Integrations - Threat Intelligence

Seamlessly Integrate and Orchestrate Your Security Tools.

As we continue to develop our Security Orchestration, Automation and Response platform, IncMan SOAR, one of our main goals is to provide a streamlined integration with the most popular third-party security tools and technologies.

DFLabs aims to leverage their capabilities and create the most comprehensive and efficient security operations solution possible.

Currently, IncMan SOAR supports hundreds of third-party security technologies via QIC, API, CEF, Syslog, and Email, with a constantly growing list of certified bidirectional integrations and provides an Open Integration Framework for custom integrations.


Gather IP Reputation Information with DFLabs Integration with AbuseIPDB.

AlienVault OTX

Open threat sharing and intelligence platform.


Gather detonation data for files and URL using ANY.RUN.


Enrich incident evidence with threat intelligence data from Blueliv.


Search Censys for enrichment data during active investigation.

Cisco Talos

Query threat intelligence generated by the Cisco Talos group.

Cisco Threat Grid

Advanced sandboxing and threat intelligence to detect malware.

Solution brief


Formerly PhishMe. Comprehensive phishing intelligence to detect and block phishing attacks.

Solution brief


Perform threat intelligence evidence gathering with DarkOwl.

Digital Shadows

Minimize digital risk by identifying unwanted exposure and protecting against external threats.


DomainTools Iris Investigate for advanced reputation services.

Solution brief

FireEye AX

Inspect malicious files using FireEye AX.

FireEye Threat Intelligence

Rich context to mitigate threats.

IBM X-Force Exchange

Trusted threat intelligence and reputation sharing solution.

Kaspersky Threat Intelligence Portal

Global intelligence delivering in-depth visibility into threats targeting your business.


Utilize findings from KnowBe4 security awareness training events during an incident investigation.

McAfee TIE

Comprehensive threat intelligence platform utilizing OpenDXL.

MISP Threat Sharing

Open source threat intelligence and indicator sharing platform.


Utilize MXToolbox to gather MX records for enrichment data during incident investigation.


Open framework for sharing threat intelligence and indicators.

Palo Alto Auto Focus

Utilize Palo Alto Auto Focus threat intelligence feeds during incident investigation.

Palo Alto Wildfire

Cloud-based threat analysis and intelligence service.


Simplify the event investigation process by providing a consolidated platform of data necessary to accurately understand, triage, and address security events.


A collaborative clearing house for data and information about phishing on the Internet.

Recorded Future

Universal threat intelligence solution providing relevant insights in real time.

Solution brief


The World's first search engine for Internet-connected devices.

Sophos Central

Utilize Sophos Central enrichment data during incident investigations.


Industry standard frameworks for describing and sharing various threat information.

Symantec DeepSight

Gather threat intelligence data from Symantec DeepSight for incident investigation.

Symantec WebPulse

Site review request service by Symantec.


Industry standard framework for describing and sharing various threat information.


Open source incident and observable tracking platform.

Threat Crowd

Search malicious indicators using Threat Crowd intelligence feeds.


To find threats and evaluate risk.


Search DNS records for enrichment data with DFLabs integration with ThreatMiner.


Threat intelligence provider operated by


Analyze suspicious files and URLs online using industry leading detection technologies.

Get Started with a One-to-One Personalized Demo

Dramatically reduce the mean time to detection, response and remediation of all potential security incidents, ensuring no alert goes untouched.

See IncMan SOAR in Action.

Request a demo