Integrations

Integrations

We integrate 400+ existing tools — from firewalls and email security to identity providers, EDRs, cloud platforms, and anything in between. No lock-ins, delays, or costly migrations.

PSA/RMM integrations

Direct connections to leading PSA and RMM platforms used by MSPs. Alerts create tickets, assets stay in sync, and workflows integrate into your existing service operations (Exact functionality differs per integration).

Platform integrations

Two-way connections with endpoint, firewall, network, cloud, and identity tools. Trigger containment, push policy changes and automate response workflows from a single platform.

All

Endpoint

Firewall

Absolute

NetMotion

Accops

Accops

Acronis Cyber Protect

Alerts Agents (automatically set in backend)

Ahnlab

EMS

Ahnlab

EPP

AhnLab

Policy Center

AhnLab

TrusGuard

AhnLab

AIPS

AirGap

Ransomware Kill Switch

AIX

AIX

Akamai

Akamai

Alcatel Lucent Switch

Alcatel Lucent Switch

AlfaSiber

Ubuntu 20 Redhat 7 and 8 Centos 6 and 7 Amazon linux 2

Alibaba

Aliyun / AliCloud

Android

Android

Apache

httpd 2.4

AQTRONiX

WebKnight

Aqua

Cloud Native Application Protection Platform (CNAPP)

Arbor

Peakflow SP

Array Networks

Secure Access Gateway

Aruba

Switch

Automox

Automox

Avanan

Avanan

Avaya Switch

Switch

AWS

Security lake

AWS

GuardDuty

AWS

Firewall

AWS

Generic S3 Connector

AWS

CloudTrail

AWS

CloudWatch

AWS

WAF

AXGATE

Next Generation Firewall

Barracuda

Firewall

Barracuda

Barracuda Email Security

Barracuda

WAF

BeyondTrust

PasswordSafe

BeyondTrust

BeyondInsight

Bitdefender

Bitdefender

BlackBerry

Cylance PROTECT & OPTICS

BlueCoat

ProxySG

Box

Syslog

Broadcom

Symantec Cloud Workload Protection

Broadcom

Symantec Endpoint Security

Broadcom

Symantec Messaging Gateway

Broadcom

Symantec Email Security

Broadcom

(Blue Coat / Symantec) WSS

Brocade switch

Switch

Calyptix

UTM

Cato Networks

Cato Networks

Centos Audit

Centos

Centrify

Centrify

Cerberus

FTP Server

Check Point

Application Control

Check Point

Check Point

Check Point

URL Filtering

CheckPoint

Harmony EP

CheckPoint

Appliance 730/750 Series

CheckPoint

Firewall

CheckPoint

VPN-1 & FireWall-1 (SmartDefense)

Cisco

AMP

Cisco

FMC

Cisco

Meraki

Cisco

CUCM

Cisco

Identity Services Engine (ISE)

Cisco

Duo Security

Cisco

Routers and Switches

Cisco

WLC

Cisco

IKE

Cisco

VPN

Cisco

UCS

Cisco

ESA

Cisco

Umbrella

Cisco

ASA

Cisco

Firepower

Cisco

MDS

Cisco

Netflow

Cisco

IronPort

Citrix

NetScaler

Citrix

Citrix Access Gateway

Cloudflare

Cloudflare

Comodo

Internet Security/Comodo Client Security

CoreLight

Sensor

CoSoSys

Endpoint Protection

Cribl

Cribl

CrowdStrike

Falcon

CyberArk

Privileged Threat Analytics

CyberCNS

vuln

Cybereason

Cybereason

Cygna Labs

Cygna Auditor

Cynet

Cynet 360

CYRISMA

Cyrisma

D-Link

DBSafer

Deciso

OPNsense 22.1.8

Deep Instinct

Prevention for Applications

Deep Instinct

Prevention for Endpoints

Dell

Integrated Dell Remote Access Controller (iDRAC)

Dell Switch

Switch

DHCPD

(IS DHCP)

DNSVault

Vault

Dragos

Platform

DrayTek

Firewall

eDictionary

eDictionary

Egnyte

Ericom

ZTEdge

ESET

PROTECT

ExtraHop

Reveal(x)

Extreme

Cloud IQ Site Engine

Extreme

WiNG NX 7500 Controller

Extreme

AirDefense

F5

BIG-IP Telemetry

F5

Firewall

F5

IPI

F5

ASM

F5

NGINX

F5

BIG-IP

F5

BIG-IP ASM

F5

BIG-IP FIREWALL

F5

iRule

F5

L7 DDOS

F5

Mitigation

F5

Silverline

F5

WAF

F5

VPN

Forcepoint

Forcepoint

Forcepoint

Firewall

Forcepoint

Web Security

ForeScout

Asset Syslog

Fortinet

Fortimail

Fortinet

(No description)

Fortinet

FortiGate

Fortinet

FortiWeb

FutureSystems

WeGuardia SSL plus (SSL VPN)

Gatewatcher NDR

Network Detection and Response

Google

Workspace

Google

Cloud Audit Log

Guardicore

System Logs

HAProxy

HAProxy

Hibun

Access Logs Event Logs Operation Logs

Hillstone

Hillstone

Huawei

S300, S500, S2700, S5700, S6700, NetEngine40E, iMaster NCE-IP

IBM

AS400

IBM

IBM RazLeeSecurity Audit

Imperva

Jsonar Database Security Tool

Imperva

Log files

Indusface

Web Application Firewall

ISC

dhcpd

Jamf

Protect (MacOS)

Jsonar

Database Security Tools

Juniper

SRX

Juniper

SSG

Juniper

Switch

KasperskyLab

Security Center

Keycloak

Keycloak

LanScope

Cat

LastPass

Reporting

Lepide

data security platform

Linux

syslog

Mailboarder

Agent

ManageEngine

ADAuditPlus

McAfee

Network Security

McAfee

Advanced Threat Defense

MCAS

SIEM Agent

Medigate by Claroty

Medigate

Melapress

Melapress WordPress

Menlo Security

MS-XL50M

Metieye

Security Strategy Research (SSR)

Microsoft

Azure Event Hub

Microsoft

azuread

Microsoft

Microsoft SQL Server (MSSQL)

