Image: Hugo Jehanne
Cyber-security firm GreyNoise Intelligence today announced the launch of GreyNoise Alerts, a new free service that will automatically notify you via email when any devices on your organization’s IP address range get hacked and start exhibiting potentially malicious behavior.
How does it work? The threat intelligence outfit sifts through widespread scan traffic reaching Internet-connected devices to help customers filter untargeted scans and detect emerging threats and compromised devices.
Using the results it gets from continuously monitoring scan traffic, GreyNoise will look for any signals coming from any of the devices on your network and will notify you whenever it detects known attack traffic artifacts.
Announcing GreyNoise Alerts. Create a free account, enter the IP ranges that belong to your organization. If GreyNoise observes any devices within those ranges become compromised or start scanning the Internet, we send you an email. This beta feature is available to all users now pic.twitter.com/5DVcq4eHyd
— GreyNoise Intelligence (@GreyNoiseIO) April 23, 2020
The new GreyNoise Alerts service also works for users with free accounts and it is still in the beta testing phase according to the company’s announcement.
To use the new service, you have to configure a new alert by entering the IP block you want to be monitored using Classless Inter-Domain Routing (CIDR) notation, choose a scanning interval, and enter the email where you want the notification to be sent.
Whenever GreyNoise will find “any Internet scan and attack traffic originating from networks” that matches your alert settings, it will send you an email summary containing the IPs that have started misbehaving since the last scan.
GreyNoise customers with Standard and Enterprise accounts will also receive additional information including:
• Optional file attachment (JSON, CSV) with full query results
• Monitor an unlimited amount of networks
• Alerts on realtime or hourly intervals
• Receive notifications by webhook or Slack notification
“Free users receive notifications within one day, Enterprise customers receive notifications in real-time,” GreyNoise explained.
The company is also working on adding support for webhooks, Slack notifications, data export attachments, and SIEM integration to the GreyNoise Alerts service.