Free community edition

Request a demo

Integration Partners

Seamlessly Integrate and Orchestrate Your Security Tools.

As we continue to develop our Security Orchestration, Automation and Response platform, IncMan SOAR, one of our main goals is to provide a streamlined integration with the most popular third-party security tools and technologies.

DFLabs aims to leverage their capabilities and create the most comprehensive and efficient security operations solution possible.

Currently, IncMan SOAR supports hundreds of third-party security technologies via QIC, API, CEF, Syslog, and Email, with a constantly growing list of certified bidirectional integrations and provides an Open Integration Framework for custom integrations.

AccessData FTK

Forensic acquisition and verification information from FTK.

AlienVault OTX

Open threat sharing and intelligence platform.

AWS Security Hub

Comprehensive view of your high-priority security alerts and compliance status across AWS accounts.

Bash

Scripting for custom solutions and integrations.

Basis Technology Cyber Triage

Perform agentless triage of endpoints to gather incident artifacts and IOCs.

BMC Remedy

Comprehensive IT service management.

Solution brief

CA Service Desk

IT service desk management solution.

Carbon Black Defense

Next generation antivirus, streaming defense with AV machine learning capabilities.

Carbon Black Protection

Application control and critical infrastructure protection for the endpoint.

Carbon Black Response

Advanced endpoint detection and response.

CheckPoint

Unified Security Management for network and cloud environments.

Solution brief

CIRCL CVE Search

Query CIRCL's CVE database for vulnerability information.

Cisco AMP

Advanced endpoint detection and response solution.

Cisco ASA

Protect corporate networks and data centers of all sizes with Cisco's Adaptive Security Appliance.

Cisco Email Security

Email security and management solution, formerly known as IronPort.

Cisco Firepower

Complete and unified management of network devices, intrusion detection and malware prevention.

Cisco Firepower

Utilize packet data and search into Cisco Firepower events.

Cisco ISE

Utilize Cisco ISE session, policy, and security group information during an investigation.

Cisco Meraki

The leader in cloud controlled WiFi, routing, and security.

Cisco Talos

Query threat intelligence generated by the Cisco Talos group.

Cisco Threat Grid

Advanced sandboxing and threat intelligence to detect malware.

Cisco Umbrella

Cloud-based security Internet gateway.

Cisco Umbrella Investigate

Advanced intelligence and reputation data for domains, IP addresses and ASNs.

Cofense

Formerly PhishMe. Comprehensive phishing intelligence to detect and block phishing attacks.

Corelight

Utilize Corelight during incident investigation.

CrowdStrike Falcon

Advanced endpoint detection and response.

Cuckoo Sandbox

Open source automated malware analysis platform.

Solution brief

Cybereason

End-to-end solution for endpoint protection, detection, investigation and response.

CylanceProtect

AI driven technology prevents attacks before they can damage your devices, network, or reputation.

DarkOwl

Perform threat intelligence evidence gathering with DarkOwl.

Digital Shadows

Minimize digital risk by identifying unwanted exposure and protecting against external threats.

Domain Dossier

WHOIS information for domains and IP addresses.

DomainTools

DomainTools Iris Investigate for advanced reputation services.

Elastic Stack

Reliably and securely take data from any source, in any format, and search, analyze, and visualize it.

Email

SMTP and IMAP for sending and receiving email.

F5 AS3

Manipulate F5 AS3 configurations during an active investigation.

Fidelis Elevate Network

Network traffic analysis, data loss prevention (DLP), threat detection and response across networks.

FireEye Central Management (CM)

Centralize device and intelligence management to correlate data across attack vectors.

FireEye Email Security (EX)

Cloud-based secure email gateway.

FireEye HX

Advanced endpoint detection and response.

FireEye Network Security (NX)

Effective protection against cyber breaches for midsize to large organizations.

FireEye Threat Intelligence

Rich context to mitigate threats.

FortiAnalyzer

Security-driven analytics and log management.

FortiGate

High threat protection performance with automated visibility to stop attacks.

FortiMail

Stop advanced email threats and prevent data loss.

FortiSIEM

Unified event correlation and risk management for modern networks.

FortiWeb

Comprehensive web application security.

Gmail

Free email service from Google.

Hacker Target

Online resource for information gathering and scanning.

HP Universal CMDB

Gather host configuration data with HP Universal CMDB.

Hybrid Analysis

Online sandbox for file and URL analysis.

IBM DB2

Suite of database-server products from IBM.

IBM QRadar

Security Information and Event Management from IBM.

IBM X-Force Exchange

Trusted threat intelligence and reputation sharing solution.

Imperva Incapsula

Gather statistical information from Incapsula for incident investigation.

Imperva SecureSphere

Retrieve and modify IP groups for incident investigation and remediation.

Javelin AD Protect

Gather detailed information from Javelin AD Protect alerts.

Solution brief

Jira

Issue and project tracking solution for IT and development.

Solution brief

Kaspersky TIP

Utilize Kaspersky threat intelligence feeds during incident investigation.

