Abnormal Security ThreatDefence integrates Abnormal Security log data on email security events such as phishing, business email compromise, and account takeover.
AirLock AirLock protects web applications and APIs from cyberattacks, enabling secure access to online services while preventing fraud, data breaches and other threats.
AlertLogic A cloud-based vulnerability management platform that helps organizations identify and prioritize vulnerabilities across their environments, and offers threat detection and response capabilities.
Apache Apache provides an open-source web application firewall that helps secure web applications against a variety of threats, including cross-site scripting, SQL injection, and session hijacking.
ArmorBlox ThreatDefence supports ingestion of ArmorBlox log data on email security events such as phishing, account takeover, and data loss prevention.
Avanan ThreatDefence ingests Avanan log data on email security events such as phishing, malware, and data loss prevention.
AWS ThreatDefence supports ingestion of AWS log data on security events such as access control, network traffic, and user activity, enabling quick identification and response to potential threats to endpoints and cloud environments.
AWS IAM Amazon Web Services’ service for managing access to AWS resources through policies and roles.
AWS WAF ThreatDefence ingests AWS WAF log data on network security events such as web traffic, policy violations, and security threats.
Azure AD Microsoft’s cloud-based identity and access management solution for managing user authentication, authorization, and access to applications and resources.
Barracuda Email Security ThreatDefence supports ingestion of Barracuda Email Security log data on email security events such as spam, malware, and phishing.
BitDefender Provides endpoint protection with log data on security events such as malware detections, virus threats, and intrusion attempts across endpoints, networks, and cloud environments, helping to identify and respond to potential threats.
CarbonBlack Provides endpoint protection with log data on endpoint activity such as malware detections, virus threats, and intrusion attempts, which can help identify and remediate security incidents caused by these threats.
CheckPoint Firewall ThreatDefence integrates CheckPoint Firewall log data on network security events such as network traffic, policy violations, and security threats.
Cisco AMP Provides advanced endpoint security with visibility into endpoint activity, file events, and network connections, offering log data that helps detect and respond to potential malware and virus threats.
Cisco Email Security ThreatDefence integrates Cisco Email Security log data on email security events such as spam, phishing, and malware.
Cisco Firewall ThreatDefence supports ingestion of Cisco Firewall log data on network security events such as network traffic, policy violations, and security threats.
Cisco Meraki ThreatDefence ingests Cisco Meraki log data on network security events such as network traffic, application usage, and security threats.
Cisco Umbrella ThreatDefence supports ingestion of Cisco Umbrella log data on network security events such as DNS queries, web traffic, and security threats.
Citrix Netscaler ThreatDefence integrates Citrix Netscaler log data on network security events such as network traffic, application usage, and security threats.
Cloudflare Cloudflare provides a cloud-based web application firewall that helps protect web applications against common attacks such as SQL injection and cross-site scripting, while also providing DDoS protection, CDN services and more.
Corelight ThreatDefence supports ingestion of Corelight log data on network security events such as network traffic, DNS queries, and protocol anomalies.
Cortex XDR Delivers advanced endpoint protection with log data on endpoint, network, and cloud security events, which can help detect and respond to potential malware, virus, and intrusion threats.
CrowdStrike Delivers cloud-native endpoint protection with detailed log data on endpoint events such as process execution, network connections, and system changes, which can help identify and remediate security incidents caused by malware, viruses, and other threats.
CyberArk An enterprise-grade privileged access management solution for securing and managing privileged accounts and credentials.
Cybereason Offers advanced endpoint protection with log data on endpoint activity such as process execution, network connections, and system changes, which can help detect and respond to potential malware, virus, and intrusion threats.
DarkTrace ThreatDefence ingests DarkTrace log data on network security events such as network traffic, anomalous behaviors, and security threats.
Duo Security A cloud-based multi-factor authentication (MFA) and zero-trust access solution for securing user access to applications and devices.
FireEye EX ThreatDefence ingests FireEye EX log data on email security events such as phishing, malware, and BEC.
Fortinet Firewall ThreatDefence supports ingestion of Fortinet Firewall log data on network security events such as network traffic, policy violations, and security threats.
G-Suite ThreatDefence integrates G-Suite log data on security events such as access control, email security, and user activity, providing powerful threat detection and response capabilities in endpoint and cloud environments.
GitGuardian GitGuardian provides a solution that helps developers and security teams detect and remediate secrets and other sensitive information accidentally leaked in code repositories, preventing data breaches and other risks.
Google Chronicle A cloud-based security analytics platform that enables organizations to detect and investigate threats across their environments, and provides automated threat detection and response capabilities.
Google Workspace ThreatDefence ingests logs for various Gsuite applications, alerts created by Gsuite, and a snapshot of all users in the Gsuite account
Hillstone ThreatDefence ingests Hillstone log data on network security events such as network traffic, policy violations, and security threats.
Jamf Provides endpoint management and security for Apple devices with log data on security events such as malware detections, virus threats, and intrusion attempts, enabling comprehensive monitoring and management of these devices.
Juniper Firewall ThreatDefence integrates Juniper Firewall log data on network security events such as network traffic, policy violations, and security threats.
McAfee Offers comprehensive endpoint protection with log data on security events such as malware detections, virus threats, and intrusion attempts across endpoints, networks, and cloud environments, enabling security teams to quickly detect and respond to threats.
