Menu

Technology Integrations

Effective security programs require integrated solutions. Break down silos, augment existing security tools and make smarter decisions with integrated threat intelligence.

Filter by

Type

Label

SIEM
app logo
Platform

AlienVault - AT&T Cybersecurity

Add the ZeroFox AlienApp to your AT&T Cybersecurity solutions to broaden your visibility into threats targeting your organization from public attack surfaces.
TIP
app logo
Intelligence
Platform

Anomali

The ZeroFox for Anomali app extends social media visibility across the cyber threat landscape into the Anomali Threat Platform. Identify threats outside the firewall on the platforms where you do business everyday: such as social media and digital platforms. Within a single view of threats across a wide range of data sources in the Anomali Threat Platform, streamline your security program quickly and effectively. ZeroFox provides alert and IoC integration.
SIEM
app logo
Platform

ArcticWolf

Arctic Wolf Networks is a cybersecurity company that provides security monitoring to detect and respond to cyber threats.
Other
app logo
Platform

Axonius

Axonius manages and secure devices, users, cloud assets, software, and SaaS apps.
Other
app logo
Platform

Cisco Umbrella

Cisco Umbrella is cloud-delivered enterprise network security which provides users with a first line of defense against cybersecurity threats. ZeroFox sends specific alert data and IoC data from our Threat Intelligence Feeds directly to Cisco Umbrella.
SOAR
app logo
Intelligence
Platform

Cyware

Cyware provides a threat response automation platform that combines cyber fusion, advanced orchestration, and automation to stay ahead of increasingly sophisticated cyber threats affecting enterprises in real-time. ZeroFox integrates with Cyware to provide orchestration of social media and digital platform threat detection and investigation, and provide alert and IoC integration.
SOAR
app logo
Platform

D3 Security

D3’s Smart SOAR platform turns down the noise so SOC teams can spend their time on real threats. With an automated Event Pipeline that reduces alert volume by 90%, unlimited expert-built integrations, and advanced automated playbooks, Smart SOAR orchestrates lightning-fast security operations for enterprise, MSSP, and public sector security teams.
SIEM
app logo
Platform

Devo

Devo is a cloud native SIEM with a real-time security data platform and intelligent automation to help your SOC work faster and smarter. ZeroFox integrates with Devo to provide orchestration of digital threat detection and investigation through alert data.
SIEM
app logo
Platform

Elastic (ELK)

Integrate ZeroFox alert data with the Elastic (ELK) SIEM, to leverage its data storage, enrichment, correlation and visualization of threats identified across your public attack surface. Add operational efficiencies using ELK's powerful investigation UI and embedded case management capabilities.
SIEM
app logo
Intelligence
Platform

Elastic Search

Elasticsearch is a search engine based on the Lucene library that provides a distributed, multitenant-capable full-text search engine with a HTTP web interface and schema-free JSON documents.
SIEM
app logo
Platform

Exabeam

Exabeam provides a cloud-native architecture for rapid data ingestion, hyper-quick query performance, powerful behavioral analytics for next-level insights that other tools miss, and automation that changes the way analysts do their jobs.
ITSM
app logo
Platform

FreshService

Freshservice enables you to save time with codeless drag-and-drop automations. Key workflows and integrations are also built in to offload low-value tasks. The ZeroFox integration creates tickets in Service Desk Plus based on customer defined alert criteria.
Business Intelligence & Analytics
app logo
Platform

Google Data Studio

Google Data Studio is a web-based data visualization tool that helps users build customized dashboards and easy-to-understand reports.
SIEM
app logo
Intelligence
Platform

Google Security Operations

Chronicle, powered by Google infrastructure, enables cost-effective use of security telemetry to improve SOC productivity and combat modern threats.
SIEM
app logo
Platform

Hunters

Hunters Security Operations Center (SOC) Platform Empower security teams to automatically detect, investigate & respond to real incidents better than SIEM.
SIEM
app logo
Intelligence
Platform

IBM® QRadar®

ZeroFox integration with IBM® QRadar® Security Information and Event Management (SIEM) helps security teams accurately detect and prioritize threats across the enterprise, to respond quickly to reduce the impact of incidents. Correlate different information and aggregate related events into single alerts to accelerate incident analysis and remediation.
ITSM
app logo
Platform

Jira

Jira is a proprietary issue tracking product developed by Atlassian that allows bug tracking and agile project management. ZeroFox provides alert and IoC integration.
SIEM
app logo
Platform

LogRhythm

Leverage ZeroFox alerts from within LogRhythm unified solution for Threat Lifecycle Management (TLM) to minimize time to detect and respond to cyberthreats.
Business Intelligence & Analytics
app logo
Platform

