GreyNoise Launches Block: Fully configurable, real-time blocklists
If January is any indication, 2026 is going to be loud. In just a few weeks weβve shipped new capabilities, introduced Recall (time-series intelligence for GNQL), tracked threat actors targeting LLMs, and watched a Christmas ransomware campaign set the tone for 2026. Weβve also squeezed in fresh features like tag spikes and vendor CVE spikes for event feeds and kept building toward whatβs next with our Spacewar ADP. Check it all out and more in this month's NoiseLetter!
VP of Data Science + Research, Bob Rudis, creatively gives his thoughts, hot-takes, and whatever else he feels like.
β
Same Ghostie, new look. Nothing changed under the hood. Just a little visual polish to keep things feeling fresh. Log into your Viz account, head over to settings and give it a try for yourself!
On February 10th, we're updating all suspicious tag metadata to "recommend_block": true. Why? Our data shows that IPs appearing as suspicious consistently flip to malicious within a day or more, so blocking suspicious IPs could buy you additional day(s) of protection. While most suspicious tags already carried this recommendation, we're now applying it universally. This change affects only the tag metadata; it will affect you only if you have automation built around that field. In general, we recommend that all organizations block suspicious IPs
Calling all researchers, honeypoters, analysts, and security practitioners. Weβre expanding our ADP (Active Development Partner) program for a new product known as Project Spacewar (working title). Spin up honeypots, assign profiles, and explore real-world attack data in minutes, while directly influencing the future of our product.Interested in participating? reach out to product@greynoise.io
β
β
At the Edge Clear offers the public a preview of GreyNoiseβs weekly At the Edge intelligence brief, featuring select insights distilled from internet activity observed across the GreyNoise Global Observation Grid. View report >>
β
β
β
*Have a joke you want included in the next NoiseLetter? Submit Your Joke >>
β
If January is any indication, 2026 is going to be loud. In just a few weeks weβve shipped new capabilities, introduced Recall (time-series intelligence for GNQL), tracked threat actors targeting LLMs, and watched a Christmas ransomware campaign set the tone for 2026. Weβve also squeezed in fresh features like tag spikes and vendor CVE spikes for event feeds and kept building toward whatβs next with our Spacewar ADP. Check it all out and more in this month's NoiseLetter!
VP of Data Science + Research, Bob Rudis, creatively gives his thoughts, hot-takes, and whatever else he feels like.
β
Same Ghostie, new look. Nothing changed under the hood. Just a little visual polish to keep things feeling fresh. Log into your Viz account, head over to settings and give it a try for yourself!
On February 10th, we're updating all suspicious tag metadata to "recommend_block": true. Why? Our data shows that IPs appearing as suspicious consistently flip to malicious within a day or more, so blocking suspicious IPs could buy you additional day(s) of protection. While most suspicious tags already carried this recommendation, we're now applying it universally. This change affects only the tag metadata; it will affect you only if you have automation built around that field. In general, we recommend that all organizations block suspicious IPs
Calling all researchers, honeypoters, analysts, and security practitioners. Weβre expanding our ADP (Active Development Partner) program for a new product known as Project Spacewar (working title). Spin up honeypots, assign profiles, and explore real-world attack data in minutes, while directly influencing the future of our product.Interested in participating? reach out to product@greynoise.io
β
β
At the Edge Clear offers the public a preview of GreyNoiseβs weekly At the Edge intelligence brief, featuring select insights distilled from internet activity observed across the GreyNoise Global Observation Grid. View report >>
β
β
β
*Have a joke you want included in the next NoiseLetter? Submit Your Joke >>
β
