Silent Push 6.0 Gives Cyber Underwriters Sharper Threat Intelligence

by

Estimated reading time: 6 minutes

An IP address can lie about where it lives. It may read Oregon. The person behind it may sit in Pyongyang. Knowing where an attack truly starts is hard work. Silent Push built its platform on that gap. That early window is where cyber insurance threat intelligence pays off.

This week, the firm launches version 6.0. Jonathan Peyster, Technical Product Manager at Silent Push, walked us through it. The update targets a habit underwriters know well. Most cyber risk data describes attacks after they land. Silent Push targets the threat earlier in the lifecycle.

A Different Read on Risk

Silent Push calls its method preemptive cyber defense. It studies how threat actors stand up domains and servers. It watches them before those tools get used.

Chief executive Ken Bagnall framed the launch this way. “Silent Push 6.0 truly eliminates noise to build meaningful signals on attacker infrastructure to preempt potential attacks,” said Bagnall, CEO and co-founder of Silent Push.

The aim is “to deeply understand threat actors, their pattern of activity,” said Peyster, adding, “we want to give our customers that preemptive advantage.” That’s achieved by “identifying threat actors’ infrastructure as they’re setting it up, rather than waiting for it to be weaponized.”  

The firm builds its own data instead of reselling other feeds. “We have all of our own first-party data that really maps the structure of the internet,” Peyster said.

He frames the goal as fact, not noise. “We really think of the ground truth, what is actually happening on the internet, not what threat actors are claiming on X or on Twitter or on the dark web,” he said.

That matters because attacker names mislead. One crew can wear several labels across reports. “There are groups that have multiple names that are actually likely the same exact threat actors,” Peyster said.

Silent Push 6.0 world map tracing a deceived US IP to its true East Asia origin for cyber insurance threat intelligence.

Inside the New Module Map

Version 6.0 sorts the platform into clear modules. Each maps to a job a security team does.

  • Defend. Plugs intelligence into your security stack. It feeds SIEM, SOAR, and firewall tools with Indicators of Future Attack.
  • Insight. Gives an analyst full context on one artifact in a single view. The aim is faster triage.
  • Reconnaissance. Built for threat hunting. Teams use it to map and track attacker infrastructure.
See also  Cyber Resilience Under Fire: New Data Exposes a Global Confidence Gap

Peyster put the Insight module in plain terms. “Insight is basically everything Silent Push knows about a domain, an IP, some piece of the internet,” Peyster said.

For an insurer, Insight reaches past your own assets. You can study a company before you cover it. A new Bulk Enrichment tool checks many assets at once.

A new fourth module rounds out the map. Silent Push calls it Advanced Attribution. It houses the headline addition in 6.0, Traffic Origin.

Where Threats Really Live

Traffic Origin arrives as a new dedicated capability in version 6.0. It attacks a stubborn gap in geolocation. An IP address shows where it is hosted. It does not show where the user sits. Those two places often differ.

“That Boardman, Oregon AWS IP could actually be used by a hacker in Pyongyang, North Korea,” Peyster said.

The company markets the capability as a way to see through hidden layers. “We typically market this as a de-anonymization tool to get around VPNs and proxy services,” Peyster said.

Silent Push built a dedicated interface for it. The capability adds a full year of data and tighter permission controls. Silent Push says no rival offers it. The company names the use cases. They include fraud prevention, know your customer checks, and hiring verification. Each one maps straight onto underwriting.

For an insurer, the value is verification. You can test who is really behind an application. “You need to understand who you are insuring,” Peyster said.

An AI Front Door

Version 6.0 adds a hosted MCP server. MCP stands for Model Context Protocol. Anthropic created it. Think of it as a translator. It sits between an AI chatbot and the data. The analyst asks a question in simple terms. The protocol turns that into a precise data request. The data system answers. The chatbot reads the result back in plain words.

See also  CFC Cyber Development Team Expands U.S. Cyber Insurance Operations

Here, the data system is Silent Push. Tools like Claude and ChatGPT plug straight in. Analysts can enrich indicators, cluster adversaries, and score risk by asking. “Our MCP server is connected to the entire context graph, all that first-party information,” Peyster said.

Cost control shaped the design. Heavy AI use can run up surprise bills. “It’s great if it’s nice in theory, but if it costs you a thousand dollars every time, it’s not great,” Peyster said. The server trims context on its own to limit token usage.

There is a data point for General Counsel. The AI tool only sends Silent Push the lookups you request. The rest of your chat stays between you and your own model. Customers can also run local models for tighter control.

From Questionnaires to Verification

Here is the underwriting takeaway. Many cyber applications still lean on self-reported checklists. Tools like Traffic Origin push the process toward proof. Verification and monitoring start to replace trust.

Silent Push offers risk scores for a quick read. Peyster said most customers still want evidence behind the number. That gap is the daily reality of cyber underwriting.

The market has taken notice. Industry group Cybersecurity Stars named Silent Push its Best National Cyber Defense Platform for 2026.

FAQ – Cyber Insurance Threat Intelligence

What is Silent Push 6.0?

It is a major update to the Silent Push platform. It reorganizes the tools into clear modules. And it adds a new Traffic Origin capability and an AI server.

Why should insurers care about the MCP server?

It lets staff query threat data in plain language. Tools like Claude and ChatGPT connect to it. The result is faster checks without platform training.

Does the AI tool share my data with Silent Push?

Only the lookups you request reach Silent Push. The rest of your chat stays with your own model. Local models are an option for stricter control.

Martin Hinton
Martin Hinton is the Executive Editor and Publisher of Cyber Insurance News and Information. With over three decades of journalism experience across six continents, his work encompasses investigative reporting, documentaries, and coverage of cultural, political, and business news. To learn more about his career, click on his name to visit his LinkedIn page.

Leave a Comment

×