Edge Intelligence

What It Is

Built atop Core Intelligence, Edge Intelligence allows organizations to strategically deploy GreyNoise sensors in their own environments, capturing first-hand scanning intelligence and baiting attackers with real-world device personas, which can be uniquely customized to match customer infrastructure. This unique insight allows defenders to automatically block targeted attacks before they can compromise critical systems.

Who It Is For

Enterprise defenders, security service providers, and advanced research organizations who want to understand and prevent attacks targeting specific devices, industries, or network areas.

What's Included

Edge Intelligence allows users to deploy GreyNoise Sensors by deploying a lightweight system in their environments and connecting it to the GreyNoise cloud. Once connected, GreyNoise Personas can be deployed to the server, and scanning traffic is captured.

Users can download up to 24 hours of PCAP data from each sensor for detection engineering and triage work and compare what traffic is observed on their Sensors to those running on the GreyNoise global sensor network.

What Can I Add?

Component

Description

Use Cases

Sensor Packs

Get the ability to deploy as many sensors as needed inside your network

Use cases:

SOC Triage and Response, CTI Enrichment, and Threat Hunting and Research

Custom Personas

Request GreyNoise build a sensor persona for your specific use case and Need

Use cases:

SOC Triage and Response, CTI Enrichment, and Threat Hunting and Research

PCAP Data Extension

Get up to 30 days of PCAP data export for all sensors deployed

Use cases:

CTI Enrichment and Threat Hunting and Research

Sift

Get a custom version of Sift that provides insight into the payloads captured for sensors deployed only in your environment.

Use cases:

SOC Triage and Response, CTI Enrichment, and Threat Hunting and Research

IP Feed

Get a feed of IPs collected only by your sensors for perimeter blocking and triage

Use cases:

SOC Triage and Response

Sample Edge Package

The packages shown below are just examples. Each GreyNoise engagement can be fully customized based on customer requirements, technical environment, and usage.

For a medium-sized MSSP providing SOC and vulnerability intelligence services to their clients, they might consider:

GreyNoise Edge with 2,500 Searches/Day
IP Timeline Addon
Advanced Persona Library
Sensor Packs
Sift
Indicator Feed

Connect with Strategic Consultants

Free Intelligence

Free Intelligence is the public data we share with the security community to facilitate research and understanding of internet activity and emerging threats.

Learn more

Core Intelligence

Core Intelligence is the basic package that empowers SOC, CTI, and Threat Hunting teams to enrich their security tools with new observations and additional context on opportunistic internet scanning and common business services. GreyNoise Core streamlines operations, eliminates noise, and isolates new threats with unique, first-hand intelligence.

Learn more

Sovereign Intelligence

Built atop Edge Intelligence, Sovereign Intelligence equips nation-states, national agencies, and other global-scale organizations facing unique opportunistic and targeted geopolitical threats with the full benefit of tailored GreyNoise Intelligence services, with managed sensor deployment, custom personas, dedicated AI/ML analysis, reporting, and security consulting services.

Learn more