As we continue to develop our Security Orchestration, Automation and Response platform, IncMan SOAR, one of our main goals is to provide a streamlined integration with the most popular third-party security tools and technologies.
DFLabs aims to leverage their capabilities and create the most comprehensive and efficient security operations solution possible.
Currently, IncMan SOAR supports hundreds of third-party security technologies via QIC, API, CEF, Syslog, and Email, with a constantly growing list of certified bidirectional integrations and provides an Open Integration Framework for custom integrations.
Interact with AWS CloudTrail through Trails and Events.
Interact with AWS CloudWatch through Groups, Streams, Metric Filters, and Retention Policies.
Using the integration with EC2, you can enrich incidents with specific EC2 data, create and delete snapshots, work with elastic addresses and instances, and manipulate security groups.
Using the integration with IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.
AWS Route 53
Interact with DNS records through AWS Route53.
Interact with AWS S3 buckets, objects, and policies.
Utilize AWS SQS queues during incident investigations.
Unified Security Management for network and cloud environments.
Protect corporate networks and data centers of all sizes with Cisco's Adaptive Security Appliance.
Complete and unified management of network devices, intrusion detection and malware prevention.
Utilize packet data and search into Cisco Firepower events.
Cisco IOS XE
Utilize and manipulate ACLs and Interfaces with Cisco IOS XE.
Utilize Cisco ISE session, policy, and security group information during an investigation.
The leader in cloud controlled WiFi, routing, and security.
Cloud-based security Internet gateway.
Create, update, search, and gather ticket information from ConnectWise.
Utilize Corelight during incident investigation.
Manipulate F5 AS3 configurations during an active investigation.
Fidelis Elevate Network
Network traffic analysis, data loss prevention (DLP), threat detection and response across networks.
FireEye Central Management (CM)
Centralize device and intelligence management to correlate data across attack vectors.
FireEye Network Security (NX)
Effective protection against cyber breaches for midsize to large organizations.
High threat protection performance with automated visibility to stop attacks.
Comprehensive web application security.
HP Universal CMDB
Gather host configuration data with HP Universal CMDB.
Gather statistical information from Incapsula for incident investigation.
Retrieve and modify IP groups for incident investigation and remediation.
McAfee Web Gateway
High performance on-premise web gateway and security appliance.
Utilize and manipulate files for incident investigation using OneDrive.
Utilize Microsoft Sharepoint lists, files, and folders during incident investigations.
Palo Alto NGFW
Manage Palo Alto next generation firewalls using PAN-OS.
Palo Alto Panorama
Centralized network security management platform.
RSA NetWitness Platform
Advanced network logging, threat detection and response.
Perform a wide variety of Enrichment, Notification, and Containment actions for incident investigation and response with SolarWinds Orion.
Symantec Secure Web Gateway
Comprehensive Web Application Security.
Trend Micro Deep Security
Utilize Trend Micro Deep Security to interact with IP lists, firewall and intrusion rules, and gather enrichment data during incident investigations.
Orchestrate network policies and compliance through a centralized platform.
Utilize and manipulate virtual machines during an incident investigation with VMWare vSphere.