Silent Push updates threat-hunting platform for deeper analysis

Silent Push has released version 4.11 of its enterprise threat-hunting platform, aiming to simplify workflows for security analysts and provide deeper insights into potential attacker infrastructure.

Platform enhancements

The latest version includes updates to the platform’s core search functions. The revised interface brings together the processes for saving, monitoring, and exporting data into a single view. This change is intended to make it easier for analysts to create, track, and act on queries and automations. Users now have more detailed control over monitoring and exporting functions, including the ability to edit monitors and specify which data sets are exported.

Custom notifications can now be tailored to individual monitors, with delivery options expanded to encompass in-app messaging, email, and popular collaboration tools such as Slack and Teams.

Search functionality

The company has deployed an updated version of its proprietary search language API. The change brings improved asynchronous processing, which is designed to support longer-running queries and help analysts conduct more detailed investigations.

Integration updates

Silent Push has expanded support for Splunk, releasing integration capabilities for Splunk 3.0. This development allows enterprise users to run indicators stored in Splunk through Silent Push’s Threat Check feature. The company states that this process does not consume usage credits while enabling detection of attacker infrastructure at scale. The Splunk App now supports the creation and management of data feeds, and provides new dashboards for more detailed analysis.

The platform now also connects with D3, and the Chrome Extension has been updated to version 1.0.7. The extension enables rapid checks of indicators mentioned on websites to determine if they are considered Indicators Of Future Attack. The extension now provides automatic query generation from selected web indicators, sourcing further intelligence from Silent Push’s data repositories.

User interface

Updates to the user interface include redesigned tables for search results, intended to support new data sources. The indicator history for IOFA feeds has also been expanded. New controls for the Total View and WHOIS sections are aimed at providing more flexible navigation and access to additional context on suspicious infrastructure.

Enterprise focus

The 4.11 release is intended to help security teams identify complex emerging risks that may be missed by traditional scanning tools. The aim is to give analysts more tools and data to add context to their investigations, whether working solely in Silent Push or alongside other technologies.

“Version 4.11 builds on our ongoing commitment to enhancing the analyst experience while expanding the depth and precision of threat discovery. We’ve focused this release on giving users faster navigation, greater scanning flexibility, and more in-depth insights, to detect malicious intent earlier in the attack lifecycle,” said Ken Bagnall, CEO, Silent Push.