Maltego

Maltego is software used for open-source intelligence and forensics. It focuses on providing a library for discovery of data from open sources, and visualizing that information in a graph format, suitable for link analysis and data mining. Integrate ZeroFox alert data into Maltego to monitor and map malicious activity targeting brands, executives and customers.
ITSM
app logo
Platform

ManageEngine ServiceDesk Plus

ManageEngine ServiceDesk Plus is a comprehensive help desk and asset management software that provides help desk agents and IT managers an integrated console to monitor and maintain the assets and IT requests generated from the users of the IT resources in an organization. The ZeroFox integration creates tickets in Service Desk Plus based on customer defined alert criteria.
SIEM
app logo
Platform

MIcro Focus Arcsight

Micro Focus ArcSight is a cyber security product, first released in 2000, that provides big data security analytics and intelligence software for security information and event management (SIEM) and log management.
SIEM
app logo
Intelligence

Microsoft Azure Sentinel

ZeroFox integration with Microsoft's Azure Sentinel helps security teams quickly find and prioritize threats across their public attack surface. ZeroFox alert information is streamed to Sentinel via our data connector so that security professionals can accelerate incident analysis and remediation.
SIEM
app logo
Platform

Microsoft Sentinel: Alerts

Microsoft Sentinel is a cloud native security information and event management (SIEM) solution that runs in the Azure cloud. The ZeroFox integration delivers ZeroFox alert and IoC data to Sentinel for analysis.
Collaboration
app logo
Platform

Microsoft Teams

ZeroFox's Microsoft Teams integration allows customers to receive alert notifications from the ZeroFox Platform in a designated channel in their Teams workspace. Microsoft Teams is a proprietary business communication platform as part of Microsoft 365, offering workspace chat and videoconferencing, file storage, and application integration. Monitor for insecure team configurations, malicious actors messaging your team, and non-compliant communication. ZeroFox ensures secure meeting settings and can alert to improper/insecure configuration settings.
TIP
app logo
Intelligence
Platform

MISP

MISP is a powerful open source threat intelligence platform organisations can use to store, share and receive information about malware, threats, and vulnerabilities in a structured way
TIP
app logo
Intelligence

OpenCTI

OpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats. ZeroFox integrates IoC data from our Network & Vulnerability Feeds directly into OpenCTI
SOAR
app logo
Intelligence
Platform

Palo Alto - Cortex XSOAR

ZeroFox integrates with Palo Alto Networks Cortex XSOAR Platform (formerly Demisto) to provide orchestration of social media and digital platform threat detection and investigation, and provide alert and IoC integration via ZeroFox Threat Feed API. Install from Cortex XSOAR App Library.
SIEM
app logo
Platform

Panther

Panther alleviates the pain of traditional SIEM with detection-as-code, a robust security data lake, & flexible scalability. ZeroFox delivers rich alert data to Panther through a webhook integration.
Business Intelligence & Analytics
app logo
Platform

Power BI

Part of the Microsoft Power Platform, Power BI is a business analytics service that aims to provide interactive visualizations and business intelligence capabilities with an interface simple enough for end users to create their own reports and dashboards. Integrate ZeroFox alert data directly into Power BI to help security professionals see and understand threats affecting their organization. Use ZeroFox with Power BI to create rich data visualizations and analytics of threats affecting your attack surface.
SIEM
app logo
Platform

Rapid7 insightOps

The Rapid7 Insight Agent automatically collects data from all your endpoints, even those from remote workers and sensitive assets that cannot be actively scanned, or that rarely join the corporate network.
SIEM
app logo
Platform

RSA Netwitness

RSA Netwitness provides security analysts with advanced capabilities for rapidly detecting and resolving known, unknown and targeted attacks. Core RSA NetWitness Platform capabilities include its common data model, scalability and flexible deployment options, as well as its sophisticated analyst toolset, forensic capabilities and reporting engine.
SIEM
app logo
Platform

Securonix

Securonix provides a versatile investigation workbench and integrated incident response system that provides security analysts the ability to perform visual link analysis of events, accounts, users, access, activities, systems and even network addresses.
ITSM
app logo
Platform

ServiceNow

ServiceNow (SNOW), based in California, is the leading platform-as-a-service provider of cloud-based IT workflow solutions for management of enterprise operations. ZeroFox provides alert and IoC integration.
Collaboration
app logo
Platform

Slack

ZeroFox's Slack integration allows customers to receive alert notifications from the ZeroFox platform in a designated channel in their Slack workspace. This data source provides comprehensive protection and monitoring for malicious content and sensitive data leakage across Slack channels. Monitor channels for malicious links, risky file uploads, information leakage, and other threats. Protect internal communications and keep employees safe when engaging using Slack.
SIEM
app logo
Intelligence
Platform

