Musubu partners with leading cybersecurity vendors to deliver our IP & network threat data right into their products for your ease of use.
Use Musubu’s unique IP & Network cyber threat scoring and profiling API right in your Splunk instance to determine the following for each IP:
- Cyber Threat Score: A 0-100 rating of how much of a cyber threat the IP may be based on the output of our analytics and algorithms.
- Cyber Threat Classification: High-Medium-Nuisance-Low rating of an IPs cyber threat potential for quick identification.
- Blacklist Class: The predominant cyber threat vector seen as associated with the IP address (e.g. Phishing, Ransomware, TOR, etc.).
- Blacklist Count: The number of major IP blacklisting services that have blacklisted the IP address.
- Blacklist Neighbors: The number of other IP addresses in the same subnet that have been blacklisted.
- Blacklist Count: The number of times in the last 90 days the IP address has been blacklisted.
Simply add one or more data sources to the Musubu Add-on and then you will be able to mouse over each IP address to see our threat profiling data. Use it to perform faster threat detection, threat identification, response, and mitigation.
Leverage the “showipthreatdata” custom command within the add-on to make direct calls to the Musubu API from the Splunk search view.