Microsoft Azure ThreatDefence ingests Azure log data on security events such as access control, network traffic, and user activity, allowing security teams to rapidly detect and respond to potential threats in endpoint and cloud environments.
Microsoft Defender Provides endpoint protection with log data on endpoint security events such as malware detections, virus threats, and intrusion attempts, allowing security teams to quickly identify and remediate security incidents.
Microsoft EventHub ThreatDefence supports ingestion of EventHub log data on security events such as network traffic, user activity, and system changes, helping to quickly detect and respond to potential threats to endpoints and cloud environments.
Microsoft O365 ThreatDefence integrates O365 log data on security events such as email security, access control, and user activity, providing comprehensive threat detection and response capabilities for endpoints and cloud environments.
Mimecast ThreatDefence supports ingestion of Mimecast log data on email security events such as spam, phishing, and malware.
Netskope ThreatDefence integrates Netskope log data on network security events such as web traffic, cloud application usage, and security threats.
Nginx Nginx provides a secure application delivery platform that helps organizations protect against cyber threats, delivering secure, high-performance web and mobile experiences.
NoName Security NoName Security provides an application security platform that helps developers and security teams identify, prioritize and remediate vulnerabilities in their applications, using AI and machine learning.
Okta An identity and access management platform that provides SSO, MFA, and lifecycle management for managing user identities and access to applications and resources.
OneLogin A cloud-based identity and access management solution that provides single sign-on (SSO) and multi-factor authentication (MFA) capabilities.
Palo Alto Firewall ThreatDefence ingests Palo Alto Firewall log data on network security events such as network traffic, policy violations, and security threats.
PerceptionPoint ThreatDefence integrates PerceptionPoint log data on email security events such as phishing, malware, and data exfiltration.
PfSense ThreatDefence integrates PfSense log data on network security events such as network traffic, policy violations, and security threats.
ProofPoint ThreatDefence integrates ProofPoint log data on email security events such as spam, phishing, and malware.
Qualys A cloud-based vulnerability management platform that enables organizations to identify, prioritize, and remediate vulnerabilities across their infrastructure.
Rapid7 A vulnerability management solution that offers vulnerability scanning, risk assessment, and remediation tracking capabilities.
Service Now An IT service management platform that offers automation and orchestration capabilities, and can be used to automate various security workflows and processes.
Shuffle An automation and response platform that helps organizations automate their security workflows, and integrates with various security tools and services.
Siemplify A security automation and orchestration platform that helps organizations automate their incident response processes, and integrates with various security tools and services.
Snyk Snyk provides a developer-first application security platform that helps organizations identify and remediate vulnerabilities in their open-source dependencies and container images, reducing risk and improving code quality.
Sophos Central Offers endpoint protection with comprehensive threat detection and response capabilities, providing log data on security events such as malware detections, virus threats, and intrusion attempts across endpoints, servers, and cloud environments.
Sophos XG Firewall ThreatDefence ingests Sophos XG Firewall log data on network security events such as network traffic, policy violations, and security threats.
Splunk A security information and event management (SIEM) platform that enables organizations to collect, analyze, and respond to security events and threats, and provides automation and orchestration capabilities.
Sumo Logic A cloud-based log management and analytics platform that enables organizations to monitor, analyze, and respond to security events and threats in real-time.
Symantec Offers endpoint protection with log data on security events such as malware detections, virus threats, and intrusion attempts across endpoints, servers, and cloud environments, which can help detect and respond to potential threats.
Teleport A modern identity-aware access proxy that allows access to resources across cloud, on-premises, and hybrid environments.
Tenable.io A cloud-based vulnerability management platform that helps organizations identify, assess, and prioritize vulnerabilities across their environments.
ThreatLocker ThreatLocker is a Zero-Trust Application Whitelisting and Ringfencing solution that prevents malware, ransomware and other cyberattacks by controlling what applications and processes are allowed to run on a device or server.
ThreatX ThreatDefence supports ingestion of ThreatX log data on network security events such as web traffic, application usage, and security threats.
Thycotic Secret Server A password management and privileged access solution that helps secure and manage privileged credentials and secrets across an organization.
Tines An automation and response platform that enables organizations to automate repetitive tasks and processes, and integrate with various security tools and services.
TrendMicro Delivers endpoint protection with log data on security events such as malware detections, virus threats, and intrusion attempts across endpoints, servers, and cloud environments, enabling rapid threat detection and response.
TrendMicro Email Security ThreatDefence ingests TrendMicro Email Security log data on email security events such as spam, phishing, and malware.
Tripwire A vulnerability management solution that offers continuous vulnerability scanning, risk assessment, and compliance management capabilities.
VeloCloud ThreatDefence supports ingestion of VeloCloud log data on network security events such as network traffic, application usage, and security threats.
VMware VMware’s application security solution helps protect modern applications across clouds and platforms, with security controls embedded directly into the application infrastructure.
WatchGuard ThreatDefence integrates WatchGuard log data on network security events such as network traffic, policy violations, and security threats.
Zeek ThreatDefence supports ingestion of Zeek log data on network security events such as network traffic, DNS queries, and protocol anomalies.
Zscaler ThreatDefence ingests Zscaler log data on network security events such as web traffic, application usage, and security threats.