ThreatBlockr integrates with GreyNoise to guard against false positives

ThreatBlockr and GreyNoise announced a partnership that will enhance the ThreatBlockr platform.

By leveraging GreyNoise data, ThreatBlockr customers now have automatic access to this enhanced cyber intelligence and the largest cyber intelligence data set that protects against false positives.

“False positives can often cause disruptions and wasted time, which can lead to security controls being deactivated and open the floodgates for bad actors,” said Pat McGarry, CTO of ThreatBlockr. “By incorporating GreyNoise into our platform, we are significantly reducing this risk and are able to mitigate false positives while still maintaining security on the rest of the network. We are excited to make ThreatBlockr the only security control solution on the market that can ingest this volume of data and operate on it instantaneously to help our customers.”

GreyNoise’s analogous whitelist data set, known as RIOT, enables the ThreatBlockr platform to monitor 60 million known good IP addresses and reduces the risk of false positives. RIOT, short for “Rule it Out,” informs users about IPs used by common business services that are almost certainly not attacking networks.

RIOT enables security practitioners to quickly eliminate logs and events generated from businesses services from their security telemetry. GreyNoise releases updates to this comprehensive RIOT list several times a day to ensure the most current and accurate data is presented to users.

Traditional threat intelligence feeds make an effort to enumerate the locations where the bad guys may be – RIOT is the exact opposite. ThreatBlockr also has roadmap plans to integrate GreyNoise’s separate malicious data feeds into the platform, allowing its data to enhance ThreatBlockr’s already-industry-leading ability to identify and block likely malicious traffic in real-time while providing unparalleled false positive protection.