Pulsedive

Additional features

Indicator Lookup

Quickly search and view details for any IP address, domain, or URL, providing immediate context for investigations.

On-Demand Passive Scans

Conduct passive scans on indicators to gather publicly available information, such as WHOIS data and DNS records, without directly interacting with the potentially malicious entity.

On-Demand Active Scans

Perform active scans on IPs, URLs, and domains to collect live data like HTTP headers and SSL certificate details, providing more current insights.

Threat Research

Investigate specific threat names and aliases to access comprehensive summaries, associated indicators, MITRE ATT&CK TTPs (Tactics, Techniques, and Procedures), latest news, and additional contextual information.

Bulk Enrichment

Process large lists of indicators (e.g., from a security log) by extracting and enriching them in bulk, with the ability to export the results in various formats.

Flexible Querying (Explore Language)

Utilize Pulsedive's powerful "Explore" query language with boolean logic and wildcards to search and pivot across their vast dataset of indicators and threats using almost any data point, uncovering new insights.

Data Export Options

Export queried results and enriched data in multiple formats, including CSV for general use or STIX/TAXII 2.1 for standardized threat intelligence sharing.

API Integration

Seamlessly integrate Pulsedive data into your existing security workflows, enabling automation for alerting, enrichment, and searching within your own systems.

SOAR Integration

Designed to integrate with Security Orchestration, Automation, and Response (SOAR) platforms to automate incident response and threat mitigation actions.

SIEM/Splunk Integration

Export Pulsedive data in bulk for direct ingestion into Security Information and Event Management (SIEM) systems, Splunk, and other detection and alerting solutions.

Browser Add-on (Chrome, Firefox, Edge)

A free browser extension that allows for instant enrichment of highlighted IPs, domains, URLs, or threat names directly from any webpage you are viewing.

Enterprise TIP (Threat Intelligence Platform)

Offers a dedicated, cloud-hosted threat intelligence platform for enterprise customers with powerful data management capabilities, allowing private data management without community sharing.

Community Data Contribution

Users can contribute to the community dataset by submitting indicators and adding comments, enriching the overall intelligence pool.

Historical Screenshots

(Available in Pro tier) View historical screenshots of domains and websites for contextual analysis.

Increased Limits

(Available in Pro tier) Higher limits for Analyze, Explore, and API usage.

Third-Party Integrations

Fetch data from various third-party security integrations directly within the Pulsedive platform.

Risk Scoring

Assigns a risk score to potential threats based on multiple weighted factors like severity and likelihood of attack, helping organizations prioritize their response.

Automated Alerting

Integrate with communication platforms like Slack or Microsoft Teams via Mindflow (a mentioned integration partner) to receive real-time threat alerts.

Enhanced Threat Reporting

Automatically populate ticketing systems (like ServiceNow or Jira) with Pulsedive's aggregated threat intelligence for concise and proactive threat mitigation reports.

Built-in Utilities/Shortcuts

Offers specific shortcuts designed to help security analysts efficiently retrieve data in desired formats.

Threat Intelligence Event Streaming

Provides a stream of the latest industry news and events related to cyber threat intelligence.