, a cybersecurity company that scans and analyzes traffic to separate threats from background noise, is taking a different approach to this problem. GreyNoise is reducing the “noise” for SOC teams with a new suite of cybersecurity features designed to provide advanced intelligence on unknown IP addresses.

The GreyNoise suite includes three new features:

IP Geo Destination provides geographic information to help identify the destination, in addition to source data. This feature is designed for cyber defenders to connect geopolitical motivations with scan-and-attack traffic and help responders quickly prioritize and triage alerts.

IP Timeline shows the history of the IP’s behavior in the past 60 days. This data allows responders to better understand when each IP address was active and how it was being used. Threat hunters then correlate this with historical activity in their environments to determine whether the IP was acting suspiciously at a particular point in time.

IP Similarity is the third feature. In the process of collecting, analyzing and labeling internet background noise, GreyNoise identifies patterns among scanners and background noise traffic. Often, a group of IPs demonstrates similar behavior patterns that can provide important context when discerning intent or identifying actor’s infrastructure.

“GreyNoise is always looking to help security teams focus their time and attention on meaningful, strategic security work,” said Andrew Morris, founder and CEO, GreyNoise. “Providing better quality and context around IP intelligence will not only help reduce the number of alerts coming in, it will also enable security teams to do a better job of defending against malicious threats at scale.”

Rather than barraging security teams with an endless number of alerts, GreyNoise helps eliminate harmless activity. The reason for this approach is to help security teams waste less time on irrelevant alerts and focus instead on targeted and emerging threats.




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

Mutare Brings Together Cybersecurity Community to Raise Vishing Awareness

By: Greg Tavarez    3/28/2023

Mutare is collaborating with government agencies, business coalitions and private industry in an educational campaign to raise awareness of the risks …

Read More

Only 15% of Organizations Deemed Mature Enough to Defend Against Cybersecurity Risks

By: Greg Tavarez    3/28/2023

Fifteen percent of organizations globally have the maturity level of readiness needed to be resilient against today's modern cybersecurity risks, acco…

Read More

Opti9 Offerings Strengthen Veeam Customers' Security Stacks

By: Greg Tavarez    3/28/2023

Opti9 introduced its standalone offerings for Veeam, which are managed services for Veeam Software and its AI-based ransomware detection and remediati…

Read More

How Businesses are Navigating Migrations and Marketplace Shifts

By: Alex Passett    3/28/2023

Westcon-Comstor recently published a report that explored challenges found amongst shifting subscription and recurring revenue models for businesses.

Read More

Cybersecurity Essentials: BSA Expands Managed Security Solutions

By: Alex Passett    3/24/2023

Bridge Security Advisors (BSA) has announced an addition to its Essential Security Solution (ESS): the Managed Security Solution (MSS) offering.

Read More