Technology Integrations
Effective security programs require integrated solutions. Break down silos, augment existing security tools and make smarter decisions with integrated threat intelligence.
Filter by
Type
Label
SIEM
Platform
AlienVault - AT&T Cybersecurity
Add the ZeroFox AlienApp to your AT&T Cybersecurity solutions to broaden your visibility into threats targeting your organization from public attack surfaces.
TIP
Intelligence
Platform
Anomali
The ZeroFox for Anomali app extends social media visibility across the cyber threat landscape into the Anomali Threat Platform. Identify threats outside the firewall on the platforms where you do business everyday: such as social media and digital platforms. Within a single view of threats across a wide range of data sources in the Anomali Threat Platform, streamline your security program quickly and effectively. ZeroFox provides alert and IoC integration.
SIEM
Platform
ArcticWolf
Arctic Wolf Networks is a cybersecurity company that provides security monitoring to detect and respond to cyber threats.
Other
Platform
Axonius
Axonius manages and secure devices, users, cloud assets, software, and SaaS apps.
Other
Platform
Cisco Umbrella
Cisco Umbrella is cloud-delivered enterprise network security which provides users with a first line of defense against cybersecurity threats. ZeroFox sends specific alert data and IoC data from our Threat Intelligence Feeds directly to Cisco Umbrella.
SOAR
Intelligence
Platform
Cyware
Cyware provides a threat response automation platform that combines cyber fusion, advanced orchestration, and automation to stay ahead of increasingly sophisticated cyber threats affecting enterprises in real-time. ZeroFox integrates with Cyware to provide orchestration of social media and digital platform threat detection and investigation, and provide alert and IoC integration.
SOAR
Platform
D3 Security
D3’s Smart SOAR platform turns down the noise so SOC teams can spend their time on real threats. With an automated Event Pipeline that reduces alert volume by 90%, unlimited expert-built integrations, and advanced automated playbooks, Smart SOAR orchestrates lightning-fast security operations for enterprise, MSSP, and public sector security teams.
SIEM
Platform
Devo
Devo is a cloud native SIEM with a real-time security data platform and intelligent automation to help your SOC work faster and smarter. ZeroFox integrates with Devo to provide orchestration of digital threat detection and investigation through alert data.
SIEM
Platform
Elastic (ELK)
Integrate ZeroFox alert data with the Elastic (ELK) SIEM, to leverage its data storage, enrichment, correlation and visualization of threats identified across your public attack surface. Add operational efficiencies using ELK's powerful investigation UI and embedded case management capabilities.
SIEM
Intelligence
Platform
Elastic Search
Elasticsearch is a search engine based on the Lucene library that provides a distributed, multitenant-capable full-text search engine with a HTTP web interface and schema-free JSON documents.
SIEM
Platform
Exabeam
Exabeam provides a cloud-native architecture for rapid data ingestion, hyper-quick query performance, powerful behavioral analytics for next-level insights that other tools miss, and automation that changes the way analysts do their jobs.
ITSM
Platform
FreshService
Freshservice enables you to save time with codeless drag-and-drop automations. Key workflows and integrations are also built in to offload low-value tasks. The ZeroFox integration creates tickets in Service Desk Plus based on customer defined alert criteria.
Business Intelligence & Analytics
Platform
Google Data Studio
Google Data Studio is a web-based data visualization tool that helps users build customized dashboards and easy-to-understand reports.
SIEM
Intelligence
Platform
Google Security Operations
Chronicle, powered by Google infrastructure, enables cost-effective use of security telemetry to improve SOC productivity and combat modern threats.
SIEM
Platform
Hunters
Hunters Security Operations Center (SOC) Platform Empower security teams to automatically detect, investigate & respond to real incidents better than SIEM.
SIEM
Intelligence
Platform
IBM® QRadar®
ZeroFox integration with IBM® QRadar® Security Information and Event Management (SIEM) helps security teams accurately detect and prioritize threats across the enterprise, to respond quickly to reduce the impact of incidents. Correlate different information and aggregate related events into single alerts to accelerate incident analysis and remediation.
ITSM
Platform
Jira
Jira is a proprietary issue tracking product developed by Atlassian that allows bug tracking and agile project management. ZeroFox provides alert and IoC integration.
SIEM
Platform
LogRhythm
Leverage ZeroFox alerts from within LogRhythm unified solution for Threat Lifecycle Management (TLM) to minimize time to detect and respond to cyberthreats.
