Unlock the full potential of your data

Palo Alto Prisma Cloud

This integration lets you consume and analyze Prisma data, including both CSPM and CWPP products. Palo Alto Networks Prisma Cloud is a Cloud Native Application Protection Platform (CNAPP) that provides security for cloud environments.

Wiz

Wiz is a cloud security solution that scans clients' cloud environments for possible risks. This Wiz integration lets you consume and analyze Wiz data, including issues, vulnerability data and audit logs.

Amazon Web Services (AWS)

Collect logs from AWS products. AWS is a public cloud vendor offering a suite of cloud computing services.

Google Cloud Platform (GCP)

Collect logs from GCP products. Google Cloud offers a suite of public cloud computing services.

Azure

Collect logs and data from a variety of Azure services. Azure is Microsoft's public cloud computing platform.

Check Point

Collect logs from Check Point products. Check Point is a provider of hardware and software products for IT security, including network and endpoint security.

Zscaler

Collect logs from various Zscaler products. Zscaler is a cloud-based cybersecurity platform offering secure internet access and protection against online threats for organizations.

Cloudflare

Collect logs from Cloudflare products. Cloudflare provides a content delivery network (CDN), cybersecurity, WAF, and other services.

Akamai

Collect security events from Akamai products. Akamai specializes in content delivery network (CDN) solutions, cloud, and cybersecurity software.

F5 Networks

Collect logs from various F5 products. F5 specializes in application delivery, firewall, and network security solutions.

Netskope

Collect logs and data from Netskope via Cloud Log Shipper. Netskope is a security platform offering private access, networking, and cloud security solutions.

Suricata

Track network activity from Suricata, including EVE output, alerts, metadata, and more. Suricata is an open-source intrusion detection system (IDS) and intrusion prevention system (IPS).

Zeek

Analyze Zeek network traffic logs, with support for over forty Zeek logs. Zeek is an open-source network traffic analyzer and intrusion detection system.

Palo Alto Networks

Palo Alto Networks offers an enterprise cybersecurity platform that provides firewalls, threat detection and prevention tools, cloud security, network security, and more.

Cisco

Collect logs from various Cisco services. Cisco offers an industry-leading portfolio of networking, security, collaboration, and other products.

SentinelOne

Ingest logs from SentinelOne products, including Singularity Cloud Funnel. SentinelOne offers endpoint security solutions to detect and respond to cyber threats.

Osquery

Osquery is an open source framework for collecting information from operating systems, applications, and hypervisors.

Crowdstrike

Ingest logs from Crowdstrike products, including Falcon Data Replicator and SIEM connector. CrowdStrike provides an enterprise cloud-based endpoint security platform.

Tanium

Ingest logs and activity from Tanium services. Tanium is an enterprise endpoint management platform.

VMware Carbon Black

Ingest logs from VMware Carbon Black services. Carbon Black is an endpoint protection platform offered by VMware.

Okta

Collect logs and data from Okta. Okta is a cloud-based identity and access management (IAM) platform that provides secure access to an organization's applications, devices, and data.

Cisco Duo

Collect audit and activity logs from Duo. Cisco Duo is a zero-trust security platform with two-factor authentication to protect access to sensitive data.

Teleport

Collect audit events and session logs from Teleport. Teleport provides zero trust access to servers and cloud applications.

1Password

Collect 1Password activity, including sign-in attempts and item usage. 1Password is an enterprise password manager for online accounts.

CyberArk

Collect logs from various CyberArk products. CyberArk specializes in enterprise privileged access management (PAM).

Snyk

Collect Snyk vulnerabilities and audit logs. Snyk is a developer security platform that helps developers secure their applications.

Tenable

Collect vulnerability and asset data from Tenable products. Tenable specializes in vulnerability management solutions.

Abnormal Security

Ingest security events, including threats, from Abnormal Security. Abnormal Security is a cloud-based email security platform that uses AI to protect businesses from email attacks.

Proofpoint

Ingest security events from Proofpoint via SIEM API, including blocked or permitted clicks and messages. Proofpoint offers an enterprise email security platform to protect companies from cyber-attacks.

Slack Logs

Ingest audit logs and events from Slack. Slack is a popular cloud-based messaging and communication application.

GitHub

Track activity across Google Workspace via audit reports APIs. Google Workspace is a collection of cloud computing, productivity, and collaboration tools developed by Google.

Microsoft Office 365

Collect Microsoft Office 365 activity logs. Office 365 is a subscription-based service that provides access to Microsoft Office software.

GitHub

Collect audit events from your GitHub organization. GitHub is a cloud-based service for software development and version control.

ThreatQuotient

Retrieve indicators and Threat Intelligence data from the ThreatQuotient REST API. ThreatQuotient provides an enterprise threat intelligence platform (TIP).

Recorded Future

Integrate with the Recorded Future API to pull risklists, including support for domain, ip, hash and url entities. Recorded Future develops a threat intelligence platform for enterprise security.

MISP

Ingest threat intelligence indicators from MISP platform instances. MISP is an open-source threat intelligence platform used to collect and share threat intelligence and indicators of compromise (IOCs).

AbuseCH

Ingest indicators from abuse.ch URL Haus, Malware Bazaar, and Threat Fox threat intelligence feeds.

AlienVault OTX

Ingest AlienVault OTX threat intelligence indicators. AlienVault OTX is an open threat data platform that allows security researchers and threat data producers to share research and investigate new threats.