Sixgill Darkfeed - Annual Subscription v2.2.31

This edition of Sixgill Darkfeed is intended for customers who have a direct annual subscription to Sixgill Darkfeed. Get contextual and actionable insights to proactively block underground threats in real-time with the most comprehensive, automated stream of IOCs For organizations who are currently Darkfeed customers.

Author:
Cybersixgill
Support:
partner
agentixxsiam
Data Enrichment & Threat Intelligence

Dashboards (1)

  • Sixgill Darkfeed

Indicator fields (13)

  • Sixgill Actor
  • Sixgill Description
  • Sixgill Feed ID
  • Sixgill Feed Name
  • Sixgill Indicator ID
  • Sixgill Language
  • Sixgill Mitre ATT&CK Tactic
  • Sixgill Mitre ATT&CK Technique
  • Sixgill Post Reference
  • Sixgill Post Title
  • Sixgill Source
  • Sixgill Virus Total Detection Rate
  • Sixgill Virus Total URL

Widgets (8)

  • Sixgill Darkfeed - Collected IOCs
  • Sixgill Darkfeed - Mitre ATT&CK Tactics
  • Sixgill Darkfeed - Subfeed Composition
  • Sixgill Darkfeed - Threads from the Underground
  • Sixgill Darkfeed - Top 10 Threat Actors
  • Sixgill Darkfeed IOC detection rate by Virus Total
  • Sixgill Darkfeed Indicators by Type
  • Sixgill Mitre ATT&CK Techniques

README

The Sixgill Darkfeed™ is a stream of malicious indicators of compromise, including domains, URLs, hashes, and IP addresses.

It relies on Sixgill’s vast collection of deep and dark web sources, and it provides unique and advanced warnings about new cyberthreats.

It is automated, meaning that IOCs are extracted and delivered in real-time, and it is actionable, meaning that its consumers will be able to receive and block items that threaten their organizations.

Darkfeed™ and pre-built playbooks can automate your key SOC use cases such as Threat Hunting and Malware protection.

The Darkfeed content pack includes the stream of indicators, a customized dashboard and three playbooks that:

  • Automatically download malicious files from a Darkfeed IOC, detonate them in automated sandboxes, and extract and block any additional indicators and files.
  • Automatically discover and enrich indicators with the same actor and source as the triggering IOC. Search for and isolate any compromised endpoints and proactively block IOCs from entering your network.