Microsoft

Windows Defender AV

Microsoft

Windows Event NXLog

Microsoft

Windows System Security

Microsoft

AQTRONiX WebKnight

Microsoft

Azure ATP

Microsoft

Azure MFA

Microsoft

Active Directory

Microsoft

Azure Active Directory

Microsoft

Office 365

Microsoft

Windows Defender for Cloud

Microsoft

Windows Defender for Endpoint

Microsoft

Windows Event

Microsoft

Windows via Graylog

Microsoft

IIS

Microsoft

Windows DNS Server

MicroWorld

eScan

MikroTik

Firewall and Router

Nasuni

System Logs

Tenable Nessus Scanner

(no description)

NetApp

Database

Netfilter

(no description)

NetIQ

Access Manager

NetIQ

Identity Manager

NetIQ

SSO

NetIQ Advanced Authentication

NetIQ Advanced Authentication

Netman

Smart NAC

NetMotion

NetMotion

Netskope

WSG Read More >>

NXLog

System Logs

Okta

(no description)

OneLogin

OneLogin

Open LDAP

(for Cisco ESA, use 5562)

OpenCanary

(no description)

opendental

MySQL

OpenShift

System Logs

OpenVPN

(no description)

OpnSense

Zenarmor plugin logs

Oracle

Database

Oracle

Oracle Cloud Infrastructure (OCI)

Oracle

Oracle Solaris 11 (11.3, 11.4)

Ordr

Connected Device Security

P&P Secure

(no description)

PacketFence

PacketFence

Palo Alto Networks

Prisma Cloud

Palo Alto Networks

NG Firewall

Palo Alto Networks

Traps Agent

Penta Security

WAPPLES WAF

Peplink

Peplink XDR Pro

Perception

Point X-Ray

pfSense Firewall

(no description)

PIOLINK

WEBFRONT-K

PrintChaser

(no description)

Privacy-i

Privacy-i

Proofpoint

Proofpoint

Proofpoint

Proofpoint on Demand

Pulse

Pulse Secure

Qualys

Qualys

Qumulo

Qumulo

Radware

DefensePro

Rapid7

Rapid7

RazLeeSecurity

Audit

Red Hat

Openshift

RedSense Cyber Threat Intelligence

enhanced threat intelligence

RSA

Authentication Manager

Ruckus

Zone Director ZD 1200

RuiJie

RuiJie Switch

SafePC

System Logs

Salesforce

Syslog

SonicWall

NSA 2400

SonicWall

VPN

Sophos

Firewall

Sophos

Central

Sophos

XG

Sophos

Web Appliance

Splashtop

Splashtop Remote Desktop

Splunk

Heavy Forwarder

SSH Host

(no description)

Stormshield

Net Security Firewall

Sunny Valley Networks

Zenarmor

Symantec

Endpoint Protection

Symantec

Firewall

Synology

Directory Server

Tenable

Nessus Scanner

Tenable

Tenable.io

Tenable

Tenable.sc

Thales Group

CipherTrust Manager

Thinkst Canary

Canary

Trellix

(FireEye) Endpoint Security HX

Trellix

MVision

Trend Micro

SMTP

Trend Micro

Deep Security Agent

Trend Micro

TippingPoint Intrusion Prevention System

Trend Micro

Proxy

Trend Micro

Apex Central

Trend Micro

Cloud One

Trend Micro

Vision One

Tripwire

Enterprise

Ubiquiti

UAP-AC-Pro

Unix

(no description)

Untangle

Firewall

Varonis

DatAdvantage

Versa Networks

Firewall

VMWare

Carbon Black

VMware

Carbon Black Cloud

VMware

NSX-T Data Center

VMware

Workspace ONE

VMware

NSX-T Data Center

VMware

UAG

VMware

Vcenter

VMware

ESXi

VMware

XTM (LEEF)

WatchGuard

Firewall Security Appliance

Wazuh

Wazuh Endpoint

Webroot

(no description)

WINS

Sniper NGFW

Wins

IPS ONE-1 / Wins DDX

WithSecure

IPS ONE-1 / Wins DDX

Wowsoft

PrintChaser

Zix Mail

(no description)

Zscaler

ZPA

Zscaler

ZIA Firewall

Zscaler

NSSWeblog

Zscaler

ZIA Web

Zyxel

Firewall

Platform connectors

One-way data feeds that pull telemetry from endpoint, firewall, cloud, SaaS, email, DNS, identity, vulnerability scanners, and databases into our open XDR platform. Normalized, correlated, and ready to investigate. Connectors let you see more.

Cloud security

Prisma Cloud

Broadcom Symantec

Cloud workload protection

Database

Microsoft SQL Server (Klassify)

MySQL

DNS security

HYAS Protect

Email

Barracuda Email Security

Mimecast

Proofpoint on Demand

Proofpoint Targeted Attacke Protection (TAP)

Broadband Symantec Email Security

Endpoint security

Acronis Cyber Protect Cloud

Akamai

Bitdefender

BlackBerry Cylance

Broadcom Symantec Endpoint Security (SES)

Cisco AMP

4.3.0-4.3.4

CrowdStrike (Hosts)

CrowdStrike (Events)

4.3.5+

CrowdStrike (Hosts/Events)

Cybereason

Cynet

Deep Instinct

Forescout

HIBUN

Jamf Protect

Microsoft Defender for Endpoint

SentinelOne

SonicWall Capture Client

Sophos Central

Trellix (FireEye) Endpoint Security HX

Trend Micro Apex Central

Trend Micro Cloud One

Trend Micro Vision One

VMware Carbon Black Cloud

VMware Workspace ONE

Webroot

Firewall

AWS

Barracuda

Check Point

Cisco (Firepower) FMC

Cisco Meraki

F5 BIG-IP ASM

F5 BIG-IP Firewall

F5 Silverline

Fortigate

Hillstone

Palo Alto Networks

SonicWall

Sophos XG

Honeypot

Thinkst Canary

Remote host

SSH Host

SASE

Cato Networks

Webhook

Universal Webhook Responder

IdP

Active Directory

Duo Security

JumpCloud

Okta

OneLogin

Security switch

HanDreamnet Security Switch

PaaS

AWS CloudTrail

AWS CloudWatch

AWS GuardDuty

Azure Event Hub

Google Cloud Audit Log

Oracle Cloud Infrastructure (OCI)

Amazon Security Lake

SaaS

Azure Active Directory

Box

Google Workspace

Office 365

Salesforce

Generic ingestion / telemetry

Syslog

Windows Event Log

Linux Audit Log

SNMP

NetFlow / IPFIX

Vulnerability scanner

CYRISMA

Nessus Scanner

Qualys

Rapid7

Tenable.io

Tenable.sc

Web security

Broadcom (Blue Coat / Symantec) WSS

Cisco Umbrella

Cloudflare

Imperva Incapsula

Indusface

LastPass

NetSkope

PSA/RMM integrations

Direct connections to leading PSA and RMM platforms used by MSPs. Alerts create tickets, assets stay in sync, and workflows integrate into your existing service operations (Exact functionality differs per integration).

