Every company has a distinct culture and style of communicating information between itself and the rest of the world. At GreyNoise, we’ve relied heavily on our use of Twitter and other social media that are popular with our users. This has historically worked well, but it has limited us to only brief pulses of information. Now, I’m excited to announce the GreyNoise blog, where we will be able to convey more information and ideas with more opportunities for detail and nuance.

GreyNoise was founded in 2017 with a simple mission: Use data to make security teams more efficient, and provide answers and insights where there are none. Our flagship enterprise product contextualizes noisy alerts in the SOC that are generated by internet background noise and harmless online services. Our free web interface and community API provide insights to thousands of security professionals every day.

To provide these services, we collect lots of data from across the internet at a very large scale. We operate a really big network of passive collector sensors in hundreds of data centers around the world (kind of like honeypots) to analyze internet background noise. And we constantly enumerate the IP addresses and domains of common benign SaaS services to “rule out” harmless traffic from security products.

In building and scaling GreyNoise, we’ve learned a lot of interesting lessons and witnessed a lot of interesting phenomena. The GreyNoise blog will be another forum for us to share these lessons and phenomena with the rest of the world.

GreyNoise has made a tremendous amount of progress over the past three years, but we are still in the early days. I’m excited to share the journey with you here.


– Andrew

This article is a summary of the full, in-depth version on the GreyNoise Labs blog.
GreyNoise Labs logo
Link to GreyNoise Twitter account
Link to GreyNoise Twitter account