Integrations - Network

Seamlessly Integrate and Orchestrate Your Security Tools.

As we continue to develop our Security Orchestration, Automation and Response platform, IncMan SOAR, one of our main goals is to provide a streamlined integration with the most popular third-party security tools and technologies.

DFLabs aims to leverage their capabilities and create the most comprehensive and efficient security operations solution possible.

Currently, IncMan SOAR supports hundreds of third-party security technologies via QIC, API, CEF, Syslog, and Email, with a constantly growing list of certified bidirectional integrations and provides an Open Integration Framework for custom integrations.

AWS CloudTrail

Interact with AWS CloudTrail through Trails and Events.

AWS CloudWatch

Interact with AWS CloudWatch through Groups, Streams, Metric Filters, and Retention Policies.


Using the integration with EC2, you can enrich incidents with specific EC2 data, create and delete snapshots, work with elastic addresses and instances, and manipulate security groups.


Using the integration with IAM, you can create and manage AWS users and groups, and use permissions to allow and deny their access to AWS resources.

AWS Route 53

Interact with DNS records through AWS Route53.


Interact with AWS S3 buckets, objects, and policies.


Utilize AWS SQS queues during incident investigations.


Unified Security Management for network and cloud environments.

Solution brief

Cisco ASA

Protect corporate networks and data centers of all sizes with Cisco's Adaptive Security Appliance.

Cisco Firepower

Complete and unified management of network devices, intrusion detection and malware prevention.

Cisco Firepower

Utilize packet data and search into Cisco Firepower events.

Cisco IOS XE

Utilize and manipulate ACLs and Interfaces with Cisco IOS XE.

Cisco ISE

Utilize Cisco ISE session, policy, and security group information during an investigation.

Cisco Meraki

The leader in cloud controlled WiFi, routing, and security.

Cisco Umbrella

Cloud-based security Internet gateway.

Solution brief

ConnectWise Manage

Create, update, search, and gather ticket information from ConnectWise.


Utilize Corelight during incident investigation.

F5 AS3

Manipulate F5 AS3 configurations during an active investigation.

Fidelis Elevate Network

Network traffic analysis, data loss prevention (DLP), threat detection and response across networks.

FireEye Central Management (CM)

Centralize device and intelligence management to correlate data across attack vectors.

FireEye Network Security (NX)

Effective protection against cyber breaches for midsize to large organizations.


High threat protection performance with automated visibility to stop attacks.


Comprehensive web application security.

HP Universal CMDB

Gather host configuration data with HP Universal CMDB.

Imperva Incapsula

Gather statistical information from Incapsula for incident investigation.

Imperva SecureSphere

Retrieve and modify IP groups for incident investigation and remediation.

McAfee Web Gateway

High performance on-premise web gateway and security appliance.

Microsoft OneDrive

Utilize and manipulate files for incident investigation using OneDrive.

Microsoft Sharepoint

Utilize Microsoft Sharepoint lists, files, and folders during incident investigations.

Palo Alto NGFW

Manage Palo Alto next generation firewalls using PAN-OS.

Palo Alto Panorama

Centralized network security management platform.

RSA NetWitness Platform

Advanced network logging, threat detection and response.

Solution brief

SolarWinds Orion

Perform a wide variety of Enrichment, Notification, and Containment actions for incident investigation and response with SolarWinds Orion.

Symantec Secure Web Gateway

Comprehensive Web Application Security.

Trend Micro Deep Security

Utilize Trend Micro Deep Security to interact with IP lists, firewall and intrusion rules, and gather enrichment data during incident investigations.


Orchestrate network policies and compliance through a centralized platform.

Solution brief

VMWare vSphere

Utilize and manipulate virtual machines during an incident investigation with VMWare vSphere.

Get Started with a One-to-One Personalized Demo

Dramatically reduce the mean time to detection, response and remediation of all potential security incidents, ensuring no alert goes untouched.

See IncMan SOAR in Action.

Request a demo