Splunk Cloud / Enterprise

Splunk® Cloud™ delivers the capabilities of Splunk as Software-as-a-Service (SaaS), enabling confident decisions and decisive action on insights from your data without the need to purchase, manage and deploy additional infrastructure. ZeroFox for Splunk enables organizations to visualize and analyze threats directly from the purpose-built Splunk App. Integrate ZeroFox alerts and intelligence and improve security posture through correlation with other internal IT and security data sources.
SOAR
app logo
Intelligence
Platform

Splunk Phantom

ZeroFox integrates ZeroFox alerts and Threat Feed to leverage the power of Splunk Phantom with this bi-directional integration. Optimize the analysis of alerts, manage workflows, escalations, and tickets plus perform automated remediations such as takedown requests. Provide alert and IoC integration.
SIEM
app logo
Platform

Sumo Logic

With Sumo Logic, users can pull information from several different operational or security platforms into one consolidated dashboard for customized insights at-a-glance. Integrate ZeroFox alert data directly into Sumo Logic to leverage a full suite of logging, analytics and dashboards. Combining ZeroFox's omnichannel protection with Sumo Logic's operational and business intelligence tools delivers a winning formula for managing and securing the complex technology stack and external exposures that modern organizations face.
SOAR
app logo
Platform

Sumo Logic SOAR

Sumo Logic provides best-in-class cloud monitoring, log management, Cloud SIEM tools, and real-time insights for web and SaaS based apps.
SOAR
app logo
Platform

Swimlane

Swimlane’s SOAR platform helps security operations centers manage the growing volume of alerts more efficiently by automating time-consuming incident response processes. Organizations use Swimlane SOAR to consume alerts generated by ZeroFox, initiate takedown processes, track requests, extract IOCs and pass them to their TIP or other security platforms.
Business Intelligence & Analytics
app logo
Platform

Tableau

Tableau is a powerful data visualization and analytics platform used to help simplify raw data for end users. Integrate ZeroFox alert data directly into Tableau to help security professionals see and understand threats affecting their organization. Use ZeroFox with Tableau to create rich data visualizations and analytics of threats affecting your attack surface.
SIEM
app logo
Platform

TheHive

Integrate ZeroFox alerts into TheHive Project, an open source Security Incident Response Platform, to gain operational, analytical and response efficiencies. TheHive is designed to make life easier for SOCs, CSIRTs, CERTs and any information security practitioner dealing with security incidents that need to be investigated and acted upon swiftly. Zerofox2TH is a free, open source ZeroFox alert feeder for TheHive. You can use it to feed ZeroFox alerts into TheHive, where they can be previewed and transformed into new cases using pre-defined incident response templates or added into existing ones.
TIP
app logo
Intelligence
Platform

ThreatConnect

ZeroFox for ThreatConnect integrates social intelligence and fuses intelligence, automation, orchestration, and response to enable organizations of any size to be more predictive, proactive, and efficient. ZeroFox provides alert and IoC integration.
TIP
app logo
Intelligence
Platform

ThreatQuotient

ZeroFox shares social indicators with ThreatQuotient™ open and extensible TIP (threat intelligence platform), ThreatQ™, and cybersecurity situation room solution, ThreatQ Investigations, to empower security teams with the context, customization and prioritization needed to make better decisions, accelerate detection and response, and advance team collaboration. With the ZeroFox Threat Feed integration, ThreatQ users can ingest, correlate and take action on attacks made against their organizations via social media. Threat Intelligence teams can trace attacks back to malicious profiles, posts, comments or pages as well as pivot between these different social media objects for context. Network security teams can use ThreatQ and ZeroFox Threat Feed indicators to prevent their users from accessing malicious social objects to prevent attacks. Incident Response teams can use ThreatQ and ZeroFox Threat Feed to compare their organization’s telemetry in incidents with known indicators of compromise.
SOAR
app logo
Platform

Tines

Tines is the no-code automation engine for all your workflows, enabling teams to do their best work by limiting time wasted on manual tasks.
SOAR
app logo
Platform

Torq SOAR

Torq is the only no-code, low-code, and full-code security automation with true enterprise scalability.
ITSM
app logo
Platform

Zendesk

Zendesk’s IT service desk software puts multi-channel ticketing and employee self-service portals in a single place. IT teams can efficiently track problems, trouble tickets, changes, and assets while providing service to employees. ZeroFox provides alert and IoC integration.
Become aTechnology Partner