Cyber-security firm GreyNoise Intelligence today announced the launch of GreyNoise Alerts, a new free service that will automatically notify you via email when any devices on your organization’s IP address range get hacked and start exhibiting potentially malicious behavior.
How does it work? The threat intelligence outfit sifts through widespread scan traffic reaching Internet-connected devices to help customers filter untargeted scans and detect emerging threats and compromised devices.
Using the results it gets from continuously monitoring scan traffic, GreyNoise will look for any signals coming from any of the devices on your network and will notify you whenever it detects known attack traffic artifacts.
The new GreyNoise Alerts service also works for users with free accounts and it is still in the beta testing phase according to the company’s announcement.
To use the new service, you have to configure a new alert by entering the IP block you want to be monitored using Classless Inter-Domain Routing (CIDR) notation, choose a scanning interval, and enter the email where you want the notification to be sent.
Whenever GreyNoise will find “any Internet scan and attack traffic originating from networks” that matches your alert settings, it will send you an email summary containing the IPs that have started misbehaving since the last scan.
GreyNoise customers with Standard and Enterprise accounts will also receive additional information including:
• Optional file attachment (JSON, CSV) with full query results
• Monitor an unlimited amount of networks
• Alerts on realtime or hourly intervals
• Receive notifications by webhook or Slack notification
“Free users receive notifications within one day, Enterprise customers receive notifications in real-time,” GreyNoise explained.
The company is also working on adding support for webhooks, Slack notifications, data export attachments, and SIEM integration to the GreyNoise Alerts service.
When asked if there are any plans to give up on supporting GreyNoise Alerts for free accounts after the service gets out beta, GreyNoise Intelligence founder Andrew Morris told BleepingComputer that the company wants to continue providing value to the free user community.
“We will never remove free alerts, but it is likely that free alerts will not support real-time delivery,” he added. “It’s likely that we’ll have to reserve that for our Enterprise customers.”
The information contained in this website is for general information purposes only. The information is gathered from Bleeping Computer, while we endeavour to keep the information up to date and correct, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. Through this website, you are able to link to other websites which are not under the control of CSIRT-CY. We have no control over the nature, content and availability of those sites. The inclusion of any links does not necessarily imply a recommendation or endorse the views expressed within them. Every effort is made to keep the website up and running smoothly. However, CSIRT-CY takes no responsibility for, and will not be liable for, the website being temporarily unavailable due to technical issues beyond our control.