Platform integrations

Two-way connections with endpoint, firewall, network, cloud, and identity tools. Trigger containment, push policy changes and automate response workflows from a single platform.

All

Endpoint

Firewall

Absolute

NetMotion

Accops

Accops

Acronis Cyber Protect

Alerts Agents (automatically set in backend)

Ahnlab

EMS

Ahnlab

EPP

AhnLab

Policy Center

AhnLab

TrusGuard

AhnLab

AIPS

AirGap

Ransomware Kill Switch

AIX

AIX

Akamai

Akamai

Alcatel Lucent Switch

Alcatel Lucent Switch

AlfaSiber

Ubuntu 20 Redhat 7 and 8 Centos 6 and 7 Amazon linux 2

Alibaba

Aliyun / AliCloud

Android

Android

Apache

httpd 2.4

AQTRONiX

WebKnight

Aqua

Cloud Native Application Protection Platform (CNAPP)

Arbor

Peakflow SP

Array Networks

Secure Access Gateway

Aruba

Switch

Automox

Automox

Avanan

Avanan

Avaya Switch

Switch

AWS

Security lake

AWS

GuardDuty

AWS

Firewall

AWS

Generic S3 Connector

AWS

CloudTrail

AWS

CloudWatch

AWS

WAF

AXGATE

Next Generation Firewall

Barracuda

Firewall

Barracuda

Barracuda Email Security

Barracuda

WAF

BeyondTrust

PasswordSafe

BeyondTrust

BeyondInsight

Bitdefender

Bitdefender

BlackBerry

Cylance PROTECT & OPTICS

BlueCoat

ProxySG

Box

Syslog

Broadcom

Symantec Cloud Workload Protection

Broadcom

Symantec Endpoint Security

Broadcom

Symantec Messaging Gateway

Broadcom

Symantec Email Security

Broadcom

(Blue Coat / Symantec) WSS

Brocade switch

Switch

Calyptix

UTM

Cato Networks

Cato Networks

Centos Audit

Centos

Centrify

Centrify

Cerberus

FTP Server

Check Point

Application Control

Check Point

Check Point

Check Point

URL Filtering

CheckPoint

Harmony EP

CheckPoint

Appliance 730/750 Series

CheckPoint

Firewall

CheckPoint

VPN-1 & FireWall-1 (SmartDefense)

Cisco

AMP

Cisco

FMC

Cisco

Meraki

Cisco

CUCM

Cisco

Identity Services Engine (ISE)

Cisco

Duo Security

Cisco

Routers and Switches

Cisco

WLC

Cisco

IKE

Cisco

VPN

Cisco

UCS

Cisco

ESA

Cisco

Umbrella

Cisco

ASA

Cisco

Firepower

Cisco

MDS

Cisco

Netflow

Cisco

IronPort

Citrix

NetScaler

Citrix

Citrix Access Gateway

Cloudflare

Cloudflare

Comodo

Internet Security/Comodo Client Security

CoreLight

Sensor

CoSoSys

Endpoint Protection

Cribl

Cribl

CrowdStrike

Falcon

CyberArk

Privileged Threat Analytics

CyberCNS

vuln

Cybereason

Cybereason

Cygna Labs

Cygna Auditor

Cynet

Cynet 360

CYRISMA

Cyrisma

D-Link

DBSafer

Deciso

OPNsense 22.1.8

Deep Instinct

Prevention for Applications

Deep Instinct

Prevention for Endpoints

Dell

Integrated Dell Remote Access Controller (iDRAC)

Dell Switch

Switch

DHCPD

(IS DHCP)

DNSVault

Vault

Dragos

Platform

DrayTek

Firewall

eDictionary

eDictionary

Egnyte

Ericom

ZTEdge

ESET

PROTECT

ExtraHop

Reveal(x)

Extreme

Cloud IQ Site Engine

Extreme

WiNG NX 7500 Controller

Extreme

AirDefense

F5

BIG-IP Telemetry

F5

Firewall

F5

IPI

F5

ASM

F5

NGINX

F5

BIG-IP

F5

BIG-IP ASM

F5

BIG-IP FIREWALL

F5

iRule

F5

L7 DDOS

F5

Mitigation

F5

Silverline

F5

WAF

F5

VPN

Forcepoint

Forcepoint

Forcepoint

Firewall

Forcepoint

Web Security

ForeScout

Asset Syslog

Fortinet

Fortimail

Fortinet

(No description)

Fortinet

FortiGate

Fortinet

FortiWeb

FutureSystems

WeGuardia SSL plus (SSL VPN)

Gatewatcher NDR

Network Detection and Response

Google

Workspace

Google

Cloud Audit Log

Guardicore

System Logs

HAProxy

HAProxy

Hibun

Access Logs Event Logs Operation Logs

Hillstone

Hillstone

Huawei

S300, S500, S2700, S5700, S6700, NetEngine40E, iMaster NCE-IP

IBM

AS400

IBM

IBM RazLeeSecurity Audit

Imperva

Jsonar Database Security Tool

Imperva

Log files

Indusface

Web Application Firewall

ISC

dhcpd

Jamf

Protect (MacOS)

Jsonar

Database Security Tools

Juniper

SRX

Juniper

SSG

Juniper

Switch

KasperskyLab

Security Center

Keycloak

Keycloak

LanScope

Cat

LastPass

Reporting

Lepide

data security platform

Linux

syslog

Mailboarder

Agent

ManageEngine

ADAuditPlus

McAfee

Network Security

McAfee

Advanced Threat Defense

MCAS

SIEM Agent

Medigate by Claroty

Medigate

Melapress

Melapress WordPress

Menlo Security

MS-XL50M

Metieye

Security Strategy Research (SSR)

Microsoft

Azure Event Hub

Microsoft

azuread

Microsoft

Microsoft SQL Server (MSSQL)

Microsoft

Windows Defender AV

Microsoft

Windows Event NXLog

Microsoft

Windows System Security

Microsoft

AQTRONiX WebKnight

Microsoft

Azure ATP

Microsoft

Azure MFA

Microsoft

Active Directory

Microsoft

Azure Active Directory

Microsoft

Office 365

Microsoft

Windows Defender for Cloud

Microsoft

Windows Defender for Endpoint

Microsoft

Windows Event

Microsoft

Windows via Graylog

Microsoft

IIS

Microsoft

Windows DNS Server

MicroWorld

eScan

MikroTik

Firewall and Router

Nasuni

System Logs

Tenable Nessus Scanner

(no description)

