Integrations

DFLabs’ Integration Partners

As we continue to develop our IncMan Security Orchestration, Automation and Response (SOAR) platform, one of DFLabs’ main goals is to enable an ever-more streamlined and effective integration with third-party security technologies, in an effort to leverage their capabilities towards creating the most comprehensive and efficient security system possible.

Currently, IncMan supports hundreds of third-party security technologies via QIC, API, CEF, Syslog, and Email, with a constantly growing list of certified bidirectional integrations.

BMC Remedy

For comprehensive ticket management.

 

Carbon Black Defense

Next generation antivirus, streaming defense with AV machine learning capabilities.

Carbon Black Response

Highly scalable, real-time EDR with unfiltered visibility for top security operations centers and incident response teams.

Cisco ThreatGrid

Advanced sandboxing with threat intelligence aimed at detecting malware.

Cisco Umbrella

Secure Internet Gateway in the cloud, Cisco Umbrella provides the first line of defense against threats on the internet. Because Umbrella is delivered from the cloud, it is the easiest way to protect all of your users in minutes.

Cisco Umbrella Investigate

Provides a complete view of internet domains, IP addresses and systems.

Crowdstrike Falcon

Cloud-delivered endpoint protection. It both delivers and unifies IT Hygiene, next-generation antivirus, endpoint detection and response (EDR), managed threat hunting, and threat intelligence — all delivered via a single lightweight agent.

Cuckoo Sandbox

To analyze malware using the open source Cuckoo sandbox.

Email

Electronic Mail (email or e-mail) is a method of exchanging messages (“mail”) between people using electronic devices.

EnCase Forensics

For complete forensics and evidence management.

Geolocate

Google Maps geolocation API

Hacker Target

For trusted vulnerability scanning.

Jira

For comprehensive ticket management.

LDAP

To connect, search and modify Internet directories.

McAfee ADT

To detect advanced, evasive malware.

McAfee ePO

Security management software for systems, networks, data, and compliance solutions.

McAfee TIE

Combines threat information sources to provide adaptive threat detection.

McAfee Web Gateway

To share critical security information between security platforms.

Microsoft Active Directory

Query Active Directory for users, computers and other objects in real time.

Microsoft SQL Server

SQL-based relational database management system.

MISP Threat Sharing

For malware threat information sharing.

MySQL

To gather rich information by running SQL queries.

OpenIOC

The STIX indicator’s test mechanism field is an extensive alternative to providing an indicator signature in something other than CybOX (open indicators of compromize, open vulnerability, and assessment language), SNORT rules and YARA rules are supported as default extensions to test that mechanism field.

OpenText Encase

A 360-degree visibility across all endpoints, devices and networks to enable discreet, forensically-sound data collection for litigation and investigations.

Palo Alto NGFW

Next-generation firewall classifies all traffic, including encrypted traffic, based on application, application function, user and content.

Palo Alto Wildfire

Cloud based threat analysis dynamic Machine learning, bare metal analysis for Malware, zero day exploits.

Palo Alto Panorama

Network security management simplifying management tasks while delivering comprehensive controls and deep visibility into network-wide traffic and security threats.

Perl

General-purpose programming language, mostly used for system administration, web development, network programming, and GUI development.

PostgreSQL

PostgreSQL is a powerful, open source object-relational database system that uses and extends the SQL language combined with many features that safely store and scale the most complicated data workloads.

Python

General-purpose programming language that lets you work quickly and integrate systems more effectively.

QRadar

Consolidation of log source event data from thousands of device endpoints and applications distributed throughout a network.

Recorded Future

Universal threat Intelligence solution. Using unique technology, it automatically serves up relevant insights in real time and at an unparalleled scale.

Screenshot Machine

Online screenshot rendering. Whatever you need to get a full length screenshot of or thumbnail, you got it.

Splunk

Automation of investigations, including quick and effective collection of data. Delivering advancements in machine learning, with massive scale and speed for data analytics, monitoring and alerting.

STIX integration partner logo

STIX

Structured Threat Information Expression (STIX) is a structured language for describing cyber threat information, so it can be shared, stored and analyzed in a consistent manner.

Syslog

Syslog is used for system management and security auditing, as well as general informational, analysis, and debugging messages.

ThreatConnect

Intelligence-driven orchestration, threat intelligence platform, and security operations and analytics platform.

VirusTotal

Analyzing suspicious files and URLs to detect types of malware including viruses, worms, and Trojans.

Whois

This protocol stores and delivers database content in a human-readable format, and is used look up domains, people and other resources related to domain and number registrations.

If you are interested in a potential integration of your security technology with our IncMan platform, please feel free to contact us.