Business Intelligence & Analytics
Platform
Maltego
Maltego is software used for open-source intelligence and forensics. It focuses on providing a library for discovery of data from open sources, and visualizing that information in a graph format, suitable for link analysis and data mining. Integrate ZeroFox alert data into Maltego to monitor and map malicious activity targeting brands, executives and customers.
ITSM
Platform
ManageEngine ServiceDesk Plus
ManageEngine ServiceDesk Plus is a comprehensive help desk and asset management software that provides help desk agents and IT managers an integrated console to monitor and maintain the assets and IT requests generated from the users of the IT resources in an organization. The ZeroFox integration creates tickets in Service Desk Plus based on customer defined alert criteria.
SIEM
Platform
MIcro Focus Arcsight
Micro Focus ArcSight is a cyber security product, first released in 2000, that provides big data security analytics and intelligence software for security information and event management (SIEM) and log management.
SIEM
Intelligence
Microsoft Azure Sentinel
ZeroFox integration with Microsoft's Azure Sentinel helps security teams quickly find and prioritize threats across their public attack surface. ZeroFox alert information is streamed to Sentinel via our data connector so that security professionals can accelerate incident analysis and remediation.
SIEM
Platform
Microsoft Sentinel: Alerts
Microsoft Sentinel is a cloud native security information and event management (SIEM) solution that runs in the Azure cloud. The ZeroFox integration delivers ZeroFox alert and IoC data to Sentinel for analysis.
Collaboration
Platform
Microsoft Teams
ZeroFox's Microsoft Teams integration allows customers to receive alert notifications from the ZeroFox Platform in a designated channel in their Teams workspace. Microsoft Teams is a proprietary business communication platform as part of Microsoft 365, offering workspace chat and videoconferencing, file storage, and application integration. Monitor for insecure team configurations, malicious actors messaging your team, and non-compliant communication. ZeroFox ensures secure meeting settings and can alert to improper/insecure configuration settings.
TIP
Intelligence
Platform
MISP
MISP is a powerful open source threat intelligence platform organisations can use to store, share and receive information about malware, threats, and vulnerabilities in a structured way
TIP
Intelligence
OpenCTI
OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats. ZeroFox integrates IoC data from our Network & Vulnerability Feeds directly into OpenCTI
SOAR
Intelligence
Platform
Palo Alto - Cortex XSOAR
ZeroFox integrates with Palo Alto Networks Cortex XSOAR Platform (formerly Demisto) to provide orchestration of social media and digital platform threat detection and investigation, and provide alert and IoC integration via ZeroFox Threat Feed API. Install from Cortex XSOAR App Library.
SIEM
Platform
Panther
Panther alleviates the pain of traditional SIEM with detection-as-code, a robust security data lake, & flexible scalability. ZeroFox delivers rich alert data to Panther through a webhook integration.
Business Intelligence & Analytics
Platform
Power BI
Part of the Microsoft Power Platform, Power BI is a business analytics service that aims to provide interactive visualizations and business intelligence capabilities with an interface simple enough for end users to create their own reports and dashboards. Integrate ZeroFox alert data directly into Power BI to help security professionals see and understand threats affecting their organization. Use ZeroFox with Power BI to create rich data visualizations and analytics of threats affecting your attack surface.
SIEM
Platform
Rapid7 insightOps
The Rapid7 Insight Agent automatically collects data from all your endpoints, even those from remote workers and sensitive assets that cannot be actively scanned, or that rarely join the corporate network.
SIEM
Platform
RSA Netwitness
RSA Netwitness provides security analysts with advanced capabilities for rapidly detecting and resolving known, unknown and targeted attacks. Core RSA NetWitness Platform capabilities include its common data model, scalability and flexible deployment options, as well as its sophisticated analyst toolset, forensic capabilities and reporting engine.
SIEM
Platform
Securonix
Securonix provides a versatile investigation workbench and integrated incident response system that provides security analysts the ability to perform visual link analysis of events, accounts, users, access, activities, systems and even network addresses.
ITSM
Platform
ServiceNow
ServiceNow (SNOW), based in California, is the leading platform-as-a-service provider of cloud-based IT workflow solutions for management of enterprise operations. ZeroFox provides alert and IoC integration.