NetApp

Database

Netfilter

(no description)

NetIQ

Access Manager

NetIQ

Identity Manager

NetIQ

SSO

NetIQ Advanced Authentication

NetIQ Advanced Authentication

Netman

Smart NAC

NetMotion

NetMotion

Netskope

WSG Read More >>

NXLog

System Logs

Okta

(no description)

OneLogin

OneLogin

Open LDAP

(for Cisco ESA, use 5562)

OpenCanary

(no description)

opendental

MySQL

OpenShift

System Logs

OpenVPN

(no description)

OpnSense

Zenarmor plugin logs

Oracle

Database

Oracle

Oracle Cloud Infrastructure (OCI)

Oracle

Oracle Solaris 11 (11.3, 11.4)

Ordr

Connected Device Security

P&P Secure

(no description)

PacketFence

PacketFence

Palo Alto Networks

Prisma Cloud

Palo Alto Networks

NG Firewall

Palo Alto Networks

Traps Agent

Penta Security

WAPPLES WAF

Peplink

Peplink XDR Pro

Perception

Point X-Ray

pfSense Firewall

(no description)

PIOLINK

WEBFRONT-K

PrintChaser

(no description)

Privacy-i

Privacy-i

Proofpoint

Proofpoint

Proofpoint

Proofpoint on Demand

Pulse

Pulse Secure

Qualys

Qualys

Qumulo

Qumulo

Radware

DefensePro

Rapid7

Rapid7

RazLeeSecurity

Audit

Red Hat

Openshift

RedSense Cyber Threat Intelligence

enhanced threat intelligence

RSA

Authentication Manager

Ruckus

Zone Director ZD 1200

RuiJie

RuiJie Switch

SafePC

System Logs

Salesforce

Syslog

SonicWall

NSA 2400

SonicWall

VPN

Sophos

Firewall

Sophos

Central

Sophos

XG

Sophos

Web Appliance

Splashtop

Splashtop Remote Desktop

Splunk

Heavy Forwarder

SSH Host

(no description)

Stormshield

Net Security Firewall

Sunny Valley Networks

Zenarmor

Symantec

Endpoint Protection

Symantec

Firewall

Synology

Directory Server

Tenable

Nessus Scanner

Tenable

Tenable.io

Tenable

Tenable.sc

Thales Group

CipherTrust Manager

Thinkst Canary

Canary

Trellix

(FireEye) Endpoint Security HX

Trellix

MVision

Trend Micro

SMTP

Trend Micro

Deep Security Agent

Trend Micro

TippingPoint Intrusion Prevention System

Trend Micro

Proxy

Trend Micro

Apex Central

Trend Micro

Cloud One

Trend Micro

Vision One

Tripwire

Enterprise

Ubiquiti

UAP-AC-Pro

Unix

(no description)

Untangle

Firewall

Varonis

DatAdvantage

Versa Networks

Firewall

VMWare

Carbon Black

VMware

Carbon Black Cloud

VMware

NSX-T Data Center

VMware

Workspace ONE

VMware

NSX-T Data Center

VMware

UAG

VMware

Vcenter

VMware

ESXi

VMware

XTM (LEEF)

WatchGuard

Firewall Security Appliance

Wazuh

Wazuh Endpoint

Webroot

(no description)

WINS

Sniper NGFW

Wins

IPS ONE-1 / Wins DDX

WithSecure

IPS ONE-1 / Wins DDX

Wowsoft

PrintChaser

Zix Mail

(no description)

Zscaler

ZPA

Zscaler

ZIA Firewall

Zscaler

NSSWeblog

Zscaler

ZIA Web

Zyxel

Firewall

Platform connectors

One-way data feeds that pull telemetry from endpoint, firewall, cloud, SaaS, email, DNS, identity, vulnerability scanners, and databases into our open XDR platform. Normalized, correlated, and ready to investigate. Connectors let you see more.

Cloud security

Prisma Cloud

Broadcom Symantec

Cloud workload protection

Database

Microsoft SQL Server (Klassify)

MySQL

DNS security

HYAS Protect

Email

Barracuda Email Security

Mimecast

Proofpoint on Demand

Proofpoint Targeted Attacke Protection (TAP)

Broadband Symantec Email Security

Endpoint security

Acronis Cyber Protect Cloud

Akamai

Bitdefender

BlackBerry Cylance

Broadcom Symantec Endpoint Security (SES)

Cisco AMP

4.3.0-4.3.4

CrowdStrike (Hosts)

CrowdStrike (Events)

4.3.5+

CrowdStrike (Hosts/Events)

Cybereason

Cynet

Deep Instinct

Forescout

HIBUN

Jamf Protect

Microsoft Defender for Endpoint

SentinelOne

SonicWall Capture Client

Sophos Central

Trellix (FireEye) Endpoint Security HX

Trend Micro Apex Central

Trend Micro Cloud One

Trend Micro Vision One

VMware Carbon Black Cloud

VMware Workspace ONE

Webroot

Firewall

AWS

Barracuda

Check Point

Cisco (Firepower) FMC

Cisco Meraki

F5 BIG-IP ASM

F5 BIG-IP Firewall

F5 Silverline

Fortigate

Hillstone

Palo Alto Networks

SonicWall

Sophos XG

Honeypot

Thinkst Canary

Remote host

SSH Host

SASE

Cato Networks

Webhook

Universal Webhook Responder

IdP

Active Directory

Duo Security

JumpCloud

Okta

OneLogin

Security switch

HanDreamnet Security Switch

PaaS

AWS CloudTrail

AWS CloudWatch

AWS GuardDuty

Azure Event Hub

Google Cloud Audit Log

Oracle Cloud Infrastructure (OCI)

Amazon Security Lake

SaaS

Azure Active Directory

Box

Google Workspace

Office 365

Salesforce

Generic ingestion / telemetry

Syslog

Windows Event Log

Linux Audit Log

SNMP

NetFlow / IPFIX

Vulnerability scanner

CYRISMA

Nessus Scanner

Qualys

Rapid7

Tenable.io

Tenable.sc

Web security

Broadcom (Blue Coat / Symantec) WSS

Cisco Umbrella

Cloudflare

Imperva Incapsula

Indusface

LastPass

NetSkope

PSA/RMM integrations

Direct connections to leading PSA and RMM platforms used by MSPs. Alerts create tickets, assets stay in sync, and workflows integrate into your existing service operations (Exact functionality differs per integration).

