Integrations catalog
Take advantage of an open and flexible cyber platform.
All integrations
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
0
results
Sekoia.io Agent (Windows, Linux, MacOS)
Sekoia provides its agent for collecting security-related events with a minimal configuration overhead. This agent sends events directly to Sekoia.
Proofpoint PoD
ProofPoint On Demand (PoD) offers a real-time email processing feed to detect, classify and mitigate threats.
Ivanti / Pulse Connect Secure
Pulse Connect Secure is an SSL VPN solution for remote and mobile users.
WatchGuard Endpoint Security / Panda Security Aether
Panda Security offers two Endpoint Detection and Response (EDR) solutions for companies.
Proofpoint TAP
Proofpoint Targeted Attack Protection (TAP) helps detect, mitigate, and block advanced threats that target people through email.
Palo Alto Cortex XSOAR (CTI integration)
On Sekoia XDR, you need to create an API key with the following a specific permission.
Palo Alto NGFW
Palo Alto Networks offers an enterprise cybersecurity platform which provides network security, cloud security, endpoint protection, and various cloud-delivered security services.
PagerDuty playbooks
PagerDuty is an incident response platform for IT departments it allows triggering alerts and managing incidents.
OpenCTI - Collect Sekoia CTI database
The existing Sekoia connector for OpenCTI has been released in 2021 and is freely available on the OpenCTI Github repository.
Onyphe
Onyphe is a Cyber Defense Search Engine for open-source and cyber threat intelligence data collected by crawling various sources available on the Internet or by listening to Internet background noise.
Netfilter
Netfilter is a framework provided by the Linux kernel that offers various functions and operations for packet filtering, network address translation, and port translation.
F5 NGINX
NGINX is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP/UDP proxy server.
Netskope
Netskope is a cybersecurity company that provides solutions to protect data in cloud apps and network security while applying zero trust principles.
Microsoft 365 / Office 365 Message Trace
Microsoft 365 Message trace follows email messages as they travel through your Exchange Online organization.
MWDB
MWDB is a malware repository for automated malware collection and analysis systems hosted by CERT.pl.
Microsoft Defender XDR
Microsoft Defender XDR (formerly Microsoft 365 Defender) is a unified pre- and post-breach enterprise defense suite that natively coordinates detection, prevention, investigation, and response across endpoints, identities, email, and applications.
MISP
The default feed is available as a MISP feed. It can be added to an existing MISP instance by following MISP's documentation.
Microsoft 365 / Office 365
Microsoft Office 365 is an online service, providing the Microsoft Office Products.
Microsoft Intune
Microsoft Intune helps you protect your workforce's corporate data by managing devices and apps.
Skyhigh Secure Web Gateway / McAfee Web Gateway
Skyhigh Secure Web Gateway (SWG) (previously McAfee Web Gateway (MWG)) is a web gateway offering malware detection, threat prevention and reputation filtering.
Infoblox DDI
Infoblox DNS, DHCP, and IP address management (DDI) enables customers to control and automate their network.
Microsoft Sentinel (CTI integration)
Microsoft Sentinel is a cloud-native, security information and event management (SIEM) and security orchestration, automation, and response (SOAR) solution.
Imperva WAF
Imperva Web Application Firewall helps you to protect your web applications and your APIs.
