Silent Push has launched an updated Threat Intelligence Management module featuring a new Feed Scanner interface designed to strengthen organisations' ability to identify emerging cyber threats.
The release provides expanded automation and search capabilities that enable users to access and navigate the entirety of the company's enriched feed data. These enhancements aim to help enterprise security teams detect and defend against threats by using Indicators Of Future AttackTM (IOFATM), a proprietary approach to identifying potential adversary infrastructure before it is used in an attack.
The new Feed Scanner interface allows security professionals to query feed data, save and share searches internally, and export results for further analysis. This feature is accompanied by a dedicated IOFATM feeds section within the Threat Intelligence Management module, alongside new IOFATM feed highlights in the Total View screen, which aims to improve the threat detection and response workflow.
Ken Bagnall, Chief Executive Officer and Co-Founder of Silent Push, commented on the current state of threat intelligence and the demand for more proactive solutions. "The ability to respond swiftly and effectively to growing cyber threats is mission critical for any organisation. Yet, many continue to struggle with IOC-based legacy threat intelligence that lacks real-time data to produce actionable insights. Our latest enhancements demonstrate our commitment to deliver the features needed and requested by our customers to uncover lurking threats and counteract hidden infrastructure yet to be used."
According to the company, traditional threat intelligence, often based on Indicators of Compromise (IOCs), is no longer sufficient in a landscape where cyber attackers frequently change their tactics, techniques, and procedures. Silent Push sees the need to address these changes with more comprehensive and timely intelligence that allows teams to anticipate attacks, rather than only responding to incidents once they are underway.
The update also includes a Customer Feeds API, which provides organisations with the ability to create and manage their own feeds. This RESTful interface supports automation of indicator and tag creation, management of proprietary threat data feeds, and is OpenAPI compliant to ensure broad compatibility and thorough documentation for integration with other security tools.
Another feature, Threat Check API/DNS-Based Lookups, enables the handling of high volumes of threat indicator queries. With this functionality, organisations can check for indicators present in any of their IOFATM feeds, scan all indicators found in their log files, or verify incoming email domains—an approach that enterprise customers can access on an unlimited basis.
Silent Push reports that its platform now offers insights through TLP Amber reports, which are finished intelligence documents providing detailed guidance on how to detect and prevent attacks by high-profile adversaries as well as common attack vectors.
By giving users full access to Silent Push's DNS and web content database, and by refining how feeds are searched, managed and shared, the company expects security and incident response teams, threat and security analysts, and security architects to have a more complete and actionable view over the emerging threat environment. With the new update, organisations are positioned to identify hidden infrastructure more rapidly and reveal threat actor activity patterns earlier in the attack lifecycle.
The Feed Scanner and associated features can be accessed through the Silent Push standalone platform or via API integration with compatible security products, such as SIEM, XDR, SOAR, TIP, and OSINT solutions.