Platform integrations

Two-way connections with endpoint, firewall, network, cloud, and identity tools. Trigger containment, push policy changes and automate response workflows from a single platform.

All

Endpoint

Firewall

Absolute

NetMotion

Accops

Accops

Acronis Cyber Protect

Alerts Agents (automatically set in backend)

Ahnlab

EMS

Ahnlab

EPP

AhnLab

Policy Center

AhnLab

TrusGuard

AhnLab

AIPS

AirGap

Ransomware Kill Switch

AIX

AIX

Akamai

Akamai

Alcatel Lucent Switch

Alcatel Lucent Switch

AlfaSiber

Ubuntu 20 Redhat 7 and 8 Centos 6 and 7 Amazon linux 2

Alibaba

Aliyun / AliCloud

Android

Android

Apache

httpd 2.4

AQTRONiX

WebKnight

Aqua

Cloud Native Application Protection Platform (CNAPP)

Arbor

Peakflow SP

Array Networks

Secure Access Gateway

Aruba

Switch

Automox

Automox

Avanan

Avanan

Avaya Switch

Switch

AWS

Security lake

AWS

GuardDuty

AWS

Firewall

AWS

Generic S3 Connector

AWS

CloudTrail

AWS

CloudWatch

AWS

WAF

AXGATE

Next Generation Firewall

Barracuda

Firewall

Barracuda

Barracuda Email Security

Barracuda

WAF

BeyondTrust

PasswordSafe

BeyondTrust

BeyondInsight

Bitdefender

Bitdefender

BlackBerry

Cylance PROTECT & OPTICS

BlueCoat

ProxySG

Box

Syslog

Broadcom

Symantec Cloud Workload Protection

Broadcom

Symantec Endpoint Security

Broadcom

Symantec Messaging Gateway

Broadcom

Symantec Email Security

Broadcom

(Blue Coat / Symantec) WSS

Brocade switch

Switch

Calyptix

UTM

Cato Networks

Cato Networks

Centos Audit

Centos

Centrify

Centrify

Cerberus

FTP Server

Check Point

Application Control

Check Point

Check Point

Check Point

URL Filtering

CheckPoint

Harmony EP

CheckPoint

Appliance 730/750 Series

CheckPoint

Firewall

CheckPoint

VPN-1 & FireWall-1 (SmartDefense)

Cisco

AMP

Cisco

FMC

Cisco

Meraki

Cisco

CUCM

Cisco

Identity Services Engine (ISE)

Cisco

Duo Security

Cisco

Routers and Switches

Cisco

WLC

Cisco

IKE

Cisco

VPN

Cisco

UCS

Cisco

ESA

Cisco

Umbrella

Cisco

ASA

Cisco

Firepower

Cisco

MDS

Cisco

Netflow

Cisco

IronPort

Citrix

NetScaler

Citrix

Citrix Access Gateway

Cloudflare

Cloudflare

Comodo

Internet Security/Comodo Client Security

CoreLight

Sensor

CoSoSys

Endpoint Protection

Cribl

Cribl

CrowdStrike

Falcon

CyberArk

Privileged Threat Analytics

CyberCNS

vuln

Cybereason

Cybereason

Cygna Labs

Cygna Auditor

Cynet

Cynet 360

CYRISMA

Cyrisma

D-Link

DBSafer

Deciso

OPNsense 22.1.8

Deep Instinct

Prevention for Applications

Deep Instinct

Prevention for Endpoints

Dell

Integrated Dell Remote Access Controller (iDRAC)

Dell Switch

Switch

DHCPD

(IS DHCP)

DNSVault

Vault

Dragos

Platform

DrayTek

Firewall

eDictionary

eDictionary

Egnyte

Ericom

ZTEdge

ESET

PROTECT

ExtraHop

Reveal(x)

Extreme

Cloud IQ Site Engine

Extreme

WiNG NX 7500 Controller

Extreme

AirDefense

F5

BIG-IP Telemetry

F5

Firewall

F5

IPI

F5

ASM

F5

NGINX

F5

BIG-IP

F5

BIG-IP ASM

F5

BIG-IP FIREWALL

F5

iRule

F5

L7 DDOS

F5

Mitigation

F5

Silverline

F5

WAF

F5

VPN

Forcepoint

Forcepoint

Forcepoint

Firewall

Forcepoint

Web Security

ForeScout

Asset Syslog

Fortinet

Fortimail

Fortinet

(No description)

Fortinet

FortiGate

Fortinet

FortiWeb

FutureSystems

WeGuardia SSL plus (SSL VPN)

Gatewatcher NDR

Network Detection and Response

Google

Workspace

Google

Cloud Audit Log

Guardicore

System Logs

HAProxy

HAProxy

Hibun

Access Logs Event Logs Operation Logs

Hillstone

Hillstone

Huawei

S300, S500, S2700, S5700, S6700, NetEngine40E, iMaster NCE-IP

IBM

AS400

IBM

IBM RazLeeSecurity Audit

Imperva

Jsonar Database Security Tool

Imperva

Log files

Indusface

Web Application Firewall

ISC

dhcpd

Jamf

Protect (MacOS)

Jsonar

Database Security Tools

Juniper

SRX

Juniper

SSG

Juniper

Switch

KasperskyLab

Security Center

Keycloak

Keycloak

LanScope

Cat

LastPass

Reporting

Lepide

data security platform

Linux

syslog

Mailboarder

Agent

ManageEngine

ADAuditPlus

McAfee

Network Security

McAfee

Advanced Threat Defense

MCAS

SIEM Agent

Medigate by Claroty

Medigate

Melapress

Melapress WordPress

Menlo Security

MS-XL50M

Metieye

Security Strategy Research (SSR)

Microsoft

Azure Event Hub

Microsoft

azuread

Microsoft

Microsoft SQL Server (MSSQL)

Microsoft

Windows Defender AV

Microsoft

Windows Event NXLog

Microsoft

Windows System Security

Microsoft

AQTRONiX WebKnight

Microsoft

Azure ATP

Microsoft

Azure MFA

Microsoft

Active Directory

Microsoft

Azure Active Directory

Microsoft

Office 365

Microsoft

Windows Defender for Cloud

Microsoft

Windows Defender for Endpoint

Microsoft

Windows Event

Microsoft

Windows via Graylog

Microsoft

IIS

Microsoft

Windows DNS Server

MicroWorld

eScan

MikroTik

Firewall and Router

Nasuni

System Logs

Tenable Nessus Scanner

(no description)