Collaboration
Platform
Slack
ZeroFox's Slack integration allows customers to receive alert notifications from the ZeroFox platform in a designated channel in their Slack workspace. This data source provides comprehensive protection and monitoring for malicious content and sensitive data leakage across Slack channels. Monitor channels for malicious links, risky file uploads, information leakage, and other threats. Protect internal communications and keep employees safe when engaging using Slack.
SIEM
Intelligence
Platform
Splunk Cloud / Enterprise
Splunk® Cloud™ delivers the capabilities of Splunk as Software-as-a-Service (SaaS), enabling confident decisions and decisive action on insights from your data without the need to purchase, manage and deploy additional infrastructure. ZeroFox for Splunk enables organizations to visualize and analyze threats directly from the purpose-built Splunk App. Integrate ZeroFox alerts and intelligence and improve security posture through correlation with other internal IT and security data sources.
SOAR
Intelligence
Platform
Splunk Phantom
ZeroFox integrates ZeroFox alerts and Threat Feed to leverage the power of Splunk Phantom with this bi-directional integration. Optimize the analysis of alerts, manage workflows, escalations, and tickets plus perform automated remediations such as takedown requests. Provide alert and IoC integration.
SIEM
Platform
Sumo Logic
With Sumo Logic, users can pull information from several different operational or security platforms into one consolidated dashboard for customized insights at-a-glance. Integrate ZeroFox alert data directly into Sumo Logic to leverage a full suite of logging, analytics and dashboards. Combining ZeroFox's omnichannel protection with Sumo Logic's operational and business intelligence tools delivers a winning formula for managing and securing the complex technology stack and external exposures that modern organizations face.
SOAR
Platform
Sumo Logic SOAR
Sumo Logic provides best-in-class cloud monitoring, log management, Cloud SIEM tools, and real-time insights for web and SaaS based apps.
SOAR
Platform
Swimlane
Swimlane’s SOAR platform helps security operations centers manage the growing volume of alerts more efficiently by automating time-consuming incident response processes. Organizations use Swimlane SOAR to consume alerts generated by ZeroFox, initiate takedown processes, track requests, extract IOCs and pass them to their TIP or other security platforms.
Business Intelligence & Analytics
Platform
Tableau
Tableau is a powerful data visualization and analytics platform used to help simplify raw data for end users. Integrate ZeroFox alert data directly into Tableau to help security professionals see and understand threats affecting their organization. Use ZeroFox with Tableau to create rich data visualizations and analytics of threats affecting your attack surface.
SIEM
Platform
TheHive
Integrate ZeroFox alerts into TheHive Project, an open source Security Incident Response Platform, to gain operational, analytical and response efficiencies. TheHive is designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. Zerofox2TH is a free, open source ZeroFox alert feeder for TheHive. You can use it to feed ZeroFox alerts into TheHive, where they can be previewed and transformed into new cases using pre-defined incident response templates or added into existing ones.
TIP
Intelligence
Platform
ThreatConnect
ZeroFox for ThreatConnect integrates social intelligence and fuses intelligence, automation, orchestration, and response to enable organizations of any size to be more predictive, proactive, and efficient. ZeroFox provides alert and IoC integration.
TIP
Intelligence
Platform
ThreatQuotient
ZeroFox shares social indicators with ThreatQuotient™ open and extensible TIP (threat intelligence platform), ThreatQ™, and cybersecurity situation room solution, ThreatQ Investigations, to empower security teams with the context, customization and prioritization needed to make better decisions, accelerate detection and response, and advance team collaboration. With the ZeroFox Threat Feed integration, ThreatQ users can ingest, correlate and take action on attacks made against their organizations via social media. Threat Intelligence teams can trace attacks back to malicious profiles, posts, comments or pages as well as pivot between these different social media objects for context. Network security teams can use ThreatQ and ZeroFox Threat Feed indicators to prevent their users from accessing malicious social objects to prevent attacks. Incident Response teams can use ThreatQ and ZeroFox Threat Feed to compare their organization’s telemetry in incidents with known indicators of compromise.
SOAR
Platform
Tines
Tines is the no-code automation engine for all your workflows, enabling teams to do their best work by limiting time wasted on manual tasks.
SOAR
Platform
Torq SOAR
Torq is the only no-code, low-code, and full-code security automation with true enterprise scalability.
ITSM
Platform
Zendesk
Zendesk’s IT service desk software puts multi-channel ticketing and employee self-service portals in a single place. IT teams can efficiently track problems, trouble tickets, changes, and assets while providing service to employees. ZeroFox provides alert and IoC integration.
Become a
Technology Partner