DFLabs’ Integration Partners
As we continue to develop our IncMan Security Orchestration, Automation and Response (SOAR) platform, one of DFLabs’ main goals is to enable an ever-more streamlined and effective integration with third-party security technologies, in an effort to leverage their capabilities towards creating the most comprehensive and efficient security system possible.
Currently, IncMan supports hundreds of third-party security technologies via QIC, API, CEF, Syslog, and Email, with a constantly growing list of certified bidirectional integrations.
Carbon Black Defense
Next generation antivirus, streaming defense with AV machine learning capabilities.
Carbon Black Response
Highly scalable, real-time EDR with unfiltered visibility for top security operations centers and incident response teams.
Advanced sandboxing with threat intelligence aimed at detecting malware.
Secure Internet Gateway in the cloud, Cisco Umbrella provides the first line of defense against threats on the internet. Because Umbrella is delivered from the cloud, it is the easiest way to protect all of your users in minutes.
Cisco Umbrella Investigate
Provides a complete view of internet domains, IP addresses and systems.
Cloud-delivered endpoint protection. It both delivers and unifies IT Hygiene, next-generation antivirus, endpoint detection and response (EDR), managed threat hunting, and threat intelligence — all delivered via a single lightweight agent.
To analyze malware using the open source Cuckoo sandbox.
Electronic Mail (email or e-mail) is a method of exchanging messages (“mail”) between people using electronic devices.
For complete forensics and evidence management.
Google Maps geolocation API
For trusted vulnerability scanning.
For comprehensive ticket management.
To connect, search and modify Internet directories.
To detect advanced, evasive malware.
Security management software for systems, networks, data, and compliance solutions.
Combines threat information sources to provide adaptive threat detection.
McAfee Web Gateway
To share critical security information between security platforms.
Microsoft Active Directory
Query Active Directory for users, computers and other objects in real time.
Microsoft SQL Server
SQL-based relational database management system.
MISP Threat Sharing
For malware threat information sharing.
To gather rich information by running SQL queries.
The STIX indicator’s test mechanism field is an extensive alternative to providing an indicator signature in something other than CybOX (open indicators of compromize, open vulnerability, and assessment language), SNORT rules and YARA rules are supported as default extensions to test that mechanism field.
A 360-degree visibility across all endpoints, devices and networks to enable discreet, forensically-sound data collection for litigation and investigations.
Palo Alto NGFW
Next-generation firewall classifies all traffic, including encrypted traffic, based on application, application function, user and content.
Palo Alto Wildfire
Cloud based threat analysis dynamic Machine learning, bare metal analysis for Malware, zero day exploits.
Palo Alto Panorama
Network security management simplifying management tasks while delivering comprehensive controls and deep visibility into network-wide traffic and security threats.
General-purpose programming language, mostly used for system administration, web development, network programming, and GUI development.
PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads.
General-purpose programming language that lets you work quickly and integrate systems more effectively.
Consolidation of log source event data from thousands of device endpoints and applications distributed throughout a network.
Universal threat Intelligence solution. Using unique technology, it automatically serves up relevant insights in real time and at an unparalleled scale.
Online screenshot rendering. Whatever you need to get a full length screenshot of or thumbnail, you got it.
Automation of investigations, including quick and effective collection of data. Delivering advancements in machine learning, with massive scale and speed for data analytics, monitoring and alerting.
Structured Threat Information Expression (STIX) is a structured language for describing cyber threat information, so it can be shared, stored and analyzed in a consistent manner.
Syslog is used for system management and security auditing, as well as general informational, analysis, and debugging messages.
Intelligence-driven orchestration, threat intelligence platform, and security operations and analytics platform.
Analyzing suspicious files and URLs to detect types of malware including viruses, worms, and Trojans.
This protocol stores and delivers database content in a human-readable format, and is used look up domains, people and other resources related to domain and number registrations.