NetApp

Database

Netfilter

(no description)

NetIQ

Access Manager

NetIQ

Identity Manager

NetIQ

SSO

NetIQ Advanced Authentication

NetIQ Advanced Authentication

Netman

Smart NAC

NetMotion

NetMotion

Netskope

WSG Read More >>

NXLog

System Logs

Okta

(no description)

OneLogin

OneLogin

Open LDAP

(for Cisco ESA, use 5562)

OpenCanary

(no description)

opendental

MySQL

OpenShift

System Logs

OpenVPN

(no description)

OpnSense

Zenarmor plugin logs

Oracle

Database

Oracle

Oracle Cloud Infrastructure (OCI)

Oracle

Oracle Solaris 11 (11.3, 11.4)

Ordr

Connected Device Security

P&P Secure

(no description)

PacketFence

PacketFence

Palo Alto Networks

Prisma Cloud

Palo Alto Networks

NG Firewall

Palo Alto Networks

Traps Agent

Penta Security

WAPPLES WAF

Peplink

Peplink XDR Pro

Perception

Point X-Ray

pfSense Firewall

(no description)

PIOLINK

WEBFRONT-K

PrintChaser

(no description)

Privacy-i

Privacy-i

Proofpoint

Proofpoint

Proofpoint

Proofpoint on Demand

Pulse

Pulse Secure

Qualys

Qualys

Qumulo

Qumulo

Radware

DefensePro

Rapid7

Rapid7

RazLeeSecurity

Audit

Red Hat

Openshift

RedSense Cyber Threat Intelligence

enhanced threat intelligence

RSA

Authentication Manager

Ruckus

Zone Director ZD 1200

RuiJie

RuiJie Switch

SafePC

System Logs

Salesforce

Syslog

SonicWall

NSA 2400

SonicWall

VPN

Sophos

Firewall

Sophos

Central

Sophos

XG

Sophos

Web Appliance

Splashtop

Splashtop Remote Desktop

Splunk

Heavy Forwarder

SSH Host

(no description)

Stormshield

Net Security Firewall

Sunny Valley Networks

Zenarmor

Symantec

Endpoint Protection

Symantec

Firewall

Synology

Directory Server

Tenable

Nessus Scanner

Tenable

Tenable.io

Tenable

Tenable.sc

Thales Group

CipherTrust Manager

Thinkst Canary

Canary

Trellix

(FireEye) Endpoint Security HX

Trellix

MVision

Trend Micro

SMTP

Trend Micro

Deep Security Agent

Trend Micro

TippingPoint Intrusion Prevention System

Trend Micro

Proxy

Trend Micro

Apex Central

Trend Micro

Cloud One

Trend Micro

Vision One

Tripwire

Enterprise

Ubiquiti

UAP-AC-Pro

Unix

(no description)

Untangle

Firewall

Varonis

DatAdvantage

Versa Networks

Firewall

VMWare

Carbon Black

VMware

Carbon Black Cloud

VMware

NSX-T Data Center

VMware

Workspace ONE

VMware

NSX-T Data Center

VMware

UAG

VMware

Vcenter

VMware

ESXi

VMware

XTM (LEEF)

WatchGuard

Firewall Security Appliance

Wazuh

Wazuh Endpoint

Webroot

(no description)

WINS

Sniper NGFW

Wins

IPS ONE-1 / Wins DDX

WithSecure

IPS ONE-1 / Wins DDX

Wowsoft

PrintChaser

Zix Mail

(no description)

Zscaler

ZPA

Zscaler

ZIA Firewall

Zscaler

NSSWeblog

Zscaler

ZIA Web

Zyxel

Firewall

Platform connectors

One-way data feeds that pull telemetry from endpoint, firewall, cloud, SaaS, email, DNS, identity, vulnerability scanners, and databases into our open XDR platform. Normalized, correlated, and ready to investigate. Connectors let you see more.

Cloud security

Prisma Cloud

Broadcom Symantec

Cloud workload protection

Database

Microsoft SQL Server (Klassify)

MySQL

DNS security

HYAS Protect

Email

Barracuda Email Security

Mimecast

Proofpoint on Demand

Proofpoint Targeted Attacke Protection (TAP)

Broadband Symantec Email Security

Endpoint security

Acronis Cyber Protect Cloud

Akamai

Bitdefender

BlackBerry Cylance

Broadcom Symantec Endpoint Security (SES)

Cisco AMP

4.3.0-4.3.4

CrowdStrike (Hosts)

CrowdStrike (Events)

4.3.5+

CrowdStrike (Hosts/Events)

Cybereason

Cynet

Deep Instinct

Forescout

HIBUN

Jamf Protect

Microsoft Defender for Endpoint

SentinelOne

SonicWall Capture Client

Sophos Central

Trellix (FireEye) Endpoint Security HX

Trend Micro Apex Central

Trend Micro Cloud One

Trend Micro Vision One

VMware Carbon Black Cloud

VMware Workspace ONE

Webroot

Firewall

AWS

Barracuda

Check Point

Cisco (Firepower) FMC

Cisco Meraki

F5 BIG-IP ASM

F5 BIG-IP Firewall

F5 Silverline

Fortigate

Hillstone

Palo Alto Networks

SonicWall

Sophos XG

Honeypot

Thinkst Canary

Remote host

SSH Host

SASE

Cato Networks

Webhook

Universal Webhook Responder

IdP

Active Directory

Duo Security

JumpCloud

Okta

OneLogin

Security switch

HanDreamnet Security Switch

PaaS

AWS CloudTrail

AWS CloudWatch

AWS GuardDuty

Azure Event Hub

Google Cloud Audit Log

Oracle Cloud Infrastructure (OCI)

Amazon Security Lake

SaaS

Azure Active Directory

Box

Google Workspace

Office 365

Salesforce

Generic ingestion / telemetry

Syslog

Windows Event Log

Linux Audit Log

SNMP

NetFlow / IPFIX

Vulnerability scanner

CYRISMA

Nessus Scanner

Qualys

Rapid7

Tenable.io

Tenable.sc

Web security

Broadcom (Blue Coat / Symantec) WSS

Cisco Umbrella

Cloudflare

Imperva Incapsula

Indusface

LastPass

NetSkope

PSA/RMM integrations

Direct connections to leading PSA and RMM platforms used by MSPs. Alerts create tickets, assets stay in sync, and workflows integrate into your existing service operations (Exact functionality differs per integration).

