As we continue to develop our Security Orchestration, Automation and Response platform, IncMan SOAR, one of our main goals is to provide a streamlined integration with the most popular third-party security tools and technologies.
DFLabs aims to leverage their capabilities and create the most comprehensive and efficient security operations solution possible.
Currently, IncMan SOAR supports hundreds of third-party security technologies via QIC, API, CEF, Syslog, and Email, with a constantly growing list of certified bidirectional integrations and provides an Open Integration Framework for custom integrations.
Open threat sharing and intelligence platform.
Gather detonation data for files and URL using ANY.RUN.
Interact with AWS GuardDuty during incident investigation.
Search Censys for enrichment data during active investigation.
Query threat intelligence generated by the Cisco Talos group.
Cisco Threat Grid
Advanced sandboxing and threat intelligence to detect malware.
Cisco Threat Response
Gather Cisco Threat Response threat intelligence data to enrich incident artifacts.
Formerly PhishMe. Comprehensive phishing intelligence to detect and block phishing attacks.
Perform threat intelligence evidence gathering with DarkOwl.
Minimize digital risk by identifying unwanted exposure and protecting against external threats.
DomainTools Iris Investigate for advanced reputation services.
FireEye Threat Intelligence
Rich context to mitigate threats.
IBM X-Force Exchange
Trusted threat intelligence and reputation sharing solution.
Kaspersky Threat Intelligence Portal
Global intelligence delivering in-depth visibility into threats targeting your business.
Utilize findings from KnowBe4 security awareness training events during an incident investigation.
Comprehensive threat intelligence platform utilizing OpenDXL.
MISP Threat Sharing
Open source threat intelligence and indicator sharing platform.
Utilize MXToolbox to gather MX records for enrichment data during incident investigation.
Open framework for sharing threat intelligence and indicators.
Palo Alto Auto Focus
Utilize Palo Alto Auto Focus threat intelligence feeds during incident investigation.
Palo Alto Wildfire
Cloud-based threat analysis and intelligence service.
Simplify the event investigation process by providing a consolidated platform of data necessary to accurately understand, triage, and address security events.
A collaborative clearing house for data and information about phishing on the Internet.
Universal threat intelligence solution providing relevant insights in real time.
The World's first search engine for Internet-connected devices.
Utilize Sophos Central enrichment data during incident investigations.
Industry standard frameworks for describing and sharing various threat information.
Gather threat intelligence data from Symantec DeepSight for incident investigation.
Site review request service by Symantec.
Industry standard framework for describing and sharing various threat information.
Open source incident and observable tracking platform.
Search malicious indicators using Threat Crowd intelligence feeds.
To find threats and evaluate risk.
Threat intelligence provider operated by abuse.ch.
Analyze suspicious files and URLs online using industry leading detection technologies.