KnowBe4

Utilize findings from KnowBe4 security awareness training events during an incident investigation.

Lastline Analyst

Safely execute malware samples in advanced malware inspection and isolation environment.

LDAP

Open protocol for maintaining a distributed directory information service.

LogPoint

Next generation Security Information and Event Management solution.

Solution brief

Mainframe

Decentralized network for surveillance-resistant and censorship-resistant applications.

MaxMind

Graphical geolocation information for IP addresses.

McAfee ATD

Advanced threat detection and investigation solution.

McAfee ePO

Flexible, scalable centralized security management software.

McAfee ESM

Work with McAfee ESM Events, Alarms and Watchlists.

McAfee TIE

Comprehensive threat intelligence platform utilizing OpenDXL.

McAfee Web Gateway

High performance on-premise web gateway and security appliance.

Micro Focus ArcSight ESM

Security Information and Event Management from Micro Focus.

Solution brief

Micro Focus ArcSight Logger

Universal log management solution that unifies searching and reporting.

Solution brief

Microsoft Active Directory

Query and contain users and computers through Microsoft Active Directory.

Microsoft Azure Security Center

Manage security alerts, tasks and policies within the Microsoft Azure environment.

Microsoft Exchange (EWS)

Web services for the Microsoft Exchange messaging solution.

Microsoft Graph Security

Correlate alerts, get context for investigation, and automate security operations.

Microsoft OneDrive

Utilize and manipulate files for incident investigation using OneDrive.

Microsoft PowerShell

PowerShell scripting for custom solutions and integrations.

Microsoft Sharepoint

Utilize Microsoft Sharepoint lists, files, and folders during incident investigations.

Microsoft SQL Server

Relational database management system from Microsoft.

MISP Threat Sharing

Open source threat intelligence and indicator sharing platform.

MySQL

Open source relational database management system from MySQL.

OpenIOC

Open framework for sharing threat intelligence and indicators.

OpenText EnCase

Computer forensics and digital investigations suite.

PagerDuty

Automatically notify and update all incident response team members during an incident.

Solution brief

Palo Alto Auto Focus

Utilize Palo Alto Auto Focus threat intelligence feeds during incident investigation.

Palo Alto NGFW

Manage Palo Alto next generation firewalls using PAN-OS.

Palo Alto Panorama

Centralized network security management platform.

Palo Alto Wildfire

Cloud-based threat analysis and intelligence service.

PassiveTotal

Simplify the event investigation process by providing a consolidated platform of data necessary to accurately understand, triage, and address security events.

Perl

Perl scripting for custom solutions and integrations.

PhishTank

A collaborative clearing house for data and information about phishing on the Internet.

PostgreSQL

Open source relational database management system from PostgreSQL.

Python

Python scripting for custom solutions and integrations.

Recorded Future

Universal threat intelligence solution providing relevant insights in real time.

Solution brief

RSA NetWitness Platform

Advanced network logging, threat detection and response.

Screenshot Machine

Capture screenshots of websites as they currently exist.

Securonix

A modern SIEM platform with next-generation capabilities.

ServiceNow

Suite of ITSM modules supporting many aspects of IT and security.

Shodan

The World's first search engine for Internet-connected devices.

SolarWinds Orion

Perform a wide variety of Enrichment, Notification, and Containment actions for incident investigation and response with SolarWinds Orion.

Splunk

Security Information and Event Management from Splunk.

STIX

Industry standard frameworks for describing and sharing various threat information.

Symantec DeepSight

Gather threat intelligence data from Symantec DeepSight for incident investigation.

Symantec Endpoint Protection Cloud

Cloud-hosted enterprise endpoint protection.

Symantec Secure Web Gateway

Comprehensive Web Application Security.

Symantec SWS

Incorporate Symantec SWS tickets and incidents during incident investigation.

Symantec WebPulse

Site review request service by Symantec.

Syslog

Messaging protocol for sharing log data and other information.

Tableau

Forensic acquisition and verification information from Tableau Forensic Imagers.

TAXII

Industry standard framework for describing and sharing various threat information.

Tenable SecurityCenter

Industry leading vulnerability scanning and management platform

Tenable.io

Cloud-based vulnerability management platform.

TheHive

Open source incident and observable tracking platform.

ThreatConnect

To find threats and evaluate risk.

Tufin

Orchestrate network policies and compliance through a centralized platform.

Solution brief

Twilio

Cloud communications platform as a service to send SMS messages.

URLhaus

Threat intelligence provider operated by abuse.ch.

URLscan.io

Scan and analyze websites.

VirusTotal

Analyze suspicious files and URLs online using industry leading detection technologies.

VMWare vSphere

Utilize and manipulate virtual machines during an incident investigation with VMWare vSphere.

Whois

Domain name lookup service to search the Whois database for domain name registration information.

X-Ways

Forensic acquisition and verification information from X-Ways.

Get Started with a One-to-One Personalized Demo

Dramatically reduce the mean time to detection, response and remediation of all potential security incidents, ensuring no alert goes untouched.

See IncMan SOAR in Action.

Request a demo