Platform integrations

Two-way connections with endpoint, firewall, network, cloud, and identity tools. Trigger containment, push policy changes and automate response workflows from a single platform.

All

Endpoint

Firewall

Absolute

NetMotion

Accops

Accops

Acronis Cyber Protect

Alerts Agents (automatically set in backend)

Ahnlab

EMS

Ahnlab

EPP

AhnLab

Policy Center

AhnLab

TrusGuard

AhnLab

AIPS

AirGap

Ransomware Kill Switch

AIX

AIX

Akamai

Akamai

Alcatel Lucent Switch

Alcatel Lucent Switch

AlfaSiber

Ubuntu 20 Redhat 7 and 8 Centos 6 and 7 Amazon linux 2

Alibaba

Aliyun / AliCloud

Android

Android

Apache

httpd 2.4

AQTRONiX

WebKnight

Aqua

Cloud Native Application Protection Platform (CNAPP)

Arbor

Peakflow SP

Array Networks

Secure Access Gateway

Aruba

Switch

Automox

Automox

Avanan

Avanan

Avaya Switch

Switch

AWS

Security lake

AWS

GuardDuty

AWS

Firewall

AWS

Generic S3 Connector

AWS

CloudTrail

AWS

CloudWatch

AWS

WAF

AXGATE

Next Generation Firewall

Barracuda

Firewall

Barracuda

Barracuda Email Security

Barracuda

WAF

BeyondTrust

PasswordSafe

BeyondTrust

BeyondInsight

Bitdefender

Bitdefender

BlackBerry

Cylance PROTECT & OPTICS

BlueCoat

ProxySG

Box

Syslog

Broadcom

Symantec Cloud Workload Protection

Broadcom

Symantec Endpoint Security

Broadcom

Symantec Messaging Gateway

Broadcom

Symantec Email Security

Broadcom

(Blue Coat / Symantec) WSS

Brocade switch

Switch

Calyptix

UTM

Cato Networks

Cato Networks

Centos Audit

Centos

Centrify

Centrify

Cerberus

FTP Server

Check Point

Application Control

Check Point

Check Point

Check Point

URL Filtering

CheckPoint

Harmony EP

CheckPoint

Appliance 730/750 Series

CheckPoint

Firewall

CheckPoint

VPN-1 & FireWall-1 (SmartDefense)

Cisco

AMP

Cisco

FMC

Cisco

Meraki

Cisco

CUCM

Cisco

Identity Services Engine (ISE)

Cisco

Duo Security

Cisco

Routers and Switches

Cisco

WLC

Cisco

IKE

Cisco

VPN

Cisco

UCS

Cisco

ESA

Cisco

Umbrella

Cisco

ASA

Cisco

Firepower

Cisco

MDS

Cisco

Netflow

Cisco

IronPort

Citrix

NetScaler

Citrix

Citrix Access Gateway

Cloudflare

Cloudflare

Comodo

Internet Security/Comodo Client Security

CoreLight

Sensor

CoSoSys

Endpoint Protection

Cribl

Cribl

CrowdStrike

Falcon

CyberArk

Privileged Threat Analytics

CyberCNS

vuln

Cybereason

Cybereason

Cygna Labs

Cygna Auditor

Cynet

Cynet 360

CYRISMA

Cyrisma

D-Link

DBSafer

Deciso

OPNsense 22.1.8

Deep Instinct

Prevention for Applications

Deep Instinct

Prevention for Endpoints

Dell

Integrated Dell Remote Access Controller (iDRAC)

Dell Switch

Switch

DHCPD

(IS DHCP)

DNSVault

Vault

Dragos

Platform

DrayTek

Firewall

eDictionary

eDictionary

Egnyte

Ericom

ZTEdge

ESET

PROTECT

ExtraHop

Reveal(x)

Extreme

Cloud IQ Site Engine

Extreme

WiNG NX 7500 Controller

Extreme

AirDefense

F5

BIG-IP Telemetry

F5

Firewall

F5

IPI

F5

ASM

F5

NGINX

F5

BIG-IP

F5

BIG-IP ASM

F5

BIG-IP FIREWALL

F5

iRule

F5

L7 DDOS

F5

Mitigation

F5

Silverline

F5

WAF

F5

VPN

Forcepoint

Forcepoint

Forcepoint

Firewall

Forcepoint

Web Security

ForeScout

Asset Syslog

Fortinet

Fortimail

Fortinet

(No description)

Fortinet

FortiGate

Fortinet

FortiWeb

FutureSystems

WeGuardia SSL plus (SSL VPN)

Gatewatcher NDR

Network Detection and Response

Google

Workspace

Google

Cloud Audit Log

Guardicore

System Logs

HAProxy

HAProxy

Hibun

Access Logs Event Logs Operation Logs

Hillstone

Hillstone

Huawei

S300, S500, S2700, S5700, S6700, NetEngine40E, iMaster NCE-IP

IBM

AS400

IBM

IBM RazLeeSecurity Audit

Imperva

Jsonar Database Security Tool

Imperva

Log files

Indusface

Web Application Firewall

ISC

dhcpd

Jamf

Protect (MacOS)

Jsonar

Database Security Tools

Juniper

SRX

Juniper

SSG

Juniper

Switch

KasperskyLab

Security Center

Keycloak

Keycloak

LanScope

Cat

LastPass

Reporting

Lepide

data security platform

Linux

syslog

Mailboarder

Agent

ManageEngine

ADAuditPlus

McAfee

Network Security

McAfee

Advanced Threat Defense

MCAS

SIEM Agent

Medigate by Claroty

Medigate

Melapress

Melapress WordPress

Menlo Security

MS-XL50M

Metieye

Security Strategy Research (SSR)

Microsoft

Azure Event Hub

Microsoft

azuread

Microsoft

Microsoft SQL Server (MSSQL)

Microsoft

Windows Defender AV

Microsoft

Windows Event NXLog

Microsoft

Windows System Security

Microsoft

AQTRONiX WebKnight

Microsoft

Azure ATP

Microsoft

Azure MFA

Microsoft

Active Directory

Microsoft

Azure Active Directory

Microsoft

Office 365

Microsoft

Windows Defender for Cloud

Microsoft

Windows Defender for Endpoint

Microsoft

Windows Event

Microsoft

Windows via Graylog

Microsoft

IIS

Microsoft

Windows DNS Server

MicroWorld

eScan

MikroTik

Firewall and Router

Nasuni

System Logs

Tenable Nessus Scanner

(no description)

NetApp

Database

Netfilter

(no description)

NetIQ

Access Manager

NetIQ

Identity Manager

NetIQ

SSO

NetIQ Advanced Authentication

NetIQ Advanced Authentication

Netman

Smart NAC

NetMotion

NetMotion

Netskope

WSG Read More >>

NXLog

System Logs

Okta

(no description)

OneLogin

OneLogin

Open LDAP

(for Cisco ESA, use 5562)

OpenCanary

(no description)

opendental

MySQL

OpenShift

System Logs

OpenVPN

(no description)

OpnSense

Zenarmor plugin logs

Oracle

Database

Oracle

Oracle Cloud Infrastructure (OCI)

Oracle

Oracle Solaris 11 (11.3, 11.4)

Ordr

Connected Device Security

P&P Secure

(no description)

PacketFence

PacketFence

Palo Alto Networks

Prisma Cloud

Palo Alto Networks

NG Firewall

Palo Alto Networks

Traps Agent

Penta Security

WAPPLES WAF

Peplink

Peplink XDR Pro

Perception

Point X-Ray

pfSense Firewall

(no description)

PIOLINK

WEBFRONT-K

PrintChaser

(no description)

Privacy-i

Privacy-i

Proofpoint

Proofpoint

Proofpoint

Proofpoint on Demand

Pulse

Pulse Secure

Qualys

Qualys

Qumulo

Qumulo

Radware

DefensePro

Rapid7

Rapid7

RazLeeSecurity

Audit

Red Hat

Openshift

RedSense Cyber Threat Intelligence

enhanced threat intelligence

RSA

Authentication Manager

Ruckus

Zone Director ZD 1200

RuiJie

RuiJie Switch

SafePC

System Logs

Salesforce

Syslog

SonicWall

NSA 2400

SonicWall

VPN

Sophos

Firewall

Sophos

Central

Sophos

XG

Sophos

Web Appliance

Splashtop

Splashtop Remote Desktop

Splunk

Heavy Forwarder

SSH Host

(no description)

Stormshield

Net Security Firewall

Sunny Valley Networks

Zenarmor

Symantec

Endpoint Protection

Symantec

Firewall

Synology

Directory Server

Tenable

Nessus Scanner

Tenable

Tenable.io

Tenable

Tenable.sc

Thales Group

CipherTrust Manager

Thinkst Canary

Canary

Trellix

(FireEye) Endpoint Security HX

Trellix

MVision

Trend Micro

SMTP

Trend Micro

Deep Security Agent

Trend Micro

TippingPoint Intrusion Prevention System

Trend Micro

Proxy

Trend Micro

Apex Central

Trend Micro

Cloud One

Trend Micro

Vision One

Tripwire

Enterprise

Ubiquiti

UAP-AC-Pro

Unix

(no description)

Untangle

Firewall

Varonis

DatAdvantage

Versa Networks

Firewall

VMWare

Carbon Black

VMware

Carbon Black Cloud

VMware

NSX-T Data Center

VMware

Workspace ONE

VMware

NSX-T Data Center

VMware

UAG

VMware

Vcenter

VMware

ESXi

VMware

XTM (LEEF)

WatchGuard

Firewall Security Appliance

Wazuh

Wazuh Endpoint

Webroot

(no description)

WINS

Sniper NGFW

Wins

IPS ONE-1 / Wins DDX

WithSecure

IPS ONE-1 / Wins DDX

Wowsoft

PrintChaser

Zix Mail

(no description)

Zscaler

ZPA

Zscaler

ZIA Firewall

Zscaler

NSSWeblog

Zscaler

ZIA Web

Zyxel

Firewall

Platform connectors

One-way data feeds that pull telemetry from endpoint, firewall, cloud, SaaS, email, DNS, identity, vulnerability scanners, and databases into our open XDR platform. Normalized, correlated, and ready to investigate. Connectors let you see more.

Cloud security

Prisma Cloud

Broadcom Symantec

Cloud workload protection

Database

Microsoft SQL Server (Klassify)

MySQL

DNS security

HYAS Protect

Email

Barracuda Email Security

Mimecast

Proofpoint on Demand

Proofpoint Targeted Attacke Protection (TAP)

Broadband Symantec Email Security

Endpoint security

Acronis Cyber Protect Cloud

Akamai

Bitdefender

BlackBerry Cylance

Broadcom Symantec Endpoint Security (SES)

Cisco AMP

4.3.0-4.3.4

CrowdStrike (Hosts)

CrowdStrike (Events)

4.3.5+

CrowdStrike (Hosts/Events)

Cybereason

Cynet

Deep Instinct

Forescout

HIBUN

Jamf Protect

Microsoft Defender for Endpoint

SentinelOne

SonicWall Capture Client

Sophos Central

Trellix (FireEye) Endpoint Security HX

Trend Micro Apex Central

Trend Micro Cloud One

Trend Micro Vision One

VMware Carbon Black Cloud

VMware Workspace ONE

Webroot

Firewall

AWS

Barracuda

Check Point

Cisco (Firepower) FMC

Cisco Meraki

F5 BIG-IP ASM

F5 BIG-IP Firewall

F5 Silverline

Fortigate

Hillstone

Palo Alto Networks

SonicWall

Sophos XG

Honeypot

Thinkst Canary

Remote host

SSH Host

SASE

Cato Networks

Webhook

Universal Webhook Responder

IdP

Active Directory

Duo Security

JumpCloud

Okta

OneLogin

Security switch

HanDreamnet Security Switch

PaaS

AWS CloudTrail

AWS CloudWatch

AWS GuardDuty

Azure Event Hub

Google Cloud Audit Log

Oracle Cloud Infrastructure (OCI)

Amazon Security Lake

SaaS

Azure Active Directory

Box

Google Workspace

Office 365

Salesforce

Generic ingestion / telemetry

Syslog

Windows Event Log

Linux Audit Log

SNMP

NetFlow / IPFIX

Vulnerability scanner

CYRISMA

Nessus Scanner

Qualys

Rapid7

Tenable.io

Tenable.sc

Web security

Broadcom (Blue Coat / Symantec) WSS

Cisco Umbrella

Cloudflare

Imperva Incapsula

Indusface

LastPass

NetSkope

The simplest path to superior cybersecurity.

The simplest path to superior cybersecurity.

Book a consultation

The simplest path to superior cybersecurity.

Book a consultation